void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-15 00:43:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Turn off wrapping as it makes things hard to follow in some cases.

Browse source
This commit is contained in:
Adam Ierymenko 2021-04-26 20:33:38 -04:00
parent cd68474e47
commit 76244f0474
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
59 changed files with 1951 additions and 4468 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.clang-format
View file

@ -62,14 +62,14 @@ UseTab: 'false'
--- ---
Language: Cpp Language: Cpp
Standard: Cpp03 Standard: Cpp03
ColumnLimit: '160' ColumnLimit: '240'
--- ---
Language: ObjC Language: ObjC
ColumnLimit: '160' ColumnLimit: '240'
--- ---
Language: Java Language: Java
ColumnLimit: '160' ColumnLimit: '240'
--- ---
Language: CSharp Language: CSharp
ColumnLimit: '160' ColumnLimit: '240'
... ...

192
core/AES.cpp
View file

@ -32,27 +32,22 @@ namespace ZeroTier {
namespace { namespace {
#define s_bmul32(N, x, y, rh, rl) \ #define s_bmul32(N, x, y, rh, rl) \
uint32_t x0t_##N = (x)&0x11111111U; \ uint32_t x0t_##N = (x)&0x11111111U; \
uint32_t x1t_##N = (x)&0x22222222U; \ uint32_t x1t_##N = (x)&0x22222222U; \
uint32_t x2t_##N = (x)&0x44444444U; \ uint32_t x2t_##N = (x)&0x44444444U; \
uint32_t x3t_##N = (x)&0x88888888U; \ uint32_t x3t_##N = (x)&0x88888888U; \
uint32_t y0t_##N = (y)&0x11111111U; \ uint32_t y0t_##N = (y)&0x11111111U; \
uint32_t y1t_##N = (y)&0x22222222U; \ uint32_t y1t_##N = (y)&0x22222222U; \
uint32_t y2t_##N = (y)&0x44444444U; \ uint32_t y2t_##N = (y)&0x44444444U; \
uint32_t y3t_##N = (y)&0x88888888U; \ uint32_t y3t_##N = (y)&0x88888888U; \
uint64_t z0t_##N = (((uint64_t)x0t_##N * y0t_##N) ^ ((uint64_t)x1t_##N * y3t_##N) ^ ((uint64_t)x2t_##N * y2t_##N) ^ ((uint64_t)x3t_##N * y1t_##N)) \ uint64_t z0t_##N = (((uint64_t)x0t_##N * y0t_##N) ^ ((uint64_t)x1t_##N * y3t_##N) ^ ((uint64_t)x2t_##N * y2t_##N) ^ ((uint64_t)x3t_##N * y1t_##N)) & 0x1111111111111111ULL; \
& 0x1111111111111111ULL; \ uint64_t z1t_##N = (((uint64_t)x0t_##N * y1t_##N) ^ ((uint64_t)x1t_##N * y0t_##N) ^ ((uint64_t)x2t_##N * y3t_##N) ^ ((uint64_t)x3t_##N * y2t_##N)) & 0x2222222222222222ULL; \
uint64_t z1t_##N = (((uint64_t)x0t_##N * y1t_##N) ^ ((uint64_t)x1t_##N * y0t_##N) ^ ((uint64_t)x2t_##N * y3t_##N) ^ ((uint64_t)x3t_##N * y2t_##N)) \ uint64_t z2t_##N = (((uint64_t)x0t_##N * y2t_##N) ^ ((uint64_t)x1t_##N * y1t_##N) ^ ((uint64_t)x2t_##N * y0t_##N) ^ ((uint64_t)x3t_##N * y3t_##N)) & 0x4444444444444444ULL; \
& 0x2222222222222222ULL; \ z0t_##N |= z1t_##N; \
uint64_t z2t_##N = (((uint64_t)x0t_##N * y2t_##N) ^ ((uint64_t)x1t_##N * y1t_##N) ^ ((uint64_t)x2t_##N * y0t_##N) ^ ((uint64_t)x3t_##N * y3t_##N)) \ z2t_##N |= z0t_##N; \
& 0x4444444444444444ULL; \ uint64_t zt_##N = z2t_##N | ((((uint64_t)x0t_##N * y3t_##N) ^ ((uint64_t)x1t_##N * y2t_##N) ^ ((uint64_t)x2t_##N * y1t_##N) ^ ((uint64_t)x3t_##N * y0t_##N)) & 0x8888888888888888ULL); \
z0t_##N |= z1t_##N; \ (rh) = (uint32_t)(zt_##N >> 32U); \
z2t_##N |= z0t_##N; \
uint64_t zt_##N = z2t_##N \
| ((((uint64_t)x0t_##N * y3t_##N) ^ ((uint64_t)x1t_##N * y2t_##N) ^ ((uint64_t)x2t_##N * y1t_##N) ^ ((uint64_t)x3t_##N * y0t_##N)) \
& 0x8888888888888888ULL); \
(rh) = (uint32_t)(zt_##N >> 32U); \
(rl) = (uint32_t)zt_##N; (rl) = (uint32_t)zt_##N;
void s_gfmul(const uint64_t hh, const uint64_t hl, uint64_t& y0, uint64_t& y1) noexcept void s_gfmul(const uint64_t hh, const uint64_t hl, uint64_t& y0, uint64_t& y1) noexcept
@ -456,86 +451,63 @@ void AES::CTR::finish() noexcept
// Software AES and AES key expansion --------------------------------------------------------------------------------- // Software AES and AES key expansion ---------------------------------------------------------------------------------
const uint32_t AES::Te0[256] = { const uint32_t AES::Te0[256] = { 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, 0xe7fefe19, 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, 0x41adadec, 0xb3d4d467, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
0x83cccc4f, 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
0x1d83839e, 0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e, 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, 0x3f9292ad, 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
0x219d9dbc, 0x70383848, 0xf1f5f504, 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
0x26131335, 0xc3ecec2f, 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
0xe6737395, 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, 0x9fc2c25d, 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, 0x018d8d8c, 0xb1d5d564, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a };
0x5c2e2e72, 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, const uint32_t AES::Te4[256] = { 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b, 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5, 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b, 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676,
0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d, 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0, 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf, 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0,
0x99c1c158, 0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22, 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626, 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc, 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1, 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515,
0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3, 0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a, 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2, 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575,
0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a, 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0, 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3, 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484,
}; 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed, 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b, 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939, 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf,
const uint32_t AES::Te4[256] = { 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb, 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585, 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f, 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8,
0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b, 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5, 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b, 0xfefefefe, 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f, 0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5, 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121, 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2,
0xd7d7d7d7, 0xabababab, 0x76767676, 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d, 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0, 0xadadadad, 0xd4d4d4d4, 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec, 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717, 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d, 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373,
0xa2a2a2a2, 0xafafafaf, 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0, 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626, 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc, 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888, 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414, 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb,
0xcccccccc, 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1, 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515, 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3, 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a, 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c, 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262, 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979,
0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a, 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2, 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575, 0x09090909, 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d, 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9, 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea, 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808,
0x83838383, 0x2c2c2c2c, 0x1a1a1a1a, 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0, 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3, 0x29292929, 0xe3e3e3e3, 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e, 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6, 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f, 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a,
0x2f2f2f2f, 0x84848484, 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed, 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b, 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666, 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e, 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9, 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e,
0x39393939, 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf, 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb, 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585, 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111, 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494, 0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9, 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf,
0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f, 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8, 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f, 0x92929292, 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d, 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868, 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f, 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616 };
0x9d9d9d9d, 0x38383838, 0xf5f5f5f5, 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121, 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2, 0xcdcdcdcd, 0x0c0c0c0c, const uint32_t AES::Td0[256] = { 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
0x13131313, 0xecececec, 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717, 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d, 0x64646464, 0x5d5d5d5d, 0x19191919, 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
0x73737373, 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc, 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888, 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb, 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a, 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c, 0xc2c2c2c2, 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
0xd3d3d3d3, 0xacacacac, 0x62626262, 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979, 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d, 0x8d8d8d8d, 0xd5d5d5d5, 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
0x4e4e4e4e, 0xa9a9a9a9, 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea, 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808, 0xbabababa, 0x78787878, 0x25252525, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
0x2e2e2e2e, 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6, 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f, 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a, 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666, 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e, 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9, 0x86868686, 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e, 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111, 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494, 0x9b9b9b9b, 0x1e1e1e1e, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
0x87878787, 0xe9e9e9e9, 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf, 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d, 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
0x68686868, 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f, 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
}; 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
const uint32_t AES::Td0[256] = { 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, 0x4fe5d7fc, 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, 0x038f5fe7, 0x15929c95, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 };
0x7dce3ab4, 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, const uint8_t AES::Td4[256] = { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
0xa779b492, 0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa, 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997, 0x894043cc, 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
0x61dc20a2, 0x5a774b69, 0x1c121a16, 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
0xee99ddbb, 0xa37f60fd, 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d };
0x84c61120, 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, const uint32_t AES::rcon[15] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, 0x6c000000, 0xd8000000, 0xab000000, 0x4d000000, 0x9a000000 };
0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, 0x2c3a9de4,
0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, 0xc8ac993b, 0x10187da7,
0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4,
0x29b07cd6, 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a,
0x92dbd252, 0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f,
0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c, 0x283c498b,
0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
};
const uint8_t AES::Td4[256] = {
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e,
0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, 0x08, 0x2e, 0xa1, 0x66,
0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65,
0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, 0x3a, 0x91,
0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8,
0x1c, 0x75, 0xdf, 0x6e, 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2,
0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb,
0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
};
const uint32_t AES::rcon[15] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000,
0x1B000000, 0x36000000, 0x6c000000, 0xd8000000, 0xab000000, 0x4d000000, 0x9a000000 };
void AES::p_initSW(const uint8_t* key) noexcept void AES::p_initSW(const uint8_t* key) noexcept
{ {
@ -551,16 +523,14 @@ void AES::p_initSW(const uint8_t* key) noexcept
rk[7] = Utils::loadBigEndian<uint32_t>(key + 28); rk[7] = Utils::loadBigEndian<uint32_t>(key + 28);
for (int i = 0;;) { for (int i = 0;;) {
uint32_t temp = rk[7]; uint32_t temp = rk[7];
rk[8] = rk[0] ^ (Te2_r((temp >> 16U) & 0xffU) & 0xff000000U) ^ (Te3_r((temp >> 8U) & 0xffU) & 0x00ff0000U) ^ (Te0[(temp)&0xffU] & 0x0000ff00U) rk[8] = rk[0] ^ (Te2_r((temp >> 16U) & 0xffU) & 0xff000000U) ^ (Te3_r((temp >> 8U) & 0xffU) & 0x00ff0000U) ^ (Te0[(temp)&0xffU] & 0x0000ff00U) ^ (Te1_r(temp >> 24U) & 0x000000ffU) ^ rcon[i];
^ (Te1_r(temp >> 24U) & 0x000000ffU) ^ rcon[i];
rk[9] = rk[1] ^ rk[8]; rk[9] = rk[1] ^ rk[8];
rk[10] = rk[2] ^ rk[9]; rk[10] = rk[2] ^ rk[9];
rk[11] = rk[3] ^ rk[10]; rk[11] = rk[3] ^ rk[10];
if (++i == 7) if (++i == 7)
break; break;
temp = rk[11]; temp = rk[11];
rk[12] = rk[4] ^ (Te2_r(temp >> 24U) & 0xff000000U) ^ (Te3_r((temp >> 16U) & 0xffU) & 0x00ff0000U) ^ (Te0[(temp >> 8U) & 0xffU] & 0x0000ff00U) rk[12] = rk[4] ^ (Te2_r(temp >> 24U) & 0xff000000U) ^ (Te3_r((temp >> 16U) & 0xffU) & 0x00ff0000U) ^ (Te0[(temp >> 8U) & 0xffU] & 0x0000ff00U) ^ (Te1_r((temp)&0xffU) & 0x000000ffU);
^ (Te1_r((temp)&0xffU) & 0x000000ffU);
rk[13] = rk[5] ^ rk[12]; rk[13] = rk[5] ^ rk[12];
rk[14] = rk[6] ^ rk[13]; rk[14] = rk[6] ^ rk[13];
rk[15] = rk[7] ^ rk[14]; rk[15] = rk[7] ^ rk[14];
@ -591,14 +561,10 @@ void AES::p_initSW(const uint8_t* key) noexcept
} }
for (int i = 1; i < 14; ++i) { for (int i = 1; i < 14; ++i) {
rk += 4; rk += 4;
rk[0] = Td0[Te4[(rk[0] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[0] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[0] >> 8U) & 0xffU] & 0xffU) rk[0] = Td0[Te4[(rk[0] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[0] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[0] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[0]) & 0xffU] & 0xffU);
^ Td3_r(Te4[(rk[0]) & 0xffU] & 0xffU); rk[1] = Td0[Te4[(rk[1] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[1] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[1] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[1]) & 0xffU] & 0xffU);
rk[1] = Td0[Te4[(rk[1] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[1] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[1] >> 8U) & 0xffU] & 0xffU) rk[2] = Td0[Te4[(rk[2] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[2] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[2] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[2]) & 0xffU] & 0xffU);
^ Td3_r(Te4[(rk[1]) & 0xffU] & 0xffU); rk[3] = Td0[Te4[(rk[3] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[3] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[3] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[3]) & 0xffU] & 0xffU);
rk[2] = Td0[Te4[(rk[2] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[2] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[2] >> 8U) & 0xffU] & 0xffU)
^ Td3_r(Te4[(rk[2]) & 0xffU] & 0xffU);
rk[3] = Td0[Te4[(rk[3] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[3] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[3] >> 8U) & 0xffU] & 0xffU)
^ Td3_r(Te4[(rk[3]) & 0xffU] & 0xffU);
} }
} }

36
core/AES_aesni.cpp
View file

@ -50,9 +50,7 @@ p_gmacPCLMUL128(const __m128i h, __m128i y) noexcept
t4 = _mm_or_si128(_mm_or_si128(_mm_slli_epi32(t4, 1), _mm_slli_si128(_mm_srli_epi32(t4, 31), 4)), _mm_srli_si128(t5, 12)); t4 = _mm_or_si128(_mm_or_si128(_mm_slli_epi32(t4, 1), _mm_slli_si128(_mm_srli_epi32(t4, 31), 4)), _mm_srli_si128(t5, 12));
t5 = _mm_xor_si128(_mm_xor_si128(_mm_slli_epi32(t1, 31), _mm_slli_epi32(t1, 30)), _mm_slli_epi32(t1, 25)); t5 = _mm_xor_si128(_mm_xor_si128(_mm_slli_epi32(t1, 31), _mm_slli_epi32(t1, 30)), _mm_slli_epi32(t1, 25));
t1 = _mm_xor_si128(t1, _mm_slli_si128(t5, 12)); t1 = _mm_xor_si128(t1, _mm_slli_si128(t5, 12));
t4 = _mm_xor_si128( t4 = _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(t4, _mm_srli_si128(t5, 4)), t1), _mm_srli_epi32(t1, 2)), _mm_srli_epi32(t1, 7)), _mm_srli_epi32(t1, 1));
_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(t4, _mm_srli_si128(t5, 4)), t1), _mm_srli_epi32(t1, 2)), _mm_srli_epi32(t1, 7)),
_mm_srli_epi32(t1, 1));
return _mm_shuffle_epi8(t4, s_sseSwapBytes); return _mm_shuffle_epi8(t4, s_sseSwapBytes);
} }
@ -87,15 +85,7 @@ void p_aesCtrInnerVAES512(unsigned int &len, const uint64_t c0, uint64_t &c1, co
const __m512i kk14 = _mm512_broadcast_i32x4(k[14]); const __m512i kk14 = _mm512_broadcast_i32x4(k[14]);
do { do {
__m512i p0 = _mm512_loadu_si512(reinterpret_cast<const __m512i*>(in)); __m512i p0 = _mm512_loadu_si512(reinterpret_cast<const __m512i*>(in));
__m512i d0 = _mm512_set_epi64( __m512i d0 = _mm512_set_epi64((long long)Utils::hton(c1 + 3ULL), (long long)c0, (long long)Utils::hton(c1 + 2ULL), (long long)c0, (long long)Utils::hton(c1 + 1ULL), (long long)c0, (long long)Utils::hton(c1), (long long)c0);
(long long)Utils::hton(c1 + 3ULL),
(long long)c0,
(long long)Utils::hton(c1 + 2ULL),
(long long)c0,
(long long)Utils::hton(c1 + 1ULL),
(long long)c0,
(long long)Utils::hton(c1),
(long long)c0);
c1 += 4; c1 += 4;
in += 64; in += 64;
len -= 64; len -= 64;
@ -265,20 +255,12 @@ void AES::GMAC::p_aesNIUpdate(const uint8_t *in, unsigned int len) noexcept
__m128i d3 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast<const __m128i*>(in + 32)), sb); __m128i d3 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast<const __m128i*>(in + 32)), sb);
__m128i d4 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast<const __m128i*>(in + 48)), sb); __m128i d4 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast<const __m128i*>(in + 48)), sb);
in += 64; in += 64;
__m128i a = _mm_xor_si128( __m128i a = _mm_xor_si128(_mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x00), _mm_clmulepi64_si128(hhh, d2, 0x00)), _mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x00), _mm_clmulepi64_si128(h, d4, 0x00)));
_mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x00), _mm_clmulepi64_si128(hhh, d2, 0x00)), __m128i b = _mm_xor_si128(_mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x11), _mm_clmulepi64_si128(hhh, d2, 0x11)), _mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x11), _mm_clmulepi64_si128(h, d4, 0x11)));
_mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x00), _mm_clmulepi64_si128(h, d4, 0x00)));
__m128i b = _mm_xor_si128(
_mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x11), _mm_clmulepi64_si128(hhh, d2, 0x11)),
_mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x11), _mm_clmulepi64_si128(h, d4, 0x11)));
__m128i c = _mm_xor_si128( __m128i c = _mm_xor_si128(
_mm_xor_si128( _mm_xor_si128(
_mm_xor_si128( _mm_xor_si128(_mm_clmulepi64_si128(hhhh2, _mm_xor_si128(_mm_shuffle_epi32(d1, 78), d1), 0x00), _mm_clmulepi64_si128(hhh2, _mm_xor_si128(_mm_shuffle_epi32(d2, 78), d2), 0x00)),
_mm_clmulepi64_si128(hhhh2, _mm_xor_si128(_mm_shuffle_epi32(d1, 78), d1), 0x00), _mm_xor_si128(_mm_clmulepi64_si128(hh2, _mm_xor_si128(_mm_shuffle_epi32(d3, 78), d3), 0x00), _mm_clmulepi64_si128(h2, _mm_xor_si128(_mm_shuffle_epi32(d4, 78), d4), 0x00))),
_mm_clmulepi64_si128(hhh2, _mm_xor_si128(_mm_shuffle_epi32(d2, 78), d2), 0x00)),
_mm_xor_si128(
_mm_clmulepi64_si128(hh2, _mm_xor_si128(_mm_shuffle_epi32(d3, 78), d3), 0x00),
_mm_clmulepi64_si128(h2, _mm_xor_si128(_mm_shuffle_epi32(d4, 78), d4), 0x00))),
_mm_xor_si128(a, b)); _mm_xor_si128(a, b));
a = _mm_xor_si128(_mm_slli_si128(c, 8), a); a = _mm_xor_si128(_mm_slli_si128(c, 8), a);
b = _mm_xor_si128(_mm_srli_si128(c, 8), b); b = _mm_xor_si128(_mm_srli_si128(c, 8), b);
@ -287,11 +269,7 @@ void AES::GMAC::p_aesNIUpdate(const uint8_t *in, unsigned int len) noexcept
b = _mm_or_si128(_mm_or_si128(_mm_slli_epi32(b, 1), _mm_slli_si128(_mm_srli_epi32(b, 31), 4)), _mm_srli_si128(c, 12)); b = _mm_or_si128(_mm_or_si128(_mm_slli_epi32(b, 1), _mm_slli_si128(_mm_srli_epi32(b, 31), 4)), _mm_srli_si128(c, 12));
c = _mm_xor_si128(_mm_slli_epi32(a, 31), _mm_xor_si128(_mm_slli_epi32(a, 30), _mm_slli_epi32(a, 25))); c = _mm_xor_si128(_mm_slli_epi32(a, 31), _mm_xor_si128(_mm_slli_epi32(a, 30), _mm_slli_epi32(a, 25)));
a = _mm_xor_si128(a, _mm_slli_si128(c, 12)); a = _mm_xor_si128(a, _mm_slli_si128(c, 12));
b = _mm_xor_si128( b = _mm_xor_si128(b, _mm_xor_si128(a, _mm_xor_si128(_mm_xor_si128(_mm_srli_epi32(a, 1), _mm_srli_si128(c, 4)), _mm_xor_si128(_mm_srli_epi32(a, 2), _mm_srli_epi32(a, 7)))));
b,
_mm_xor_si128(
a,
_mm_xor_si128(_mm_xor_si128(_mm_srli_epi32(a, 1), _mm_srli_si128(c, 4)), _mm_xor_si128(_mm_srli_epi32(a, 2), _mm_srli_epi32(a, 7)))));
y = _mm_shuffle_epi8(b, sb); y = _mm_shuffle_epi8(b, sb);
} while (likely(in != end64)); } while (likely(in != end64));
} }

25
core/AES_armcrypto.cpp
View file

@ -298,9 +298,7 @@ void AES::CTR::p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noe
vst1q_u8(reinterpret_cast<uint8_t*>(_ctr), vrev32q_u8(dd)); vst1q_u8(reinterpret_cast<uint8_t*>(_ctr), vrev32q_u8(dd));
} }
#define ZT_INIT_ARMNEON_CRYPTO_SUBWORD(w) \ #define ZT_INIT_ARMNEON_CRYPTO_SUBWORD(w) ((uint32_t)s_sbox[w & 0xffU] + ((uint32_t)s_sbox[(w >> 8U) & 0xffU] << 8U) + ((uint32_t)s_sbox[(w >> 16U) & 0xffU] << 16U) + ((uint32_t)s_sbox[(w >> 24U) & 0xffU] << 24U))
((uint32_t)s_sbox[w & 0xffU] + ((uint32_t)s_sbox[(w >> 8U) & 0xffU] << 8U) + ((uint32_t)s_sbox[(w >> 16U) & 0xffU] << 16U) \
+ ((uint32_t)s_sbox[(w >> 24U) & 0xffU] << 24U))
#define ZT_INIT_ARMNEON_CRYPTO_ROTWORD(w) (((w) << 8U) | ((w) >> 24U)) #define ZT_INIT_ARMNEON_CRYPTO_ROTWORD(w) (((w) << 8U) | ((w) >> 24U))
#define ZT_INIT_ARMNEON_CRYPTO_NK 8 #define ZT_INIT_ARMNEON_CRYPTO_NK 8
#define ZT_INIT_ARMNEON_CRYPTO_NB 4 #define ZT_INIT_ARMNEON_CRYPTO_NB 4
@ -308,19 +306,14 @@ void AES::CTR::p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noe
void AES::p_init_armneon_crypto(const uint8_t* key) noexcept void AES::p_init_armneon_crypto(const uint8_t* key) noexcept
{ {
static const uint8_t s_sbox[256] = { 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, static const uint8_t s_sbox[256] = { 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, 0xd0, 0xef, 0xaa, 0xfb, 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0x64, 0x5d, 0x19, 0x73, 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 };
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d,
0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9,
0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 };
uint64_t h[2]; uint64_t h[2];
uint32_t* const w = reinterpret_cast<uint32_t*>(p_k.neon.ek); uint32_t* const w = reinterpret_cast<uint32_t*>(p_k.neon.ek);

3
core/Address.hpp
View file

@ -38,8 +38,7 @@ class Address : public TriviallyCopyable {
{ {
} }
explicit ZT_INLINE Address(const uint8_t b[5]) noexcept explicit ZT_INLINE Address(const uint8_t b[5]) noexcept : _a(((uint64_t)b[0] << 32U) | ((uint64_t)b[1] << 24U) | ((uint64_t)b[2] << 16U) | ((uint64_t)b[3] << 8U) | (uint64_t)b[4])
: _a(((uint64_t)b[0] << 32U) | ((uint64_t)b[1] << 24U) | ((uint64_t)b[2] << 16U) | ((uint64_t)b[3] << 8U) | (uint64_t)b[4])
{ {
} }

9
core/Buf.hpp
View file

@ -366,8 +366,7 @@ class Buf {
ii += 8; ii += 8;
#ifdef ZT_NO_UNALIGNED_ACCESS #ifdef ZT_NO_UNALIGNED_ACCESS
return ( return (
((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) | ((uint64_t)unsafeData[s + 2] << 40U) ((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) | ((uint64_t)unsafeData[s + 2] << 40U) | ((uint64_t)unsafeData[s + 3] << 32U) | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U)
| ((uint64_t)unsafeData[s + 3] << 32U) | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U)
| ((uint64_t)unsafeData[s + 6] << 8U) | (uint64_t)unsafeData[s + 7]); | ((uint64_t)unsafeData[s + 6] << 8U) | (uint64_t)unsafeData[s + 7]);
#else #else
return Utils::ntoh(*reinterpret_cast<const uint64_t*>(unsafeData + s)); return Utils::ntoh(*reinterpret_cast<const uint64_t*>(unsafeData + s));
@ -544,8 +543,7 @@ class Buf {
static_assert((I + 7) < ZT_BUF_MEM_SIZE, "overflow"); static_assert((I + 7) < ZT_BUF_MEM_SIZE, "overflow");
#ifdef ZT_NO_UNALIGNED_ACCESS #ifdef ZT_NO_UNALIGNED_ACCESS
return ( return (
((uint64_t)unsafeData[I] << 56U) | ((uint64_t)unsafeData[I + 1] << 48U) | ((uint64_t)unsafeData[I + 2] << 40U) ((uint64_t)unsafeData[I] << 56U) | ((uint64_t)unsafeData[I + 1] << 48U) | ((uint64_t)unsafeData[I + 2] << 40U) | ((uint64_t)unsafeData[I + 3] << 32U) | ((uint64_t)unsafeData[I + 4] << 24U) | ((uint64_t)unsafeData[I + 5] << 16U)
| ((uint64_t)unsafeData[I + 3] << 32U) | ((uint64_t)unsafeData[I + 4] << 24U) | ((uint64_t)unsafeData[I + 5] << 16U)
| ((uint64_t)unsafeData[I + 6] << 8U) | (uint64_t)unsafeData[I + 7]); | ((uint64_t)unsafeData[I + 6] << 8U) | (uint64_t)unsafeData[I + 7]);
#else #else
return Utils::ntoh(*reinterpret_cast<const uint64_t*>(unsafeData + I)); return Utils::ntoh(*reinterpret_cast<const uint64_t*>(unsafeData + I));
@ -610,8 +608,7 @@ class Buf {
const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK; const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK;
#ifdef ZT_NO_UNALIGNED_ACCESS #ifdef ZT_NO_UNALIGNED_ACCESS
return ( return (
((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) | ((uint64_t)unsafeData[s + 2] << 40U) ((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) | ((uint64_t)unsafeData[s + 2] << 40U) | ((uint64_t)unsafeData[s + 3] << 32U) | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U)
| ((uint64_t)unsafeData[s + 3] << 32U) | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U)
| ((uint64_t)unsafeData[s + 6] << 8U) | (uint64_t)unsafeData[s + 7]); | ((uint64_t)unsafeData[s + 6] << 8U) | (uint64_t)unsafeData[s + 7]);
#else #else
return Utils::ntoh(*reinterpret_cast<const uint64_t*>(unsafeData + s)); return Utils::ntoh(*reinterpret_cast<const uint64_t*>(unsafeData + s));

2696
core/C25519.cpp
View file

File diff suppressed because it is too large Load diff

15
core/C25519.hpp
View file

@ -60,8 +60,7 @@ class C25519 {
* @return Key pair where cond(kp) returns true * @return Key pair where cond(kp) returns true
* @tparam F Type of 'cond' * @tparam F Type of 'cond'
*/ */
template <typename F> template <typename F> static ZT_INLINE void generateSatisfying(F cond, uint8_t pub[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE])
static ZT_INLINE void generateSatisfying(F cond, uint8_t pub[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE])
{ {
Utils::getSecureRandom(priv, ZT_C25519_COMBINED_PRIVATE_KEY_SIZE); Utils::getSecureRandom(priv, ZT_C25519_COMBINED_PRIVATE_KEY_SIZE);
s_calcPubED(pub, priv); // do Ed25519 key -- bytes 32-63 of pub and priv s_calcPubED(pub, priv); // do Ed25519 key -- bytes 32-63 of pub and priv
@ -82,10 +81,7 @@ class C25519 {
* @param their Their public key * @param their Their public key
* @param rawkey Buffer to receive raw (not hashed) agreed upon key * @param rawkey Buffer to receive raw (not hashed) agreed upon key
*/ */
static void agree( static void agree(const uint8_t mine[ZT_C25519_ECDH_PRIVATE_KEY_SIZE], const uint8_t their[ZT_C25519_ECDH_PUBLIC_KEY_SIZE], uint8_t rawkey[ZT_C25519_ECDH_SHARED_SECRET_SIZE]);
const uint8_t mine[ZT_C25519_ECDH_PRIVATE_KEY_SIZE],
const uint8_t their[ZT_C25519_ECDH_PUBLIC_KEY_SIZE],
uint8_t rawkey[ZT_C25519_ECDH_SHARED_SECRET_SIZE]);
/** /**
* Sign a message with a sender's key pair * Sign a message with a sender's key pair
@ -104,12 +100,7 @@ class C25519 {
* @param len Length of message in bytes * @param len Length of message in bytes
* @param signature Buffer to fill with signature -- MUST be 96 bytes in length * @param signature Buffer to fill with signature -- MUST be 96 bytes in length
*/ */
static void sign( static void sign(const uint8_t myPrivate[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE], const uint8_t myPublic[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], const void* msg, unsigned int len, void* signature);
const uint8_t myPrivate[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE],
const uint8_t myPublic[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE],
const void* msg,
unsigned int len,
void* signature);
/** /**
* Verify a message's signature * Verify a message's signature

62
core/CAPI.cpp
View file

@ -107,17 +107,8 @@ ZT_MAYBE_UNUSED void ZT_Node_delete(ZT_Node* node, int64_t clock, int64_t ticks,
} }
} }
ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processWirePacket( ZT_MAYBE_UNUSED enum ZT_ResultCode
ZT_Node* node, ZT_Node_processWirePacket(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, int64_t localSocket, const ZT_InetAddress* remoteAddress, const void* packetData, unsigned int packetLength, int isZtBuffer, volatile int64_t*)
int64_t clock,
int64_t ticks,
void* tptr,
int64_t localSocket,
const ZT_InetAddress* remoteAddress,
const void* packetData,
unsigned int packetLength,
int isZtBuffer,
volatile int64_t*)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -170,8 +161,7 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame(
} }
} }
ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, volatile int64_t* nextBackgroundTaskDeadline)
ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, volatile int64_t* nextBackgroundTaskDeadline)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -185,8 +175,7 @@ ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void
} }
} }
ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_join(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void* uptr, uint64_t nwid, const ZT_Fingerprint* controllerFingerprint)
ZT_Node_join(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void* uptr, uint64_t nwid, const ZT_Fingerprint* controllerFingerprint)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -214,8 +203,7 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_leave(ZT_Node* node, int64_t clock, i
} }
} }
ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi)
ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -229,8 +217,7 @@ ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tp
} }
} }
ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi)
ZT_Node_multicastUnsubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -312,15 +299,7 @@ ZT_MAYBE_UNUSED void ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t, int64
} }
} }
ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Node_addCertificate( ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Node_addCertificate(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize)
ZT_Node* node,
int64_t clock,
int64_t ticks,
void* tptr,
unsigned int localTrust,
const ZT_Certificate* cert,
const void* certData,
unsigned int certSize)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -352,8 +331,7 @@ ZT_MAYBE_UNUSED ZT_CertificateList* ZT_Node_listCertificates(ZT_Node* node, int6
} }
} }
ZT_MAYBE_UNUSED int ZT_MAYBE_UNUSED int ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t dest, uint64_t typeId, const void* data, unsigned int len)
ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t dest, uint64_t typeId, const void* data, unsigned int len)
{ {
try { try {
ZeroTier::CallContext cc(clock, ticks, tptr); ZeroTier::CallContext cc(clock, ticks, tptr);
@ -375,8 +353,7 @@ ZT_MAYBE_UNUSED void ZT_Node_setController(ZT_Node* node, void* networkControlle
/********************************************************************************************************************/ /********************************************************************************************************************/
ZT_MAYBE_UNUSED ZT_Locator* ZT_MAYBE_UNUSED ZT_Locator* ZT_Locator_create(int64_t rev, const ZT_Endpoint* endpoints, const ZT_EndpointAttributes*, unsigned int endpointCount, const ZT_Identity* signer)
ZT_Locator_create(int64_t rev, const ZT_Endpoint* endpoints, const ZT_EndpointAttributes*, unsigned int endpointCount, const ZT_Identity* signer)
{ {
try { try {
if ((! endpoints) || (endpointCount == 0) || (! signer)) if ((! endpoints) || (endpointCount == 0) || (! signer))
@ -637,12 +614,8 @@ ZT_MAYBE_UNUSED void ZT_Identity_delete(const ZT_Identity* id)
/********************************************************************************************************************/ /********************************************************************************************************************/
ZT_MAYBE_UNUSED int ZT_Certificate_newKeyPair( ZT_MAYBE_UNUSED int
const enum ZT_CertificatePublicKeyAlgorithm type, ZT_Certificate_newKeyPair(const enum ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize)
uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE],
int* const publicKeySize,
uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE],
int* const privateKeySize)
{ {
try { try {
return ZeroTier::Certificate::newKeyPair(type, publicKey, publicKeySize, privateKey, privateKeySize) ? ZT_RESULT_OK : ZT_RESULT_ERROR_BAD_PARAMETER; return ZeroTier::Certificate::newKeyPair(type, publicKey, publicKeySize, privateKey, privateKeySize) ? ZT_RESULT_OK : ZT_RESULT_ERROR_BAD_PARAMETER;
@ -664,12 +637,7 @@ ZT_MAYBE_UNUSED int ZT_Certificate_newCSR(
try { try {
if ((! subject) || (! certificatePublicKey) || (certificatePublicKeySize <= 0) || (certificatePublicKeySize > ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE)) if ((! subject) || (! certificatePublicKey) || (certificatePublicKeySize <= 0) || (certificatePublicKeySize > ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE))
return ZT_RESULT_ERROR_BAD_PARAMETER; return ZT_RESULT_ERROR_BAD_PARAMETER;
const ZeroTier::Vector<uint8_t> csrV(ZeroTier::Certificate::createCSR( const ZeroTier::Vector<uint8_t> csrV(ZeroTier::Certificate::createCSR(*subject, certificatePublicKey, (unsigned int)certificatePublicKeySize, uniqueIdPrivateKey, (unsigned int)uniqueIdPrivateKeySize));
*subject,
certificatePublicKey,
(unsigned int)certificatePublicKeySize,
uniqueIdPrivateKey,
(unsigned int)uniqueIdPrivateKeySize));
if (csrV.empty() || ((int)csrV.size() > *csrSize)) if (csrV.empty() || ((int)csrV.size() > *csrSize))
return ZT_RESULT_ERROR_BAD_PARAMETER; return ZT_RESULT_ERROR_BAD_PARAMETER;
ZeroTier::Utils::copy(csr, csrV.data(), (unsigned int)csrV.size()); ZeroTier::Utils::copy(csr, csrV.data(), (unsigned int)csrV.size());
@ -681,8 +649,7 @@ ZT_MAYBE_UNUSED int ZT_Certificate_newCSR(
} }
} }
ZT_MAYBE_UNUSED ZT_Certificate* ZT_MAYBE_UNUSED ZT_Certificate* ZT_Certificate_sign(const ZT_Certificate* cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, int issuerPrivateKeySize)
ZT_Certificate_sign(const ZT_Certificate* cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, int issuerPrivateKeySize)
{ {
try { try {
ZeroTier::Certificate* const c = new ZeroTier::Certificate(*cert); ZeroTier::Certificate* const c = new ZeroTier::Certificate(*cert);
@ -945,8 +912,7 @@ ZT_MAYBE_UNUSED int ZT_InetAddress_compare(const ZT_InetAddress* a, const ZT_Ine
/********************************************************************************************************************/ /********************************************************************************************************************/
ZT_MAYBE_UNUSED int ZT_MAYBE_UNUSED int ZT_Dictionary_parse(const void* const dict, const unsigned int len, void* const arg, void (*f)(void*, const char*, unsigned int, const void*, unsigned int))
ZT_Dictionary_parse(const void* const dict, const unsigned int len, void* const arg, void (*f)(void*, const char*, unsigned int, const void*, unsigned int))
{ {
ZeroTier::Dictionary d; ZeroTier::Dictionary d;
if (d.decode(dict, len)) { if (d.decode(dict, len)) {

14
core/CapabilityCredential.cpp
View file

@ -19,12 +19,7 @@
namespace ZeroTier { namespace ZeroTier {
CapabilityCredential::CapabilityCredential( CapabilityCredential::CapabilityCredential(const uint32_t id, const uint64_t nwid, const int64_t timestamp, const ZT_VirtualNetworkRule* const rules, const unsigned int ruleCount) noexcept
const uint32_t id,
const uint64_t nwid,
const int64_t timestamp,
const ZT_VirtualNetworkRule* const rules,
const unsigned int ruleCount) noexcept
: m_nwid(nwid) : m_nwid(nwid)
, m_timestamp(timestamp) , m_timestamp(timestamp)
, m_id(id) , m_id(id)
@ -289,12 +284,7 @@ int CapabilityCredential::marshalVirtualNetworkRules(uint8_t* data, const ZT_Vir
return p; return p;
} }
int CapabilityCredential::unmarshalVirtualNetworkRules( int CapabilityCredential::unmarshalVirtualNetworkRules(const uint8_t* const data, const int len, ZT_VirtualNetworkRule* const rules, unsigned int& ruleCount, const unsigned int maxRuleCount) noexcept
const uint8_t* const data,
const int len,
ZT_VirtualNetworkRule* const rules,
unsigned int& ruleCount,
const unsigned int maxRuleCount) noexcept
{ {
int p = 0; int p = 0;
unsigned int rc = 0; unsigned int rc = 0;

13
core/CapabilityCredential.hpp
View file

@ -22,8 +22,7 @@
#include "Utils.hpp" #include "Utils.hpp"
#define ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX 21 #define ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX 21
#define ZT_CAPABILITY_MARSHAL_SIZE_MAX \ #define ZT_CAPABILITY_MARSHAL_SIZE_MAX (8 + 8 + 4 + 1 + 2 + (ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX * ZT_MAX_CAPABILITY_RULES) + 2 + (5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE))
(8 + 8 + 4 + 1 + 2 + (ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX * ZT_MAX_CAPABILITY_RULES) + 2 + (5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE))
namespace ZeroTier { namespace ZeroTier {
@ -69,12 +68,7 @@ class CapabilityCredential : public Credential {
* @param rules Network flow rules for this capability * @param rules Network flow rules for this capability
* @param ruleCount Number of flow rules * @param ruleCount Number of flow rules
*/ */
CapabilityCredential( CapabilityCredential(const uint32_t id, const uint64_t nwid, const int64_t timestamp, const ZT_VirtualNetworkRule* const rules, const unsigned int ruleCount) noexcept;
const uint32_t id,
const uint64_t nwid,
const int64_t timestamp,
const ZT_VirtualNetworkRule* const rules,
const unsigned int ruleCount) noexcept;
/** /**
* @return Rules -- see ruleCount() for size of array * @return Rules -- see ruleCount() for size of array
@ -185,8 +179,7 @@ class CapabilityCredential : public Credential {
* @param maxRuleCount Capacity of rules buffer * @param maxRuleCount Capacity of rules buffer
* @return Number of bytes unmarshaled or -1 on error * @return Number of bytes unmarshaled or -1 on error
*/ */
static int static int unmarshalVirtualNetworkRules(const uint8_t* data, int len, ZT_VirtualNetworkRule* rules, unsigned int& ruleCount, unsigned int maxRuleCount) noexcept;
unmarshalVirtualNetworkRules(const uint8_t* data, int len, ZT_VirtualNetworkRule* rules, unsigned int& ruleCount, unsigned int maxRuleCount) noexcept;
// Provides natural sort order by ID // Provides natural sort order by ID
ZT_INLINE bool operator<(const CapabilityCredential& c) const noexcept ZT_INLINE bool operator<(const CapabilityCredential& c) const noexcept

25
core/Certificate.cpp
View file

@ -55,9 +55,7 @@ Certificate& Certificate::operator=(const ZT_Certificate& cert)
for (unsigned int i = 0; i < cert.subject.identityCount; ++i) { for (unsigned int i = 0; i < cert.subject.identityCount; ++i) {
if (cert.subject.identities[i].identity) { if (cert.subject.identities[i].identity) {
if (cert.subject.identities[i].locator) { if (cert.subject.identities[i].locator) {
addSubjectIdentity( addSubjectIdentity(*reinterpret_cast<const Identity*>(cert.subject.identities[i].identity), *reinterpret_cast<const Locator*>(cert.subject.identities[i].locator));
*reinterpret_cast<const Identity*>(cert.subject.identities[i].identity),
*reinterpret_cast<const Locator*>(cert.subject.identities[i].locator));
} }
else { else {
addSubjectIdentity(*reinterpret_cast<const Identity*>(cert.subject.identities[i].identity)); addSubjectIdentity(*reinterpret_cast<const Identity*>(cert.subject.identities[i].identity));
@ -380,9 +378,7 @@ ZT_CertificateError Certificate::verify(const int64_t clock, const bool checkSig
if (! reinterpret_cast<const Identity*>(this->subject.identities[i].identity)->locallyValidate()) { if (! reinterpret_cast<const Identity*>(this->subject.identities[i].identity)->locallyValidate()) {
return ZT_CERTIFICATE_ERROR_INVALID_IDENTITY; return ZT_CERTIFICATE_ERROR_INVALID_IDENTITY;
} }
if ((this->subject.identities[i].locator) if ((this->subject.identities[i].locator) && (! reinterpret_cast<const Locator*>(this->subject.identities[i].locator)->verify(*reinterpret_cast<const Identity*>(this->subject.identities[i].identity)))) {
&& (! reinterpret_cast<const Locator*>(this->subject.identities[i].locator)
->verify(*reinterpret_cast<const Identity*>(this->subject.identities[i].identity)))) {
return ZT_CERTIFICATE_ERROR_INVALID_COMPONENT_SIGNATURE; return ZT_CERTIFICATE_ERROR_INVALID_COMPONENT_SIGNATURE;
} }
} }
@ -467,8 +463,7 @@ ZT_CertificateError Certificate::verify(const int64_t clock, const bool checkSig
case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_NONE: case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_NONE:
break; break;
case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_ECDSA_NIST_P_384: case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_ECDSA_NIST_P_384:
if ((this->subject.uniqueIdSize == (ZT_ECC384_PUBLIC_KEY_SIZE + 1)) if ((this->subject.uniqueIdSize == (ZT_ECC384_PUBLIC_KEY_SIZE + 1)) && (this->subject.uniqueIdSignatureSize == ZT_ECC384_SIGNATURE_SIZE)) {
&& (this->subject.uniqueIdSignatureSize == ZT_ECC384_SIGNATURE_SIZE)) {
Dictionary d; Dictionary d;
m_encodeSubject(this->subject, d, true); m_encodeSubject(this->subject, d, true);
@ -510,12 +505,7 @@ ZT_CertificateError Certificate::verify(const int64_t clock, const bool checkSig
return ZT_CERTIFICATE_ERROR_NONE; return ZT_CERTIFICATE_ERROR_NONE;
} }
bool Certificate::newKeyPair( bool Certificate::newKeyPair(const ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize)
const ZT_CertificatePublicKeyAlgorithm type,
uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE],
int* const publicKeySize,
uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE],
int* const privateKeySize)
{ {
switch (type) { switch (type) {
case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_ECDSA_NIST_P_384: case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_ECDSA_NIST_P_384:
@ -531,12 +521,7 @@ bool Certificate::newKeyPair(
return false; return false;
} }
Vector<uint8_t> Certificate::createCSR( Vector<uint8_t> Certificate::createCSR(const ZT_Certificate_Subject& s, const void* const certificatePublicKey, const unsigned int certificatePublicKeySize, const void* uniqueIdPrivate, unsigned int uniqueIdPrivateSize)
const ZT_Certificate_Subject& s,
const void* const certificatePublicKey,
const unsigned int certificatePublicKeySize,
const void* uniqueIdPrivate,
unsigned int uniqueIdPrivateSize)
{ {
Vector<uint8_t> enc; Vector<uint8_t> enc;

14
core/Certificate.hpp
View file

@ -176,12 +176,7 @@ class Certificate : public ZT_Certificate {
* @param privateKeySize Result parameter: set to size of private key * @param privateKeySize Result parameter: set to size of private key
* @return True on success * @return True on success
*/ */
static bool newKeyPair( static bool newKeyPair(const ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize);
const ZT_CertificatePublicKeyAlgorithm type,
uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE],
int* const publicKeySize,
uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE],
int* const privateKeySize);
/** /**
* Create a CSR that encodes the subject of this certificate * Create a CSR that encodes the subject of this certificate
@ -193,12 +188,7 @@ class Certificate : public ZT_Certificate {
* @param uniqueIdPrivateSize Size of unique ID private key * @param uniqueIdPrivateSize Size of unique ID private key
* @return Encoded subject (without any unique ID fields) or empty vector on error * @return Encoded subject (without any unique ID fields) or empty vector on error
*/ */
static Vector<uint8_t> createCSR( static Vector<uint8_t> createCSR(const ZT_Certificate_Subject& s, const void* certificatePublicKey, unsigned int certificatePublicKeySize, const void* uniqueIdPrivate, unsigned int uniqueIdPrivateSize);
const ZT_Certificate_Subject& s,
const void* certificatePublicKey,
unsigned int certificatePublicKeySize,
const void* uniqueIdPrivate,
unsigned int uniqueIdPrivateSize);
ZT_INLINE unsigned long hashCode() const noexcept ZT_INLINE unsigned long hashCode() const noexcept
{ {

4
core/Containers.hpp
View file

@ -159,9 +159,7 @@ struct H384 {
ZT_INLINE bool operator==(const H384& b) const noexcept ZT_INLINE bool operator==(const H384& b) const noexcept
{ {
return ( return ((data[0] == b.data[0]) && (data[1] == b.data[1]) && (data[2] == b.data[2]) && (data[3] == b.data[3]) && (data[4] == b.data[4]) && (data[5] == b.data[5]));
(data[0] == b.data[0]) && (data[1] == b.data[1]) && (data[2] == b.data[2]) && (data[3] == b.data[3]) && (data[4] == b.data[4])
&& (data[5] == b.data[5]));
} }
ZT_INLINE bool operator!=(const H384& b) const noexcept ZT_INLINE bool operator!=(const H384& b) const noexcept

7
core/Credential.cpp
View file

@ -60,9 +60,7 @@ template <typename CRED> static ZT_INLINE Credential::VerifyResult p_credVerify(
int l = credential.marshal(tmp, true); int l = credential.marshal(tmp, true);
if (l <= 0) if (l <= 0)
return Credential::VERIFY_BAD_SIGNATURE; return Credential::VERIFY_BAD_SIGNATURE;
return ( return (peer->identity().verify(tmp, (unsigned int)l, credential.signature(), credential.signatureLength()) ? Credential::VERIFY_OK : Credential::VERIFY_BAD_SIGNATURE);
peer->identity().verify(tmp, (unsigned int)l, credential.signature(), credential.signatureLength()) ? Credential::VERIFY_OK
: Credential::VERIFY_BAD_SIGNATURE);
} }
catch (...) { catch (...) {
} }
@ -104,8 +102,7 @@ Credential::VerifyResult Credential::s_verify(const Context& ctx, const CallCont
// Now verify the controller's signature. // Now verify the controller's signature.
uint64_t buf[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX / 8]; uint64_t buf[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX / 8];
const unsigned int bufSize = credential.m_fillSigningBuf(buf); const unsigned int bufSize = credential.m_fillSigningBuf(buf);
return peer->identity().verify(buf, bufSize, credential.m_signature, credential.m_signatureLength) ? Credential::VERIFY_OK return peer->identity().verify(buf, bufSize, credential.m_signature, credential.m_signatureLength) ? Credential::VERIFY_OK : Credential::VERIFY_BAD_SIGNATURE;
: Credential::VERIFY_BAD_SIGNATURE;
} }
} // namespace ZeroTier } // namespace ZeroTier

7
core/Defragmenter.hpp
View file

@ -46,12 +46,7 @@ namespace ZeroTier {
* @tparam GCT Garbage collection trigger threshold, usually 2X GCS (default: ZT_MAX_PACKET_FRAGMENTS * 4) * @tparam GCT Garbage collection trigger threshold, usually 2X GCS (default: ZT_MAX_PACKET_FRAGMENTS * 4)
* @tparam P Type for pointer to a path object (default: SharedPtr<Path>) * @tparam P Type for pointer to a path object (default: SharedPtr<Path>)
*/ */
template < template <unsigned int MF = ZT_MAX_PACKET_FRAGMENTS, unsigned int MFP = ZT_MAX_INCOMING_FRAGMENTS_PER_PATH, unsigned int GCS = (ZT_MAX_PACKET_FRAGMENTS * 2), unsigned int GCT = (ZT_MAX_PACKET_FRAGMENTS * 4), typename P = SharedPtr<Path> >
unsigned int MF = ZT_MAX_PACKET_FRAGMENTS,
unsigned int MFP = ZT_MAX_INCOMING_FRAGMENTS_PER_PATH,
unsigned int GCS = (ZT_MAX_PACKET_FRAGMENTS * 2),
unsigned int GCT = (ZT_MAX_PACKET_FRAGMENTS * 4),
typename P = SharedPtr<Path> >
class Defragmenter { class Defragmenter {
public: public:
/** /**

44
core/ECC384.cpp
View file

@ -35,24 +35,24 @@ typedef struct EccPoint {
#define CONCAT1(a, b) a##b #define CONCAT1(a, b) a##b
#define CONCAT(a, b) CONCAT1(a, b) #define CONCAT(a, b) CONCAT1(a, b)
#define Curve_P_48 \ #define Curve_P_48 \
{ \ { \
0x00000000FFFFFFFF, 0xFFFFFFFF00000000, 0xFFFFFFFFFFFFFFFE, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF \ 0x00000000FFFFFFFF, 0xFFFFFFFF00000000, 0xFFFFFFFFFFFFFFFE, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF \
} }
#define Curve_B_48 \ #define Curve_B_48 \
{ \ { \
0x2A85C8EDD3EC2AEF, 0xC656398D8A2ED19D, 0x0314088F5013875A, 0x181D9C6EFE814112, 0x988E056BE3F82D19, 0xB3312FA7E23EE7E4 \ 0x2A85C8EDD3EC2AEF, 0xC656398D8A2ED19D, 0x0314088F5013875A, 0x181D9C6EFE814112, 0x988E056BE3F82D19, 0xB3312FA7E23EE7E4 \
} }
#define Curve_G_48 \ #define Curve_G_48 \
{ \ { \
{ 0x3A545E3872760AB7, 0x5502F25DBF55296C, 0x59F741E082542A38, 0x6E1D3B628BA79B98, 0x8EB1C71EF320AD74, 0xAA87CA22BE8B0537 }, \ { 0x3A545E3872760AB7, 0x5502F25DBF55296C, 0x59F741E082542A38, 0x6E1D3B628BA79B98, 0x8EB1C71EF320AD74, 0xAA87CA22BE8B0537 }, \
{ \ { \
0x7A431D7C90EA0E5F, 0x0A60B1CE1D7E819D, 0xE9DA3113B5F0B8C0, 0xF8F41DBD289A147C, 0x5D9E98BF9292DC29, 0x3617DE4A96262C6F \ 0x7A431D7C90EA0E5F, 0x0A60B1CE1D7E819D, 0xE9DA3113B5F0B8C0, 0xF8F41DBD289A147C, 0x5D9E98BF9292DC29, 0x3617DE4A96262C6F \
} \ } \
} }
#define Curve_N_48 \ #define Curve_N_48 \
{ \ { \
0xECEC196ACCC52973, 0x581A0DB248B0A77A, 0xC7634D81F4372DDF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF \ 0xECEC196ACCC52973, 0x581A0DB248B0A77A, 0xC7634D81F4372DDF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF \
} }
const uint64_t curve_p[NUM_ECC_DIGITS] = CONCAT(Curve_P_, ECC_CURVE); const uint64_t curve_p[NUM_ECC_DIGITS] = CONCAT(Curve_P_, ECC_CURVE);
const uint64_t curve_b[NUM_ECC_DIGITS] = CONCAT(Curve_B_, ECC_CURVE); const uint64_t curve_b[NUM_ECC_DIGITS] = CONCAT(Curve_B_, ECC_CURVE);
@ -656,8 +656,8 @@ ZT_INLINE void ecc_bytes2native(uint64_t p_native[NUM_ECC_DIGITS], const uint8_t
{ {
for (uint i = 0; i < NUM_ECC_DIGITS; ++i) { for (uint i = 0; i < NUM_ECC_DIGITS; ++i) {
const uint8_t* p_digit = p_bytes + 8 * (NUM_ECC_DIGITS - 1 - i); const uint8_t* p_digit = p_bytes + 8 * (NUM_ECC_DIGITS - 1 - i);
p_native[i] = ((uint64_t)p_digit[0] << 56) | ((uint64_t)p_digit[1] << 48) | ((uint64_t)p_digit[2] << 40) | ((uint64_t)p_digit[3] << 32) p_native[i] = ((uint64_t)p_digit[0] << 56) | ((uint64_t)p_digit[1] << 48) | ((uint64_t)p_digit[2] << 40) | ((uint64_t)p_digit[3] << 32) | ((uint64_t)p_digit[4] << 24) | ((uint64_t)p_digit[5] << 16) | ((uint64_t)p_digit[6] << 8)
| ((uint64_t)p_digit[4] << 24) | ((uint64_t)p_digit[5] << 16) | ((uint64_t)p_digit[6] << 8) | (uint64_t)p_digit[7]; | (uint64_t)p_digit[7];
} }
} }
@ -957,18 +957,12 @@ void ECC384ECDSASign(const uint8_t priv[ZT_ECC384_PRIVATE_KEY_SIZE], const uint8
} }
} }
bool ECC384ECDSAVerify( bool ECC384ECDSAVerify(const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE], const uint8_t sig[ZT_ECC384_SIGNATURE_SIZE])
const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE],
const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE],
const uint8_t sig[ZT_ECC384_SIGNATURE_SIZE])
{ {
return (ecdsa_verify(pub, hash, sig) != 0); return (ecdsa_verify(pub, hash, sig) != 0);
} }
bool ECC384ECDH( bool ECC384ECDH(const uint8_t theirPub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t ourPriv[ZT_ECC384_PRIVATE_KEY_SIZE], uint8_t secret[ZT_ECC384_SHARED_SECRET_SIZE])
const uint8_t theirPub[ZT_ECC384_PUBLIC_KEY_SIZE],
const uint8_t ourPriv[ZT_ECC384_PRIVATE_KEY_SIZE],
uint8_t secret[ZT_ECC384_SHARED_SECRET_SIZE])
{ {
return (ecdh_shared_secret(theirPub, ourPriv, secret) != 0); return (ecdh_shared_secret(theirPub, ourPriv, secret) != 0);
} }

10
core/ECC384.hpp
View file

@ -87,10 +87,7 @@ void ECC384ECDSASign(const uint8_t priv[ZT_ECC384_PRIVATE_KEY_SIZE], const uint8
* @param sig Signature to check * @param sig Signature to check
* @return True if signature is valid * @return True if signature is valid
*/ */
bool ECC384ECDSAVerify( bool ECC384ECDSAVerify(const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE], const uint8_t sig[ZT_ECC384_SIGNATURE_SIZE]);
const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE],
const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE],
const uint8_t sig[ZT_ECC384_SIGNATURE_SIZE]);
/** /**
* Perform ECDH key agreement * Perform ECDH key agreement
@ -102,10 +99,7 @@ bool ECC384ECDSAVerify(
* @param ourPriv Local private key * @param ourPriv Local private key
* @param secret Buffer to receive 48-byte secret * @param secret Buffer to receive 48-byte secret
*/ */
bool ECC384ECDH( bool ECC384ECDH(const uint8_t theirPub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t ourPriv[ZT_ECC384_PRIVATE_KEY_SIZE], uint8_t secret[ZT_ECC384_SHARED_SECRET_SIZE]);
const uint8_t theirPub[ZT_ECC384_PUBLIC_KEY_SIZE],
const uint8_t ourPriv[ZT_ECC384_PRIVATE_KEY_SIZE],
uint8_t secret[ZT_ECC384_SHARED_SECRET_SIZE]);
} // namespace ZeroTier } // namespace ZeroTier

4
core/Expect.hpp
View file

@ -66,9 +66,7 @@ class Expect {
*/ */
ZT_INLINE bool expecting(const uint64_t inRePacketId, const int64_t now) noexcept ZT_INLINE bool expecting(const uint64_t inRePacketId, const int64_t now) noexcept
{ {
return ( return (((now / ZT_EXPECT_TTL) - (int64_t)m_packetIdSent[(unsigned long)Utils::hash64(inRePacketId ^ Utils::s_mapNonce) % ZT_EXPECT_BUCKETS].exchange(0)) <= 1);
((now / ZT_EXPECT_TTL) - (int64_t)m_packetIdSent[(unsigned long)Utils::hash64(inRePacketId ^ Utils::s_mapNonce) % ZT_EXPECT_BUCKETS].exchange(0))
<= 1);
} }
private: private:

8
core/Identity.cpp
View file

@ -180,8 +180,7 @@ bool Identity::locallyValidate() const noexcept
return MIMC52::verify( return MIMC52::verify(
reinterpret_cast<const uint8_t*>(challenge), reinterpret_cast<const uint8_t*>(challenge),
ZT_IDENTITY_TYPE1_MIMC52_ROUNDS, ZT_IDENTITY_TYPE1_MIMC52_ROUNDS,
((uint64_t)m_pub[0] << 48U) | ((uint64_t)m_pub[1] << 40U) | ((uint64_t)m_pub[2] << 32U) | ((uint64_t)m_pub[3] << 24U) ((uint64_t)m_pub[0] << 48U) | ((uint64_t)m_pub[1] << 40U) | ((uint64_t)m_pub[2] << 32U) | ((uint64_t)m_pub[3] << 24U) | ((uint64_t)m_pub[4] << 16U) | ((uint64_t)m_pub[5] << 8U) | (uint64_t)m_pub[6]);
| ((uint64_t)m_pub[4] << 16U) | ((uint64_t)m_pub[5] << 8U) | (uint64_t)m_pub[6]);
} }
return false; return false;
} }
@ -269,10 +268,7 @@ bool Identity::agree(const Identity& id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) con
// or something. For those who don't trust P384 this means the privacy of // or something. For those who don't trust P384 this means the privacy of
// your traffic is also protected by C25519. // your traffic is also protected by C25519.
C25519::agree(m_priv, id.m_pub, rawkey); C25519::agree(m_priv, id.m_pub, rawkey);
ECC384ECDH( ECC384ECDH(id.m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE, rawkey + ZT_C25519_ECDH_SHARED_SECRET_SIZE);
id.m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE,
m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE,
rawkey + ZT_C25519_ECDH_SHARED_SECRET_SIZE);
SHA384(key, rawkey, ZT_C25519_ECDH_SHARED_SECRET_SIZE + ZT_ECC384_SHARED_SECRET_SIZE); SHA384(key, rawkey, ZT_C25519_ECDH_SHARED_SECRET_SIZE + ZT_ECC384_SHARED_SECRET_SIZE);
return true; return true;
} }

11
core/InetAddress.cpp
View file

@ -21,12 +21,8 @@
namespace ZeroTier { namespace ZeroTier {
static_assert(ZT_SOCKADDR_STORAGE_SIZE == sizeof(sockaddr_storage), "ZT_SOCKADDR_STORAGE_SIZE is incorrect on this platform, must be size of sockaddr_storage"); static_assert(ZT_SOCKADDR_STORAGE_SIZE == sizeof(sockaddr_storage), "ZT_SOCKADDR_STORAGE_SIZE is incorrect on this platform, must be size of sockaddr_storage");
static_assert( static_assert(ZT_SOCKADDR_STORAGE_SIZE == sizeof(InetAddress), "ZT_SOCKADDR_STORAGE_SIZE should equal InetAddress, which should equal size of sockaddr_storage");
ZT_SOCKADDR_STORAGE_SIZE == sizeof(InetAddress), static_assert(ZT_SOCKADDR_STORAGE_SIZE == sizeof(ZT_InetAddress), "ZT_SOCKADDR_STORAGE_SIZE should equal ZT_InetAddress, which should equal size of sockaddr_storage");
"ZT_SOCKADDR_STORAGE_SIZE should equal InetAddress, which should equal size of sockaddr_storage");
static_assert(
ZT_SOCKADDR_STORAGE_SIZE == sizeof(ZT_InetAddress),
"ZT_SOCKADDR_STORAGE_SIZE should equal ZT_InetAddress, which should equal size of sockaddr_storage");
const InetAddress InetAddress::LO4((const void*)("\x7f\x00\x00\x01"), 4, 0); const InetAddress InetAddress::LO4((const void*)("\x7f\x00\x00\x01"), 4, 0);
const InetAddress InetAddress::LO6((const void*)("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"), 16, 0); const InetAddress InetAddress::LO6((const void*)("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"), 16, 0);
@ -310,8 +306,7 @@ bool InetAddress::containsAddress(const InetAddress& addr) const noexcept
const unsigned int bits = netmaskBits(); const unsigned int bits = netmaskBits();
if (bits == 0) if (bits == 0)
return true; return true;
return ( return ((Utils::ntoh((uint32_t)addr.as.sa_in.sin_addr.s_addr) >> (32 - bits)) == (Utils::ntoh((uint32_t)as.sa_in.sin_addr.s_addr) >> (32 - bits)));
(Utils::ntoh((uint32_t)addr.as.sa_in.sin_addr.s_addr) >> (32 - bits)) == (Utils::ntoh((uint32_t)as.sa_in.sin_addr.s_addr) >> (32 - bits)));
} }
case AF_INET6: { case AF_INET6: {
const InetAddress mask(netmask()); const InetAddress mask(netmask());

5
core/InetAddress.hpp
View file

@ -450,10 +450,7 @@ struct InetAddress : public TriviallyCopyable {
return (unsigned long)Utils::hash32(((uint32_t)as.sa_in.sin_addr.s_addr + (uint32_t)as.sa_in.sin_port) ^ (uint32_t)Utils::s_mapNonce); return (unsigned long)Utils::hash32(((uint32_t)as.sa_in.sin_addr.s_addr + (uint32_t)as.sa_in.sin_port) ^ (uint32_t)Utils::s_mapNonce);
} }
else if (as.ss.ss_family == AF_INET6) { else if (as.ss.ss_family == AF_INET6) {
return (unsigned long)Utils::hash64( return (unsigned long)Utils::hash64((Utils::loadMachineEndian<uint64_t>(as.sa_in6.sin6_addr.s6_addr) + Utils::loadMachineEndian<uint64_t>(as.sa_in6.sin6_addr.s6_addr + 8) + (uint64_t)as.sa_in6.sin6_port) ^ Utils::s_mapNonce);
(Utils::loadMachineEndian<uint64_t>(as.sa_in6.sin6_addr.s6_addr) + Utils::loadMachineEndian<uint64_t>(as.sa_in6.sin6_addr.s6_addr + 8)
+ (uint64_t)as.sa_in6.sin6_port)
^ Utils::s_mapNonce);
} }
return Utils::fnv1a32(this, sizeof(InetAddress)); return Utils::fnv1a32(this, sizeof(InetAddress));
} }

18
core/LZ4.cpp
View file

@ -564,8 +564,7 @@ FORCE_INLINE int LZ4_compress_generic(
forwardH = LZ4_hashPosition(forwardIp, tableType); forwardH = LZ4_hashPosition(forwardIp, tableType);
LZ4_putPositionOnHash(ip, h, cctx->hashTable, tableType, base); LZ4_putPositionOnHash(ip, h, cctx->hashTable, tableType, base);
} while (((dictIssue == dictSmall) ? (match < lowRefLimit) : 0) || ((tableType == byU16) ? 0 : (match + MAX_DISTANCE < ip)) } while (((dictIssue == dictSmall) ? (match < lowRefLimit) : 0) || ((tableType == byU16) ? 0 : (match + MAX_DISTANCE < ip)) || (LZ4_read32(match + refDelta) != LZ4_read32(ip)));
|| (LZ4_read32(match + refDelta) != LZ4_read32(ip)));
} }
/* Catch up */ /* Catch up */
@ -713,17 +712,7 @@ ZT_INLINE int LZ4_compress_fast_extState(void* state, const char* source, char*
if (inputSize < LZ4_64Klimit) if (inputSize < LZ4_64Klimit)
return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration);
else else
return LZ4_compress_generic( return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, (sizeof(void*) == 8) ? byU32 : byPtr, noDict, noDictIssue, acceleration);
ctx,
source,
dest,
inputSize,
maxOutputSize,
limitedOutput,
(sizeof(void*) == 8) ? byU32 : byPtr,
noDict,
noDictIssue,
acceleration);
} }
} }
@ -794,8 +783,7 @@ FORCE_INLINE int LZ4_decompress_generic(
/* copy literals */ /* copy literals */
cpy = op + length; cpy = op + length;
if (((endOnInput) && ((cpy > (partialDecoding ? oexit : oend - MFLIMIT)) || (ip + length > iend - (2 + 1 + LASTLITERALS)))) if (((endOnInput) && ((cpy > (partialDecoding ? oexit : oend - MFLIMIT)) || (ip + length > iend - (2 + 1 + LASTLITERALS)))) || ((! endOnInput) && (cpy > oend - WILDCOPYLENGTH))) {
|| ((! endOnInput) && (cpy > oend - WILDCOPYLENGTH))) {
if (partialDecoding) { if (partialDecoding) {
if (cpy > oend) if (cpy > oend)
goto _output_error; /* Error : write attempt beyond end of output buffer */ goto _output_error; /* Error : write attempt beyond end of output buffer */

4
core/Locator.cpp
View file

@ -198,9 +198,7 @@ int Locator::unmarshal(const uint8_t* data, const int len) noexcept
struct p_SortByEndpoint { struct p_SortByEndpoint {
// There can't be more than one of the same endpoint, so only need to sort // There can't be more than one of the same endpoint, so only need to sort
// by endpoint. // by endpoint.
ZT_INLINE bool operator()( ZT_INLINE bool operator()(const std::pair<Endpoint, SharedPtr<const Locator::EndpointAttributes> >& a, const std::pair<Endpoint, SharedPtr<const Locator::EndpointAttributes> >& b) const noexcept
const std::pair<Endpoint, SharedPtr<const Locator::EndpointAttributes> >& a,
const std::pair<Endpoint, SharedPtr<const Locator::EndpointAttributes> >& b) const noexcept
{ {
return a.first < b.first; return a.first < b.first;
} }

4
core/Locator.hpp
View file

@ -35,9 +35,7 @@
*/ */
#define ZT_LOCATOR_MAX_ENDPOINTS 16 #define ZT_LOCATOR_MAX_ENDPOINTS 16
#define ZT_LOCATOR_MARSHAL_SIZE_MAX \ #define ZT_LOCATOR_MARSHAL_SIZE_MAX (8 + ZT_ADDRESS_LENGTH + 2 + (ZT_LOCATOR_MAX_ENDPOINTS * (ZT_ENDPOINT_MARSHAL_SIZE_MAX + ZT_LOCATOR_MAX_ENDPOINT_ATTRIBUTES_SIZE)) + 2 + 2 + ZT_SIGNATURE_BUFFER_SIZE)
(8 + ZT_ADDRESS_LENGTH + 2 + (ZT_LOCATOR_MAX_ENDPOINTS * (ZT_ENDPOINT_MARSHAL_SIZE_MAX + ZT_LOCATOR_MAX_ENDPOINT_ATTRIBUTES_SIZE)) + 2 + 2 \
+ ZT_SIGNATURE_BUFFER_SIZE)
/** /**
* Maximum size of a string format Locator (this is way larger than needed) * Maximum size of a string format Locator (this is way larger than needed)

133
core/MIMC52.cpp
View file

@ -21,85 +21,60 @@ namespace {
// Largest 1024 primes of form 6k + 5 and less than 2^52. Only the least significant 32 // Largest 1024 primes of form 6k + 5 and less than 2^52. Only the least significant 32
// bits need to be here, as the most significant bits are all 1. // bits need to be here, as the most significant bits are all 1.
const uint32_t ZT_MIMC52_PRIMES[1024] = { const uint32_t ZT_MIMC52_PRIMES[1024] = {
4294895267, 4294895477, 4294895513, 4294895519, 4294895543, 4294895567, 4294895657, 4294895711, 4294895777, 4294895861, 4294895909, 4294895921, 4294895969, 4294895267, 4294895477, 4294895513, 4294895519, 4294895543, 4294895567, 4294895657, 4294895711, 4294895777, 4294895861, 4294895909, 4294895921, 4294895969, 4294896011, 4294896149, 4294896227, 4294896401, 4294896473, 4294896527,
4294896011, 4294896149, 4294896227, 4294896401, 4294896473, 4294896527, 4294896563, 4294896653, 4294896731, 4294896863, 4294896899, 4294896983, 4294897037, 4294896563, 4294896653, 4294896731, 4294896863, 4294896899, 4294896983, 4294897037, 4294897103, 4294897331, 4294897349, 4294897451, 4294897571, 4294897661, 4294897703, 4294897757, 4294897793, 4294897811, 4294897817, 4294897829,
4294897103, 4294897331, 4294897349, 4294897451, 4294897571, 4294897661, 4294897703, 4294897757, 4294897793, 4294897811, 4294897817, 4294897829, 4294897877, 4294897877, 4294897919, 4294897991, 4294898027, 4294898129, 4294898153, 4294898231, 4294898273, 4294898279, 4294898291, 4294898363, 4294898369, 4294898417, 4294898423, 4294898453, 4294898489, 4294898573, 4294898579, 4294898639,
4294897919, 4294897991, 4294898027, 4294898129, 4294898153, 4294898231, 4294898273, 4294898279, 4294898291, 4294898363, 4294898369, 4294898417, 4294898423, 4294898693, 4294898747, 4294898759, 4294898867, 4294898879, 4294898909, 4294898921, 4294898933, 4294899011, 4294899041, 4294899047, 4294899203, 4294899221, 4294899227, 4294899287, 4294899341, 4294899431, 4294899509, 4294899533,
4294898453, 4294898489, 4294898573, 4294898579, 4294898639, 4294898693, 4294898747, 4294898759, 4294898867, 4294898879, 4294898909, 4294898921, 4294898933, 4294899539, 4294899551, 4294899629, 4294899791, 4294899809, 4294899971, 4294900001, 4294900007, 4294900013, 4294900307, 4294900331, 4294900427, 4294900469, 4294900481, 4294900541, 4294900583, 4294900781, 4294900853, 4294900931,
4294899011, 4294899041, 4294899047, 4294899203, 4294899221, 4294899227, 4294899287, 4294899341, 4294899431, 4294899509, 4294899533, 4294899539, 4294899551, 4294900991, 4294901033, 4294901087, 4294901159, 4294901267, 4294901393, 4294901411, 4294901489, 4294901657, 4294902011, 4294902071, 4294902101, 4294902107, 4294902353, 4294902377, 4294902599, 4294902647, 4294902743, 4294902869,
4294899629, 4294899791, 4294899809, 4294899971, 4294900001, 4294900007, 4294900013, 4294900307, 4294900331, 4294900427, 4294900469, 4294900481, 4294900541, 4294902977, 4294903067, 4294903103, 4294903259, 4294903289, 4294903397, 4294903421, 4294903493, 4294903577, 4294903631, 4294903637, 4294903733, 4294903799, 4294903823, 4294904003, 4294904033, 4294904081, 4294904129, 4294904279,
4294900583, 4294900781, 4294900853, 4294900931, 4294900991, 4294901033, 4294901087, 4294901159, 4294901267, 4294901393, 4294901411, 4294901489, 4294901657, 4294904297, 4294904303, 4294904333, 4294904351, 4294904381, 4294904453, 4294904519, 4294904561, 4294904639, 4294904657, 4294904747, 4294904807, 4294904843, 4294905089, 4294905149, 4294905293, 4294905299, 4294905311, 4294905443,
4294902011, 4294902071, 4294902101, 4294902107, 4294902353, 4294902377, 4294902599, 4294902647, 4294902743, 4294902869, 4294902977, 4294903067, 4294903103, 4294905479, 4294905539, 4294905623, 4294905641, 4294905671, 4294905707, 4294905887, 4294905977, 4294906091, 4294906103, 4294906139, 4294906157, 4294906223, 4294906259, 4294906487, 4294906493, 4294906523, 4294906547, 4294906553,
4294903259, 4294903289, 4294903397, 4294903421, 4294903493, 4294903577, 4294903631, 4294903637, 4294903733, 4294903799, 4294903823, 4294904003, 4294904033, 4294906571, 4294906577, 4294906589, 4294906703, 4294906733, 4294906763, 4294906841, 4294906859, 4294906937, 4294907057, 4294907063, 4294907141, 4294907231, 4294907249, 4294907261, 4294907267, 4294907387, 4294907417, 4294907567,
4294904081, 4294904129, 4294904279, 4294904297, 4294904303, 4294904333, 4294904351, 4294904381, 4294904453, 4294904519, 4294904561, 4294904639, 4294904657, 4294907603, 4294907699, 4294907789, 4294907849, 4294907873, 4294907879, 4294908023, 4294908071, 4294908119, 4294908209, 4294908227, 4294908329, 4294908491, 4294908503, 4294908569, 4294908653, 4294908713, 4294908719, 4294908791,
4294904747, 4294904807, 4294904843, 4294905089, 4294905149, 4294905293, 4294905299, 4294905311, 4294905443, 4294905479, 4294905539, 4294905623, 4294905641, 4294908839, 4294908869, 4294908989, 4294909031, 4294909067, 4294909109, 4294909253, 4294909529, 4294909589, 4294909643, 4294909739, 4294909799, 4294909811, 4294909853, 4294910003, 4294910039, 4294910189, 4294910201, 4294910219,
4294905671, 4294905707, 4294905887, 4294905977, 4294906091, 4294906103, 4294906139, 4294906157, 4294906223, 4294906259, 4294906487, 4294906493, 4294906523, 4294910273, 4294910333, 4294910369, 4294910393, 4294910471, 4294910549, 4294910651, 4294910669, 4294910681, 4294910711, 4294910753, 4294910801, 4294910981, 4294911053, 4294911143, 4294911227, 4294911239, 4294911359, 4294911383,
4294906547, 4294906553, 4294906571, 4294906577, 4294906589, 4294906703, 4294906733, 4294906763, 4294906841, 4294906859, 4294906937, 4294907057, 4294907063, 4294911407, 4294911521, 4294911551, 4294911611, 4294911641, 4294911689, 4294911719, 4294911869, 4294912109, 4294912133, 4294912151, 4294912187, 4294912223, 4294912331, 4294912439, 4294912607, 4294912703, 4294912859, 4294912871,
4294907141, 4294907231, 4294907249, 4294907261, 4294907267, 4294907387, 4294907417, 4294907567, 4294907603, 4294907699, 4294907789, 4294907849, 4294907873, 4294912907, 4294912961, 4294913003, 4294913111, 4294913309, 4294913333, 4294913357, 4294913399, 4294913411, 4294913459, 4294913501, 4294913531, 4294913591, 4294913609, 4294913663, 4294913783, 4294913819, 4294913903, 4294914137,
4294907879, 4294908023, 4294908071, 4294908119, 4294908209, 4294908227, 4294908329, 4294908491, 4294908503, 4294908569, 4294908653, 4294908713, 4294908719, 4294914413, 4294914473, 4294914497, 4294914527, 4294914551, 4294914593, 4294914611, 4294914659, 4294914671, 4294914743, 4294914863, 4294914917, 4294915061, 4294915103, 4294915139, 4294915217, 4294915223, 4294915253, 4294915283,
4294908791, 4294908839, 4294908869, 4294908989, 4294909031, 4294909067, 4294909109, 4294909253, 4294909529, 4294909589, 4294909643, 4294909739, 4294909799, 4294915373, 4294915433, 4294915607, 4294916069, 4294916213, 4294916267, 4294916303, 4294916393, 4294916441, 4294916477, 4294916507, 4294916573, 4294916633, 4294916687, 4294916783, 4294916837, 4294916897, 4294916921, 4294917029,
4294909811, 4294909853, 4294910003, 4294910039, 4294910189, 4294910201, 4294910219, 4294910273, 4294910333, 4294910369, 4294910393, 4294910471, 4294910549, 4294917047, 4294917101, 4294917203, 4294917287, 4294917299, 4294917389, 4294917437, 4294917527, 4294917557, 4294917611, 4294917617, 4294917689, 4294917821, 4294917857, 4294917917, 4294917941, 4294918169, 4294918187, 4294918307,
4294910651, 4294910669, 4294910681, 4294910711, 4294910753, 4294910801, 4294910981, 4294911053, 4294911143, 4294911227, 4294911239, 4294911359, 4294911383, 4294918409, 4294918433, 4294918481, 4294918703, 4294918709, 4294918733, 4294918799, 4294918871, 4294919009, 4294919249, 4294919279, 4294919291, 4294919363, 4294919381, 4294919441, 4294919447, 4294919549, 4294919579, 4294919633,
4294911407, 4294911521, 4294911551, 4294911611, 4294911641, 4294911689, 4294911719, 4294911869, 4294912109, 4294912133, 4294912151, 4294912187, 4294912223, 4294919657, 4294919669, 4294919693, 4294919711, 4294920029, 4294920059, 4294920089, 4294920197, 4294920239, 4294920257, 4294920263, 4294920269, 4294920341, 4294920353, 4294920407, 4294920503, 4294920599, 4294920647, 4294920743,
4294912331, 4294912439, 4294912607, 4294912703, 4294912859, 4294912871, 4294912907, 4294912961, 4294913003, 4294913111, 4294913309, 4294913333, 4294913357, 4294920803, 4294920809, 4294920881, 4294920899, 4294920983, 4294921043, 4294921139, 4294921151, 4294921181, 4294921229, 4294921289, 4294921331, 4294921343, 4294921391, 4294921469, 4294921709, 4294921721, 4294921823, 4294921847,
4294913399, 4294913411, 4294913459, 4294913501, 4294913531, 4294913591, 4294913609, 4294913663, 4294913783, 4294913819, 4294913903, 4294914137, 4294914413, 4294921889, 4294922057, 4294922171, 4294922201, 4294922237, 4294922309, 4294922399, 4294922447, 4294922507, 4294922513, 4294922549, 4294922609, 4294922663, 4294922861, 4294922933, 4294923101, 4294923191, 4294923209, 4294923221,
4294914473, 4294914497, 4294914527, 4294914551, 4294914593, 4294914611, 4294914659, 4294914671, 4294914743, 4294914863, 4294914917, 4294915061, 4294915103, 4294923251, 4294923263, 4294923359, 4294923371, 4294923377, 4294923461, 4294923521, 4294923953, 4294924001, 4294924091, 4294924121, 4294924319, 4294924397, 4294924571, 4294924583, 4294924751, 4294924817, 4294924823, 4294924847,
4294915139, 4294915217, 4294915223, 4294915253, 4294915283, 4294915373, 4294915433, 4294915607, 4294916069, 4294916213, 4294916267, 4294916303, 4294916393, 4294924877, 4294925003, 4294925027, 4294925117, 4294925237, 4294925243, 4294925297, 4294925369, 4294925627, 4294925639, 4294925729, 4294925747, 4294925873, 4294925891, 4294925933, 4294926047, 4294926059, 4294926209, 4294926221,
4294916441, 4294916477, 4294916507, 4294916573, 4294916633, 4294916687, 4294916783, 4294916837, 4294916897, 4294916921, 4294917029, 4294917047, 4294917101, 4294926233, 4294926257, 4294926329, 4294926371, 4294926401, 4294926413, 4294926437, 4294926563, 4294926569, 4294926917, 4294926923, 4294926947, 4294926971, 4294927067, 4294927073, 4294927151, 4294927349, 4294927367, 4294927403,
4294917203, 4294917287, 4294917299, 4294917389, 4294917437, 4294917527, 4294917557, 4294917611, 4294917617, 4294917689, 4294917821, 4294917857, 4294917917, 4294927481, 4294927523, 4294927553, 4294927589, 4294927649, 4294927673, 4294927727, 4294927739, 4294927763, 4294927889, 4294928183, 4294928207, 4294928249, 4294928327, 4294928351, 4294928399, 4294928483, 4294928489, 4294928543,
4294917941, 4294918169, 4294918187, 4294918307, 4294918409, 4294918433, 4294918481, 4294918703, 4294918709, 4294918733, 4294918799, 4294918871, 4294919009, 4294928597, 4294928951, 4294928963, 4294928981, 4294929017, 4294929059, 4294929161, 4294929197, 4294929233, 4294929269, 4294929311, 4294929323, 4294929341, 4294929383, 4294929401, 4294929497, 4294929509, 4294929581, 4294929707,
4294919249, 4294919279, 4294919291, 4294919363, 4294919381, 4294919441, 4294919447, 4294919549, 4294919579, 4294919633, 4294919657, 4294919669, 4294919693, 4294929743, 4294930043, 4294930121, 4294930193, 4294930223, 4294930349, 4294930403, 4294930571, 4294930613, 4294930721, 4294930751, 4294930877, 4294930931, 4294930961, 4294930967, 4294930973, 4294931021, 4294931051, 4294931057,
4294919711, 4294920029, 4294920059, 4294920089, 4294920197, 4294920239, 4294920257, 4294920263, 4294920269, 4294920341, 4294920353, 4294920407, 4294920503, 4294931063, 4294931219, 4294931273, 4294931339, 4294931423, 4294931441, 4294931453, 4294931567, 4294931639, 4294931717, 4294931897, 4294931969, 4294932023, 4294932053, 4294932239, 4294932299, 4294932443, 4294932671, 4294932677,
4294920599, 4294920647, 4294920743, 4294920803, 4294920809, 4294920881, 4294920899, 4294920983, 4294921043, 4294921139, 4294921151, 4294921181, 4294921229, 4294932731, 4294932743, 4294932767, 4294932773, 4294932779, 4294932881, 4294932899, 4294932929, 4294933067, 4294933277, 4294933307, 4294933343, 4294933451, 4294933523, 4294933763, 4294933793, 4294933829, 4294933847, 4294933871,
4294921289, 4294921331, 4294921343, 4294921391, 4294921469, 4294921709, 4294921721, 4294921823, 4294921847, 4294921889, 4294922057, 4294922171, 4294922201, 4294933997, 4294934033, 4294934111, 4294934207, 4294934243, 4294934267, 4294934279, 4294934291, 4294934327, 4294934363, 4294934423, 4294934489, 4294934561, 4294934867, 4294934921, 4294934969, 4294935137, 4294935239, 4294935299,
4294922237, 4294922309, 4294922399, 4294922447, 4294922507, 4294922513, 4294922549, 4294922609, 4294922663, 4294922861, 4294922933, 4294923101, 4294923191, 4294935431, 4294935539, 4294935629, 4294935701, 4294935791, 4294935797, 4294935803, 4294935959, 4294936001, 4294936007, 4294936037, 4294936079, 4294936127, 4294936163, 4294936247, 4294936307, 4294936331, 4294936409, 4294936451,
4294923209, 4294923221, 4294923251, 4294923263, 4294923359, 4294923371, 4294923377, 4294923461, 4294923521, 4294923953, 4294924001, 4294924091, 4294924121, 4294936601, 4294936607, 4294936619, 4294936667, 4294936709, 4294936733, 4294936751, 4294936763, 4294936829, 4294936937, 4294936997, 4294937027, 4294937051, 4294937093, 4294937177, 4294937213, 4294937291, 4294937381, 4294937417,
4294924319, 4294924397, 4294924571, 4294924583, 4294924751, 4294924817, 4294924823, 4294924847, 4294924877, 4294925003, 4294925027, 4294925117, 4294925237, 4294937429, 4294937681, 4294937693, 4294937753, 4294937771, 4294937813, 4294937837, 4294937891, 4294937969, 4294938071, 4294938101, 4294938323, 4294938371, 4294938401, 4294938467, 4294938473, 4294938521, 4294938599, 4294938731,
4294925243, 4294925297, 4294925369, 4294925627, 4294925639, 4294925729, 4294925747, 4294925873, 4294925891, 4294925933, 4294926047, 4294926059, 4294926209, 4294938779, 4294938833, 4294938899, 4294938977, 4294938983, 4294939067, 4294939127, 4294939223, 4294939277, 4294939331, 4294939337, 4294939391, 4294939457, 4294939559, 4294939673, 4294939691, 4294939901, 4294939991, 4294940087,
4294926221, 4294926233, 4294926257, 4294926329, 4294926371, 4294926401, 4294926413, 4294926437, 4294926563, 4294926569, 4294926917, 4294926923, 4294926947, 4294940093, 4294940189, 4294940213, 4294940417, 4294940657, 4294940699, 4294940753, 4294940801, 4294940873, 4294940951, 4294941047, 4294941143, 4294941161, 4294941227, 4294941281, 4294941377, 4294941509, 4294941551, 4294941701,
4294926971, 4294927067, 4294927073, 4294927151, 4294927349, 4294927367, 4294927403, 4294927481, 4294927523, 4294927553, 4294927589, 4294927649, 4294927673, 4294941731, 4294941767, 4294941911, 4294941923, 4294942043, 4294942139, 4294942313, 4294942343, 4294942373, 4294942427, 4294942529, 4294942601, 4294942649, 4294942673, 4294942679, 4294942733, 4294942769, 4294942811, 4294942961,
4294927727, 4294927739, 4294927763, 4294927889, 4294928183, 4294928207, 4294928249, 4294928327, 4294928351, 4294928399, 4294928483, 4294928489, 4294928543, 4294943129, 4294943141, 4294943219, 4294943369, 4294943423, 4294943471, 4294943651, 4294943687, 4294943717, 4294943729, 4294943747, 4294943759, 4294943813, 4294943819, 4294943891, 4294944077, 4294944191, 4294944233, 4294944239,
4294928597, 4294928951, 4294928963, 4294928981, 4294929017, 4294929059, 4294929161, 4294929197, 4294929233, 4294929269, 4294929311, 4294929323, 4294929341, 4294944353, 4294944389, 4294944581, 4294944623, 4294944629, 4294944659, 4294944821, 4294945031, 4294945157, 4294945211, 4294945229, 4294945301, 4294945337, 4294945343, 4294945511, 4294945547, 4294945667, 4294945709, 4294945757,
4294929383, 4294929401, 4294929497, 4294929509, 4294929581, 4294929707, 4294929743, 4294930043, 4294930121, 4294930193, 4294930223, 4294930349, 4294930403, 4294945841, 4294945991, 4294946033, 4294946099, 4294946153, 4294946477, 4294946687, 4294946747, 4294946957, 4294946993, 4294947023, 4294947131, 4294947167, 4294947287, 4294947311, 4294947413, 4294947581, 4294947599, 4294947671,
4294930571, 4294930613, 4294930721, 4294930751, 4294930877, 4294930931, 4294930961, 4294930967, 4294930973, 4294931021, 4294931051, 4294931057, 4294931063, 4294947851, 4294947959, 4294948067, 4294948073, 4294948193, 4294948259, 4294948421, 4294948451, 4294948613, 4294948673, 4294948883, 4294949027, 4294949057, 4294949069, 4294949519, 4294949531, 4294949603, 4294949609, 4294949627,
4294931219, 4294931273, 4294931339, 4294931423, 4294931441, 4294931453, 4294931567, 4294931639, 4294931717, 4294931897, 4294931969, 4294932023, 4294932053, 4294949693, 4294949729, 4294949741, 4294949807, 4294949921, 4294949939, 4294949981, 4294949993, 4294950083, 4294950173, 4294950197, 4294950251, 4294950287, 4294950317, 4294950323, 4294950329, 4294950581, 4294950593, 4294950617,
4294932239, 4294932299, 4294932443, 4294932671, 4294932677, 4294932731, 4294932743, 4294932767, 4294932773, 4294932779, 4294932881, 4294932899, 4294932929, 4294950629, 4294950713, 4294950929, 4294951151, 4294951163, 4294951169, 4294951379, 4294951583, 4294951613, 4294951853, 4294951907, 4294951913, 4294951937, 4294951961, 4294952063, 4294952183, 4294952393, 4294952543, 4294952549,
4294933067, 4294933277, 4294933307, 4294933343, 4294933451, 4294933523, 4294933763, 4294933793, 4294933829, 4294933847, 4294933871, 4294933997, 4294934033, 4294952597, 4294952627, 4294952687, 4294952723, 4294952729, 4294952789, 4294952819, 4294952873, 4294952891, 4294952903, 4294952969, 4294952999, 4294953023, 4294953107, 4294953173, 4294953281, 4294953341, 4294953431, 4294953599,
4294934111, 4294934207, 4294934243, 4294934267, 4294934279, 4294934291, 4294934327, 4294934363, 4294934423, 4294934489, 4294934561, 4294934867, 4294934921, 4294953689, 4294953719, 4294953827, 4294953887, 4294953977, 4294954073, 4294954079, 4294954157, 4294954217, 4294954283, 4294954607, 4294954667, 4294954859, 4294954901, 4294954973, 4294955081, 4294955237, 4294955273, 4294955327,
4294934969, 4294935137, 4294935239, 4294935299, 4294935431, 4294935539, 4294935629, 4294935701, 4294935791, 4294935797, 4294935803, 4294935959, 4294936001, 4294955441, 4294955507, 4294955591, 4294955789, 4294955831, 4294955837, 4294955927, 4294955963, 4294955969, 4294955987, 4294956041, 4294956047, 4294956197, 4294956323, 4294956359, 4294956551, 4294956593, 4294956623, 4294956629,
4294936007, 4294936037, 4294936079, 4294936127, 4294936163, 4294936247, 4294936307, 4294936331, 4294936409, 4294936451, 4294936601, 4294936607, 4294936619, 4294956641, 4294956719, 4294956761, 4294956767, 4294956797, 4294956821, 4294956833, 4294957037, 4294957079, 4294957103, 4294957181, 4294957349, 4294957379, 4294957433, 4294957463, 4294957511, 4294957577, 4294957727, 4294957859,
4294936667, 4294936709, 4294936733, 4294936751, 4294936763, 4294936829, 4294936937, 4294936997, 4294937027, 4294937051, 4294937093, 4294937177, 4294937213, 4294957877, 4294958039, 4294958153, 4294958309, 4294958417, 4294958441, 4294958693, 4294958717, 4294958753, 4294958903, 4294958909, 4294959017, 4294959071, 4294959107, 4294959161, 4294959257, 4294959299, 4294959329, 4294959431,
4294937291, 4294937381, 4294937417, 4294937429, 4294937681, 4294937693, 4294937753, 4294937771, 4294937813, 4294937837, 4294937891, 4294937969, 4294938071, 4294959593, 4294959599, 4294959659, 4294959893, 4294959917, 4294959983, 4294960001, 4294960031, 4294960061, 4294960079, 4294960097, 4294960271, 4294960283, 4294960349, 4294960367, 4294960421, 4294960529, 4294960541, 4294960583,
4294938101, 4294938323, 4294938371, 4294938401, 4294938467, 4294938473, 4294938521, 4294938599, 4294938731, 4294938779, 4294938833, 4294938899, 4294938977, 4294960613, 4294960673, 4294960691, 4294960697, 4294960787, 4294960919, 4294961003, 4294961039, 4294961153, 4294961159, 4294961171, 4294961321, 4294961411, 4294961471, 4294961507, 4294961537, 4294961669, 4294961717, 4294961741,
4294938983, 4294939067, 4294939127, 4294939223, 4294939277, 4294939331, 4294939337, 4294939391, 4294939457, 4294939559, 4294939673, 4294939691, 4294939901, 4294961873, 4294962059, 4294962137, 4294962167, 4294962263, 4294962281, 4294962311, 4294962341, 4294962413, 4294962521, 4294962563, 4294962761, 4294962893, 4294963103, 4294963163, 4294963223, 4294963313, 4294963349, 4294963427,
4294939991, 4294940087, 4294940093, 4294940189, 4294940213, 4294940417, 4294940657, 4294940699, 4294940753, 4294940801, 4294940873, 4294940951, 4294941047, 4294963547, 4294963559, 4294963721, 4294963799, 4294963817, 4294963901, 4294963919, 4294964021, 4294964279, 4294964297, 4294964363, 4294964387, 4294964411, 4294964567, 4294964603, 4294964687, 4294964777, 4294965041, 4294965071,
4294941143, 4294941161, 4294941227, 4294941281, 4294941377, 4294941509, 4294941551, 4294941701, 4294941731, 4294941767, 4294941911, 4294941923, 4294942043, 4294965119, 4294965221, 4294965251, 4294965287, 4294965413, 4294965569, 4294965647, 4294965671, 4294965689, 4294965779, 4294965839, 4294965893, 4294966091, 4294966109, 4294966127, 4294966157, 4294966187, 4294966199, 4294966211,
4294942139, 4294942313, 4294942343, 4294942373, 4294942427, 4294942529, 4294942601, 4294942649, 4294942673, 4294942679, 4294942733, 4294942769, 4294942811, 4294966403, 4294966457, 4294966499, 4294966541, 4294966637, 4294966661, 4294966739, 4294966823, 4294966883, 4294966901, 4294966961, 4294967027, 4294967087, 4294967099, 4294967123, 4294967153, 4294967249
4294942961, 4294943129, 4294943141, 4294943219, 4294943369, 4294943423, 4294943471, 4294943651, 4294943687, 4294943717, 4294943729, 4294943747, 4294943759,
4294943813, 4294943819, 4294943891, 4294944077, 4294944191, 4294944233, 4294944239, 4294944353, 4294944389, 4294944581, 4294944623, 4294944629, 4294944659,
4294944821, 4294945031, 4294945157, 4294945211, 4294945229, 4294945301, 4294945337, 4294945343, 4294945511, 4294945547, 4294945667, 4294945709, 4294945757,
4294945841, 4294945991, 4294946033, 4294946099, 4294946153, 4294946477, 4294946687, 4294946747, 4294946957, 4294946993, 4294947023, 4294947131, 4294947167,
4294947287, 4294947311, 4294947413, 4294947581, 4294947599, 4294947671, 4294947851, 4294947959, 4294948067, 4294948073, 4294948193, 4294948259, 4294948421,
4294948451, 4294948613, 4294948673, 4294948883, 4294949027, 4294949057, 4294949069, 4294949519, 4294949531, 4294949603, 4294949609, 4294949627, 4294949693,
4294949729, 4294949741, 4294949807, 4294949921, 4294949939, 4294949981, 4294949993, 4294950083, 4294950173, 4294950197, 4294950251, 4294950287, 4294950317,
4294950323, 4294950329, 4294950581, 4294950593, 4294950617, 4294950629, 4294950713, 4294950929, 4294951151, 4294951163, 4294951169, 4294951379, 4294951583,
4294951613, 4294951853, 4294951907, 4294951913, 4294951937, 4294951961, 4294952063, 4294952183, 4294952393, 4294952543, 4294952549, 4294952597, 4294952627,
4294952687, 4294952723, 4294952729, 4294952789, 4294952819, 4294952873, 4294952891, 4294952903, 4294952969, 4294952999, 4294953023, 4294953107, 4294953173,
4294953281, 4294953341, 4294953431, 4294953599, 4294953689, 4294953719, 4294953827, 4294953887, 4294953977, 4294954073, 4294954079, 4294954157, 4294954217,
4294954283, 4294954607, 4294954667, 4294954859, 4294954901, 4294954973, 4294955081, 4294955237, 4294955273, 4294955327, 4294955441, 4294955507, 4294955591,
4294955789, 4294955831, 4294955837, 4294955927, 4294955963, 4294955969, 4294955987, 4294956041, 4294956047, 4294956197, 4294956323, 4294956359, 4294956551,
4294956593, 4294956623, 4294956629, 4294956641, 4294956719, 4294956761, 4294956767, 4294956797, 4294956821, 4294956833, 4294957037, 4294957079, 4294957103,
4294957181, 4294957349, 4294957379, 4294957433, 4294957463, 4294957511, 4294957577, 4294957727, 4294957859, 4294957877, 4294958039, 4294958153, 4294958309,
4294958417, 4294958441, 4294958693, 4294958717, 4294958753, 4294958903, 4294958909, 4294959017, 4294959071, 4294959107, 4294959161, 4294959257, 4294959299,
4294959329, 4294959431, 4294959593, 4294959599, 4294959659, 4294959893, 4294959917, 4294959983, 4294960001, 4294960031, 4294960061, 4294960079, 4294960097,
4294960271, 4294960283, 4294960349, 4294960367, 4294960421, 4294960529, 4294960541, 4294960583, 4294960613, 4294960673, 4294960691, 4294960697, 4294960787,
4294960919, 4294961003, 4294961039, 4294961153, 4294961159, 4294961171, 4294961321, 4294961411, 4294961471, 4294961507, 4294961537, 4294961669, 4294961717,
4294961741, 4294961873, 4294962059, 4294962137, 4294962167, 4294962263, 4294962281, 4294962311, 4294962341, 4294962413, 4294962521, 4294962563, 4294962761,
4294962893, 4294963103, 4294963163, 4294963223, 4294963313, 4294963349, 4294963427, 4294963547, 4294963559, 4294963721, 4294963799, 4294963817, 4294963901,
4294963919, 4294964021, 4294964279, 4294964297, 4294964363, 4294964387, 4294964411, 4294964567, 4294964603, 4294964687, 4294964777, 4294965041, 4294965071,
4294965119, 4294965221, 4294965251, 4294965287, 4294965413, 4294965569, 4294965647, 4294965671, 4294965689, 4294965779, 4294965839, 4294965893, 4294966091,
4294966109, 4294966127, 4294966157, 4294966187, 4294966199, 4294966211, 4294966403, 4294966457, 4294966499, 4294966541, 4294966637, 4294966661, 4294966739,
4294966823, 4294966883, 4294966901, 4294966961, 4294967027, 4294967087, 4294967099, 4294967123, 4294967153, 4294967249
}; };
#ifdef ZT_NO_IEEE_DOUBLE #ifdef ZT_NO_IEEE_DOUBLE

132
core/Member.cpp
View file

@ -119,38 +119,17 @@ void Member::clean(const NetworkConfig& nconf)
m_cleanCredImpl<OwnershipCredential>(nconf, m_remoteCoos); m_cleanCredImpl<OwnershipCredential>(nconf, m_remoteCoos);
} }
Member::AddCredentialResult Member::addCredential( Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const MembershipCredential& com)
const Context& ctx,
const CallContext& cc,
const Identity& sourcePeerIdentity,
const NetworkConfig& nconf,
const MembershipCredential& com)
{ {
const int64_t newts = com.timestamp(); const int64_t newts = com.timestamp();
if (newts <= m_comRevocationThreshold) { if (newts <= m_comRevocationThreshold) {
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0xd9992121, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED);
cc,
0xd9992121,
com.networkId(),
sourcePeerIdentity,
com.id(),
com.timestamp(),
ZT_CREDENTIAL_TYPE_COM,
ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED);
return ADD_REJECTED; return ADD_REJECTED;
} }
const int64_t oldts = m_com.timestamp(); const int64_t oldts = m_com.timestamp();
if (newts < oldts) { if (newts < oldts) {
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0xd9928192, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST);
cc,
0xd9928192,
com.networkId(),
sourcePeerIdentity,
com.id(),
com.timestamp(),
ZT_CREDENTIAL_TYPE_COM,
ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST);
return ADD_REJECTED; return ADD_REJECTED;
} }
if ((newts == oldts) && (m_com == com)) if ((newts == oldts) && (m_com == com))
@ -158,29 +137,13 @@ Member::AddCredentialResult Member::addCredential(
switch (com.verify(ctx, cc)) { switch (com.verify(ctx, cc)) {
default: default:
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0x0f198241, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
cc,
0x0f198241,
com.networkId(),
sourcePeerIdentity,
com.id(),
com.timestamp(),
ZT_CREDENTIAL_TYPE_COM,
ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
return Member::ADD_REJECTED; return Member::ADD_REJECTED;
case Credential::VERIFY_OK: case Credential::VERIFY_OK:
m_com = com; m_com = com;
return ADD_ACCEPTED_NEW; return ADD_ACCEPTED_NEW;
case Credential::VERIFY_BAD_SIGNATURE: case Credential::VERIFY_BAD_SIGNATURE:
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0xbaf0aaaa, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_SIGNATURE_VERIFICATION_FAILED);
cc,
0xbaf0aaaa,
com.networkId(),
sourcePeerIdentity,
com.id(),
com.timestamp(),
ZT_CREDENTIAL_TYPE_COM,
ZT_TRACE_CREDENTIAL_REJECTION_REASON_SIGNATURE_VERIFICATION_FAILED);
return ADD_REJECTED; return ADD_REJECTED;
case Credential::VERIFY_NEED_IDENTITY: case Credential::VERIFY_NEED_IDENTITY:
return ADD_DEFERRED_FOR_WHOIS; return ADD_DEFERRED_FOR_WHOIS;
@ -189,27 +152,13 @@ Member::AddCredentialResult Member::addCredential(
// 3/5 of the credential types have identical addCredential() code // 3/5 of the credential types have identical addCredential() code
template <typename C> template <typename C>
static ZT_INLINE Member::AddCredentialResult _addCredImpl( static ZT_INLINE Member::AddCredentialResult
Map<uint32_t, C>& remoteCreds, _addCredImpl(Map<uint32_t, C>& remoteCreds, const Map<uint64_t, int64_t>& revocations, const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const C& cred)
const Map<uint64_t, int64_t>& revocations,
const Context& ctx,
const CallContext& cc,
const Identity& sourcePeerIdentity,
const NetworkConfig& nconf,
const C& cred)
{ {
typename Map<uint32_t, C>::const_iterator rc(remoteCreds.find(cred.id())); typename Map<uint32_t, C>::const_iterator rc(remoteCreds.find(cred.id()));
if (rc != remoteCreds.end()) { if (rc != remoteCreds.end()) {
if (rc->second.revision() > cred.revision()) { if (rc->second.revision() > cred.revision()) {
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0x40000001, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST);
cc,
0x40000001,
nconf.networkId,
sourcePeerIdentity,
cred.id(),
cred.revision(),
C::credentialType(),
ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST);
return Member::ADD_REJECTED; return Member::ADD_REJECTED;
} }
if (rc->second == cred) if (rc->second == cred)
@ -218,29 +167,13 @@ static ZT_INLINE Member::AddCredentialResult _addCredImpl(
typename Map<uint64_t, int64_t>::const_iterator rt(revocations.find(Member::credentialKey(C::credentialType(), cred.id()))); typename Map<uint64_t, int64_t>::const_iterator rt(revocations.find(Member::credentialKey(C::credentialType(), cred.id())));
if ((rt != revocations.end()) && (rt->second >= cred.revision())) { if ((rt != revocations.end()) && (rt->second >= cred.revision())) {
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0x24248124, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED);
cc,
0x24248124,
nconf.networkId,
sourcePeerIdentity,
cred.id(),
cred.revision(),
C::credentialType(),
ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED);
return Member::ADD_REJECTED; return Member::ADD_REJECTED;
} }
switch (cred.verify(ctx, cc)) { switch (cred.verify(ctx, cc)) {
default: default:
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0x01feba012, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
cc,
0x01feba012,
nconf.networkId,
sourcePeerIdentity,
cred.id(),
cred.revision(),
C::credentialType(),
ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
return Member::ADD_REJECTED; return Member::ADD_REJECTED;
case 0: case 0:
if (rc == remoteCreds.end()) if (rc == remoteCreds.end())
@ -251,47 +184,27 @@ static ZT_INLINE Member::AddCredentialResult _addCredImpl(
} }
} }
Member::AddCredentialResult Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const TagCredential& tag)
Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const TagCredential& tag)
{ {
return _addCredImpl<TagCredential>(m_remoteTags, m_revocations, ctx, cc, sourcePeerIdentity, nconf, tag); return _addCredImpl<TagCredential>(m_remoteTags, m_revocations, ctx, cc, sourcePeerIdentity, nconf, tag);
} }
Member::AddCredentialResult Member::addCredential( Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const CapabilityCredential& cap)
const Context& ctx,
const CallContext& cc,
const Identity& sourcePeerIdentity,
const NetworkConfig& nconf,
const CapabilityCredential& cap)
{ {
return _addCredImpl<CapabilityCredential>(m_remoteCaps, m_revocations, ctx, cc, sourcePeerIdentity, nconf, cap); return _addCredImpl<CapabilityCredential>(m_remoteCaps, m_revocations, ctx, cc, sourcePeerIdentity, nconf, cap);
} }
Member::AddCredentialResult Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const OwnershipCredential& coo)
Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const OwnershipCredential& coo)
{ {
return _addCredImpl<OwnershipCredential>(m_remoteCoos, m_revocations, ctx, cc, sourcePeerIdentity, nconf, coo); return _addCredImpl<OwnershipCredential>(m_remoteCoos, m_revocations, ctx, cc, sourcePeerIdentity, nconf, coo);
} }
Member::AddCredentialResult Member::addCredential( Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const RevocationCredential& rev)
const Context& ctx,
const CallContext& cc,
const Identity& sourcePeerIdentity,
const NetworkConfig& nconf,
const RevocationCredential& rev)
{ {
int64_t* rt; int64_t* rt;
switch (rev.verify(ctx, cc)) { switch (rev.verify(ctx, cc)) {
default: default:
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0x938ff009, nconf.networkId, sourcePeerIdentity, rev.id(), 0, ZT_CREDENTIAL_TYPE_REVOCATION, ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
cc,
0x938ff009,
nconf.networkId,
sourcePeerIdentity,
rev.id(),
0,
ZT_CREDENTIAL_TYPE_REVOCATION,
ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
return ADD_REJECTED; return ADD_REJECTED;
case 0: { case 0: {
const ZT_CredentialType ct = rev.typeBeingRevoked(); const ZT_CredentialType ct = rev.typeBeingRevoked();
@ -313,15 +226,7 @@ Member::AddCredentialResult Member::addCredential(
} }
return ADD_ACCEPTED_REDUNDANT; return ADD_ACCEPTED_REDUNDANT;
default: default:
ctx.t->credentialRejected( ctx.t->credentialRejected(cc, 0x0bbbb1a4, nconf.networkId, sourcePeerIdentity, rev.id(), 0, ZT_CREDENTIAL_TYPE_REVOCATION, ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
cc,
0x0bbbb1a4,
nconf.networkId,
sourcePeerIdentity,
rev.id(),
0,
ZT_CREDENTIAL_TYPE_REVOCATION,
ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID);
return ADD_REJECTED; return ADD_REJECTED;
} }
} }
@ -332,10 +237,7 @@ Member::AddCredentialResult Member::addCredential(
bool Member::m_isUnspoofableAddress(const NetworkConfig& nconf, const InetAddress& ip) const noexcept bool Member::m_isUnspoofableAddress(const NetworkConfig& nconf, const InetAddress& ip) const noexcept
{ {
return ( return (ip.isV6() && nconf.ndpEmulation() && ((ip == InetAddress::makeIpv66plane(nconf.networkId, m_com.issuedTo().address)) || (ip == InetAddress::makeIpv6rfc4193(nconf.networkId, m_com.issuedTo().address))));
ip.isV6() && nconf.ndpEmulation()
&& ((ip == InetAddress::makeIpv66plane(nconf.networkId, m_com.issuedTo().address))
|| (ip == InetAddress::makeIpv6rfc4193(nconf.networkId, m_com.issuedTo().address))));
} }
} // namespace ZeroTier } // namespace ZeroTier

15
core/Member.hpp
View file

@ -142,16 +142,11 @@ class Member {
return false; return false;
} }
AddCredentialResult AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const MembershipCredential& com);
addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const MembershipCredential& com); AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const TagCredential& tag);
AddCredentialResult AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const CapabilityCredential& cap);
addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const TagCredential& tag); AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const OwnershipCredential& coo);
AddCredentialResult AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const RevocationCredential& rev);
addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const CapabilityCredential& cap);
AddCredentialResult
addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const OwnershipCredential& coo);
AddCredentialResult
addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const RevocationCredential& rev);
private: private:
// This returns true if a resource is an IPv6 NDP-emulated address. These embed the ZT // This returns true if a resource is an IPv6 NDP-emulated address. These embed the ZT

20
core/MembershipCredential.cpp
View file

@ -44,14 +44,10 @@ bool MembershipCredential::agreesWith(const MembershipCredential& other) const n
} }
// us <> them // us <> them
for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(m_additionalQualifiers.begin()); for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(m_additionalQualifiers.begin()); i != m_additionalQualifiers.end(); ++i) {
i != m_additionalQualifiers.end();
++i) {
if (i->delta != 0xffffffffffffffffULL) { if (i->delta != 0xffffffffffffffffULL) {
const uint64_t* v2 = nullptr; const uint64_t* v2 = nullptr;
for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator j(other.m_additionalQualifiers.begin()); for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator j(other.m_additionalQualifiers.begin()); j != other.m_additionalQualifiers.end(); ++i) {
j != other.m_additionalQualifiers.end();
++i) {
if (j->id == i->id) { if (j->id == i->id) {
v2 = &(j->value); v2 = &(j->value);
break; break;
@ -71,14 +67,10 @@ bool MembershipCredential::agreesWith(const MembershipCredential& other) const n
} }
// them <> us (we need a second pass in case they have qualifiers we don't or vice versa) // them <> us (we need a second pass in case they have qualifiers we don't or vice versa)
for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(other.m_additionalQualifiers.begin()); for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(other.m_additionalQualifiers.begin()); i != other.m_additionalQualifiers.end(); ++i) {
i != other.m_additionalQualifiers.end();
++i) {
if (i->delta != 0xffffffffffffffffULL) { if (i->delta != 0xffffffffffffffffULL) {
const uint64_t* v2 = nullptr; const uint64_t* v2 = nullptr;
for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator j(m_additionalQualifiers.begin()); for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator j(m_additionalQualifiers.begin()); j != m_additionalQualifiers.end(); ++i) {
j != m_additionalQualifiers.end();
++i) {
if (j->id == i->id) { if (j->id == i->id) {
v2 = &(j->value); v2 = &(j->value);
break; break;
@ -297,9 +289,7 @@ unsigned int MembershipCredential::m_fillSigningBuf(uint64_t* buf) const noexcep
buf[p++] = informational; buf[p++] = informational;
} }
for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(m_additionalQualifiers.begin()); for (FCV<p_Qualifier, ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(m_additionalQualifiers.begin()); i != m_additionalQualifiers.end(); ++i) { // NOLINT(modernize-loop-convert)
i != m_additionalQualifiers.end();
++i) { // NOLINT(modernize-loop-convert)
buf[p++] = Utils::hton(i->id); buf[p++] = Utils::hton(i->id);
buf[p++] = Utils::hton(i->value); buf[p++] = Utils::hton(i->value);
buf[p++] = Utils::hton(i->delta); buf[p++] = Utils::hton(i->delta);

174
core/Network.cpp
View file

@ -101,8 +101,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
if (thisSetMatches) { if (thisSetMatches) {
switch (rt) { switch (rt) {
case ZT_NETWORK_RULE_ACTION_PRIORITY: case ZT_NETWORK_RULE_ACTION_PRIORITY:
qosBucket = qosBucket = (rules[rn].v.qosBucket >= 0 && rules[rn].v.qosBucket <= 8) ? rules[rn].v.qosBucket : 4; // 4 = default bucket (no priority)
(rules[rn].v.qosBucket >= 0 && rules[rn].v.qosBucket <= 8) ? rules[rn].v.qosBucket : 4; // 4 = default bucket (no priority)
return DOZTFILTER_ACCEPT; return DOZTFILTER_ACCEPT;
case ZT_NETWORK_RULE_ACTION_DROP: case ZT_NETWORK_RULE_ACTION_DROP:
@ -135,9 +134,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
} }
else { else {
cc = fwdAddr; cc = fwdAddr;
ccLength = (rules[rn].v.fwd.length != 0) ccLength = (rules[rn].v.fwd.length != 0) ? ((frameLen < (unsigned int)rules[rn].v.fwd.length) ? frameLen : (unsigned int)rules[rn].v.fwd.length) : frameLen;
? ((frameLen < (unsigned int)rules[rn].v.fwd.length) ? frameLen : (unsigned int)rules[rn].v.fwd.length)
: frameLen;
ccWatch = (rt == ZT_NETWORK_RULE_ACTION_WATCH); ccWatch = (rt == ZT_NETWORK_RULE_ACTION_WATCH);
} }
} }
@ -210,8 +207,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
break; break;
case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE: case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE:
if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) {
thisRuleMatches = (uint8_t)(InetAddress((const void*)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask) thisRuleMatches = (uint8_t)(InetAddress((const void*)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask).containsAddress(InetAddress((const void*)(frameData + 12), 4, 0)));
.containsAddress(InetAddress((const void*)(frameData + 12), 4, 0)));
} }
else { else {
thisRuleMatches = 0; thisRuleMatches = 0;
@ -219,8 +215,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
break; break;
case ZT_NETWORK_RULE_MATCH_IPV4_DEST: case ZT_NETWORK_RULE_MATCH_IPV4_DEST:
if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) {
thisRuleMatches = (uint8_t)(InetAddress((const void*)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask) thisRuleMatches = (uint8_t)(InetAddress((const void*)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask).containsAddress(InetAddress((const void*)(frameData + 16), 4, 0)));
.containsAddress(InetAddress((const void*)(frameData + 16), 4, 0)));
} }
else { else {
thisRuleMatches = 0; thisRuleMatches = 0;
@ -228,8 +223,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
break; break;
case ZT_NETWORK_RULE_MATCH_IPV6_SOURCE: case ZT_NETWORK_RULE_MATCH_IPV6_SOURCE:
if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) { if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) {
thisRuleMatches = (uint8_t)(InetAddress((const void*)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask) thisRuleMatches = (uint8_t)(InetAddress((const void*)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask).containsAddress(InetAddress((const void*)(frameData + 8), 16, 0)));
.containsAddress(InetAddress((const void*)(frameData + 8), 16, 0)));
} }
else { else {
thisRuleMatches = 0; thisRuleMatches = 0;
@ -237,8 +231,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
break; break;
case ZT_NETWORK_RULE_MATCH_IPV6_DEST: case ZT_NETWORK_RULE_MATCH_IPV6_DEST:
if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) { if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) {
thisRuleMatches = (uint8_t)(InetAddress((const void*)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask) thisRuleMatches = (uint8_t)(InetAddress((const void*)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask).containsAddress(InetAddress((const void*)(frameData + 24), 16, 0)));
.containsAddress(InetAddress((const void*)(frameData + 24), 16, 0)));
} }
else { else {
thisRuleMatches = 0; thisRuleMatches = 0;
@ -459,8 +452,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR:
case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR:
case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: { case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: {
const TagCredential* const localTag = const TagCredential* const localTag = std::lower_bound(&(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, TagCredential::IdComparePredicate());
std::lower_bound(&(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, TagCredential::IdComparePredicate());
if ((localTag != &(nconf.tags[nconf.tagCount])) && (localTag->id() == rules[rn].v.tag.id)) { if ((localTag != &(nconf.tags[nconf.tagCount])) && (localTag->id() == rules[rn].v.tag.id)) {
const TagCredential* const remoteTag = ((membership) ? membership->getTag(nconf, rules[rn].v.tag.id) : (const TagCredential*)0); const TagCredential* const remoteTag = ((membership) ? membership->getTag(nconf, rules[rn].v.tag.id) : (const TagCredential*)0);
if (remoteTag) { if (remoteTag) {
@ -526,8 +518,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
} }
} }
else { // sender and outbound or receiver and inbound else { // sender and outbound or receiver and inbound
const TagCredential* const localTag = const TagCredential* const localTag = std::lower_bound(&(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, TagCredential::IdComparePredicate());
std::lower_bound(&(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, TagCredential::IdComparePredicate());
if ((localTag != &(nconf.tags[nconf.tagCount])) && (localTag->id() == rules[rn].v.tag.id)) { if ((localTag != &(nconf.tags[nconf.tagCount])) && (localTag->id() == rules[rn].v.tag.id)) {
thisRuleMatches = (uint8_t)(localTag->value() == rules[rn].v.tag.value); thisRuleMatches = (uint8_t)(localTag->value() == rules[rn].v.tag.value);
} }
@ -564,8 +555,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter(
} }
integer >>= (64 - bits); integer >>= (64 - bits);
} }
thisRuleMatches = thisRuleMatches = (uint8_t)((integer >= rules[rn].v.intRange.start) && (integer <= (rules[rn].v.intRange.start + (uint64_t)rules[rn].v.intRange.end)));
(uint8_t)((integer >= rules[rn].v.intRange.start) && (integer <= (rules[rn].v.intRange.start + (uint64_t)rules[rn].v.intRange.end)));
} break; } break;
// The result of an unsupported MATCH is configurable at the network // The result of an unsupported MATCH is configurable at the network
@ -642,14 +632,7 @@ Network::Network(const Context& ctx, const CallContext& cc, uint64_t nwid, const
if (! m_portInitialized) { if (! m_portInitialized) {
ZT_VirtualNetworkConfig ctmp; ZT_VirtualNetworkConfig ctmp;
m_externalConfig(&ctmp); m_externalConfig(&ctmp);
m_ctx.cb.virtualNetworkConfigFunction( m_ctx.cb.virtualNetworkConfigFunction(reinterpret_cast<ZT_Node*>(m_ctx.node), m_ctx.uPtr, cc.tPtr, m_id, &m_uPtr, ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP, &ctmp);
reinterpret_cast<ZT_Node*>(m_ctx.node),
m_ctx.uPtr,
cc.tPtr,
m_id,
&m_uPtr,
ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP,
&ctmp);
m_portInitialized = true; m_portInitialized = true;
} }
} }
@ -670,14 +653,7 @@ Network::~Network()
// *)0,_id,&_uPtr,ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY,&ctmp); // *)0,_id,&_uPtr,ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY,&ctmp);
} }
else { else {
m_ctx.cb.virtualNetworkConfigFunction( m_ctx.cb.virtualNetworkConfigFunction(reinterpret_cast<ZT_Node*>(m_ctx.node), m_ctx.uPtr, nullptr, m_id, &m_uPtr, ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DOWN, &ctmp);
reinterpret_cast<ZT_Node*>(m_ctx.node),
m_ctx.uPtr,
nullptr,
m_id,
&m_uPtr,
ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DOWN,
&ctmp);
} }
} }
@ -714,26 +690,7 @@ bool Network::filterOutgoingPacket(
membership = nullptr; membership = nullptr;
} }
switch (_doZtFilter( switch (_doZtFilter(m_ctx, rrl, m_config, membership, false, ztSource, ztFinalDest, macSource, macDest, frameData, frameLen, etherType, vlanId, m_config.rules, m_config.ruleCount, ccNodeAddress, ccLength, ccWatch, qosBucket)) {
m_ctx,
rrl,
m_config,
membership,
false,
ztSource,
ztFinalDest,
macSource,
macDest,
frameData,
frameLen,
etherType,
vlanId,
m_config.rules,
m_config.ruleCount,
ccNodeAddress,
ccLength,
ccWatch,
qosBucket)) {
case DOZTFILTER_NO_MATCH: { case DOZTFILTER_NO_MATCH: {
for (unsigned int c = 0; c < m_config.capabilityCount; ++c) { for (unsigned int c = 0; c < m_config.capabilityCount; ++c) {
ztFinalDest = ztDest; // sanity check, shouldn't be possible if there was no match ztFinalDest = ztDest; // sanity check, shouldn't be possible if there was no match
@ -795,25 +752,7 @@ bool Network::filterOutgoingPacket(
} break; } break;
case DOZTFILTER_DROP: case DOZTFILTER_DROP:
m_ctx.t->networkFilter( m_ctx.t->networkFilter(cc, 0xadea5a2a, m_id, rrl.l, nullptr, 0, 0, ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, 0);
cc,
0xadea5a2a,
m_id,
rrl.l,
nullptr,
0,
0,
ztSource,
ztDest,
macSource,
macDest,
(uint16_t)frameLen,
frameData,
(uint16_t)etherType,
(uint16_t)vlanId,
noTee,
false,
0);
return false; return false;
case DOZTFILTER_REDIRECT: // interpreted as ACCEPT but ztFinalDest will have been changed in _doZtFilter() case DOZTFILTER_REDIRECT: // interpreted as ACCEPT but ztFinalDest will have been changed in _doZtFilter()
@ -863,46 +802,10 @@ bool Network::filterOutgoingPacket(
if (localCapabilityIndex >= 0) { if (localCapabilityIndex >= 0) {
const CapabilityCredential& cap = m_config.capabilities[localCapabilityIndex]; const CapabilityCredential& cap = m_config.capabilities[localCapabilityIndex];
m_ctx.t->networkFilter( m_ctx.t->networkFilter(cc, 0x56ff1a93, m_id, rrl.l, crrl.l, cap.id(), cap.timestamp(), ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, accept);
cc,
0x56ff1a93,
m_id,
rrl.l,
crrl.l,
cap.id(),
cap.timestamp(),
ztSource,
ztDest,
macSource,
macDest,
(uint16_t)frameLen,
frameData,
(uint16_t)etherType,
(uint16_t)vlanId,
noTee,
false,
accept);
} }
else { else {
m_ctx.t->networkFilter( m_ctx.t->networkFilter(cc, 0x112fbbab, m_id, rrl.l, nullptr, 0, 0, ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, accept);
cc,
0x112fbbab,
m_id,
rrl.l,
nullptr,
0,
0,
ztSource,
ztDest,
macSource,
macDest,
(uint16_t)frameLen,
frameData,
(uint16_t)etherType,
(uint16_t)vlanId,
noTee,
false,
accept);
} }
return (accept != 0); return (accept != 0);
@ -934,26 +837,8 @@ int Network::filterIncomingPacket(
Member& membership = m_memberships[sourcePeer->address()]; Member& membership = m_memberships[sourcePeer->address()];
switch (_doZtFilter( switch (
m_ctx, _doZtFilter(m_ctx, rrl, m_config, &membership, true, sourcePeer->address(), ztFinalDest, macSource, macDest, frameData, frameLen, etherType, vlanId, m_config.rules, m_config.ruleCount, ccNodeAddress, ccLength, ccWatch, qosBucket)) {
rrl,
m_config,
&membership,
true,
sourcePeer->address(),
ztFinalDest,
macSource,
macDest,
frameData,
frameLen,
etherType,
vlanId,
m_config.rules,
m_config.ruleCount,
ccNodeAddress,
ccLength,
ccWatch,
qosBucket)) {
case DOZTFILTER_NO_MATCH: { case DOZTFILTER_NO_MATCH: {
Member::CapabilityIterator mci(membership, m_config); Member::CapabilityIterator mci(membership, m_config);
while ((c = mci.next())) { while ((c = mci.next())) {
@ -961,26 +846,8 @@ int Network::filterIncomingPacket(
Address cc2; Address cc2;
unsigned int ccLength2 = 0; unsigned int ccLength2 = 0;
bool ccWatch2 = false; bool ccWatch2 = false;
switch (_doZtFilter( switch (
m_ctx, _doZtFilter(m_ctx, crrl, m_config, &membership, true, sourcePeer->address(), ztFinalDest, macSource, macDest, frameData, frameLen, etherType, vlanId, c->rules(), c->ruleCount(), cc2, ccLength2, ccWatch2, qosBucket)) {
crrl,
m_config,
&membership,
true,
sourcePeer->address(),
ztFinalDest,
macSource,
macDest,
frameData,
frameLen,
etherType,
vlanId,
c->rules(),
c->ruleCount(),
cc2,
ccLength2,
ccWatch2,
qosBucket)) {
case DOZTFILTER_NO_MATCH: case DOZTFILTER_NO_MATCH:
case DOZTFILTER_DROP: // explicit DROP in a capability just terminates its evaluation and is an case DOZTFILTER_DROP: // explicit DROP in a capability just terminates its evaluation and is an
// anti-pattern // anti-pattern
@ -1245,8 +1112,7 @@ int Network::setConfiguration(const CallContext& cc, const NetworkConfig& nconf,
try { try {
if ((nconf.issuedTo != m_ctx.identity.address()) || (nconf.networkId != m_id)) if ((nconf.issuedTo != m_ctx.identity.address()) || (nconf.networkId != m_id))
return 0; // invalid config that is not for us or not for this network return 0; // invalid config that is not for us or not for this network
if ((! Utils::allZero(nconf.issuedToFingerprintHash, ZT_FINGERPRINT_HASH_SIZE)) if ((! Utils::allZero(nconf.issuedToFingerprintHash, ZT_FINGERPRINT_HASH_SIZE)) && (memcmp(nconf.issuedToFingerprintHash, m_ctx.identity.fingerprint().hash, ZT_FINGERPRINT_HASH_SIZE) != 0))
&& (memcmp(nconf.issuedToFingerprintHash, m_ctx.identity.fingerprint().hash, ZT_FINGERPRINT_HASH_SIZE) != 0))
return 0; // full identity hash is present and does not match return 0; // full identity hash is present and does not match
if (m_config == nconf) if (m_config == nconf)

3
core/Network.hpp
View file

@ -334,8 +334,7 @@ class Network {
template <typename F> ZT_INLINE void eachMember(F f) template <typename F> ZT_INLINE void eachMember(F f)
{ {
Mutex::Lock ml(m_memberships_l); Mutex::Lock ml(m_memberships_l);
for (Map<Address, Member>::iterator i(m_memberships.begin()); i != m_memberships.end(); for (Map<Address, Member>::iterator i(m_memberships.begin()); i != m_memberships.end(); ++i) { // NOLINT(modernize-loop-convert,hicpp-use-auto,modernize-use-auto)
++i) { // NOLINT(modernize-loop-convert,hicpp-use-auto,modernize-use-auto)
if (! f(i->first, i->second)) if (! f(i->first, i->second))
break; break;
} }

19
core/NetworkController.hpp
View file

@ -47,15 +47,7 @@ class NetworkController {
* @param nc Network configuration to send * @param nc Network configuration to send
* @param sendLegacyFormatConfig If true, send an old-format network config * @param sendLegacyFormatConfig If true, send an old-format network config
*/ */
virtual void ncSendConfig( virtual void ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, const NetworkConfig& nc, bool sendLegacyFormatConfig) = 0;
void* tPtr,
int64_t clock,
int64_t ticks,
uint64_t nwid,
uint64_t requestPacketId,
const Address& destination,
const NetworkConfig& nc,
bool sendLegacyFormatConfig) = 0;
/** /**
* Send revocation to a node * Send revocation to a node
@ -73,14 +65,7 @@ class NetworkController {
* @param destination Destination peer Address * @param destination Destination peer Address
* @param errorCode Error code * @param errorCode Error code
*/ */
virtual void ncSendError( virtual void ncSendError(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, NetworkController::ErrorCode errorCode) = 0;
void* tPtr,
int64_t clock,
int64_t ticks,
uint64_t nwid,
uint64_t requestPacketId,
const Address& destination,
NetworkController::ErrorCode errorCode) = 0;
}; };
NetworkController() NetworkController()

53
core/Node.cpp
View file

@ -278,14 +278,7 @@ ZT_ResultCode Node::leave(uint64_t nwid, void** uptr, const CallContext& cc)
if (uptr) if (uptr)
*uptr = *network->userPtr(); *uptr = *network->userPtr();
network->externalConfig(&ctmp); network->externalConfig(&ctmp);
m_ctx.cb.virtualNetworkConfigFunction( m_ctx.cb.virtualNetworkConfigFunction(reinterpret_cast<ZT_Node*>(this), m_ctx.uPtr, cc.tPtr, nwid, network->userPtr(), ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY, &ctmp);
reinterpret_cast<ZT_Node*>(this),
m_ctx.uPtr,
cc.tPtr,
nwid,
network->userPtr(),
ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY,
&ctmp);
network->destroy(); network->destroy();
return ZT_RESULT_OK; return ZT_RESULT_OK;
} }
@ -496,8 +489,7 @@ void Node::setInterfaceAddresses(const ZT_InterfaceAddress* addrs, unsigned int
} }
} }
ZT_CertificateError ZT_CertificateError Node::addCertificate(const CallContext& cc, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize)
Node::addCertificate(const CallContext& cc, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize)
{ {
Certificate c; Certificate c;
if (cert) { if (cert) {
@ -603,16 +595,7 @@ bool Node::filterPotentialPath(void* tPtr, const Identity& id, int64_t localSock
} }
if (m_ctx.cb.pathCheckFunction) { if (m_ctx.cb.pathCheckFunction) {
return ( return (m_ctx.cb.pathCheckFunction(reinterpret_cast<ZT_Node*>(this), m_ctx.uPtr, tPtr, id.address().toInt(), (const ZT_Identity*)&id, localSocket, reinterpret_cast<const ZT_InetAddress*>(&remoteAddress)) != 0);
m_ctx.cb.pathCheckFunction(
reinterpret_cast<ZT_Node*>(this),
m_ctx.uPtr,
tPtr,
id.address().toInt(),
(const ZT_Identity*)&id,
localSocket,
reinterpret_cast<const ZT_InetAddress*>(&remoteAddress))
!= 0);
} }
return true; return true;
@ -621,31 +604,14 @@ bool Node::filterPotentialPath(void* tPtr, const Identity& id, int64_t localSock
bool Node::externalPathLookup(void* tPtr, const Identity& id, int family, InetAddress& addr) bool Node::externalPathLookup(void* tPtr, const Identity& id, int family, InetAddress& addr)
{ {
if (m_ctx.cb.pathLookupFunction) { if (m_ctx.cb.pathLookupFunction) {
return ( return (m_ctx.cb.pathLookupFunction(reinterpret_cast<ZT_Node*>(this), m_ctx.uPtr, tPtr, id.address().toInt(), reinterpret_cast<const ZT_Identity*>(&id), family, reinterpret_cast<ZT_InetAddress*>(&addr)) == ZT_RESULT_OK);
m_ctx.cb.pathLookupFunction(
reinterpret_cast<ZT_Node*>(this),
m_ctx.uPtr,
tPtr,
id.address().toInt(),
reinterpret_cast<const ZT_Identity*>(&id),
family,
reinterpret_cast<ZT_InetAddress*>(&addr))
== ZT_RESULT_OK);
} }
return false; return false;
} }
// Implementation of NetworkController::Sender ------------------------------------------------------------------------ // Implementation of NetworkController::Sender ------------------------------------------------------------------------
void Node::ncSendConfig( void Node::ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, const NetworkConfig& nc, bool sendLegacyFormatConfig)
void* tPtr,
int64_t clock,
int64_t ticks,
uint64_t nwid,
uint64_t requestPacketId,
const Address& destination,
const NetworkConfig& nc,
bool sendLegacyFormatConfig)
{ {
if (destination == m_ctx.identity.address()) { if (destination == m_ctx.identity.address()) {
SharedPtr<Network> n(m_ctx.networks->get(nwid)); SharedPtr<Network> n(m_ctx.networks->get(nwid));
@ -721,14 +687,7 @@ void Node::ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Addr
} }
} }
void Node::ncSendError( void Node::ncSendError(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, NetworkController::ErrorCode errorCode)
void* tPtr,
int64_t clock,
int64_t ticks,
uint64_t nwid,
uint64_t requestPacketId,
const Address& destination,
NetworkController::ErrorCode errorCode)
{ {
if (destination == m_ctx.identity.address()) { if (destination == m_ctx.identity.address()) {
SharedPtr<Network> n(m_ctx.networks->get(nwid)); SharedPtr<Network> n(m_ctx.networks->get(nwid));

19
core/Node.hpp
View file

@ -135,24 +135,9 @@ class Node : public NetworkController::Sender {
} }
// Implementation of NetworkController::Sender interface // Implementation of NetworkController::Sender interface
virtual void ncSendConfig( virtual void ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, const NetworkConfig& nc, bool sendLegacyFormatConfig);
void* tPtr,
int64_t clock,
int64_t ticks,
uint64_t nwid,
uint64_t requestPacketId,
const Address& destination,
const NetworkConfig& nc,
bool sendLegacyFormatConfig);
virtual void ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Address& destination, const RevocationCredential& rev); virtual void ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Address& destination, const RevocationCredential& rev);
virtual void ncSendError( virtual void ncSendError(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, NetworkController::ErrorCode errorCode);
void* tPtr,
int64_t clock,
int64_t ticks,
uint64_t nwid,
uint64_t requestPacketId,
const Address& destination,
NetworkController::ErrorCode errorCode);
private: private:
Context m_ctx; Context m_ctx;

8
core/OS.hpp
View file

@ -17,9 +17,7 @@
/* Uncomment this to force a whole lot of debug output. */ /* Uncomment this to force a whole lot of debug output. */
#define ZT_DEBUG_SPEW #define ZT_DEBUG_SPEW
#if ! defined(__GNUC__) \ #if ! defined(__GNUC__) && (defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_1) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_2) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_4) || defined(__INTEL_COMPILER) || defined(__clang__))
&& (defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_1) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_2) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_4) \
|| defined(__INTEL_COMPILER) || defined(__clang__))
#define __GNUC__ 3 #define __GNUC__ 3
#endif #endif
@ -78,8 +76,8 @@
#include <immintrin.h> #include <immintrin.h>
#include <xmmintrin.h> #include <xmmintrin.h>
#endif #endif
#if defined(ZT_ARCH_X64) || defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || defined(__i586__) || defined(__i686__) \ #if defined(ZT_ARCH_X64) || defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || defined(_X86_) || defined(__I86__) \
|| defined(_M_IX86) || defined(__X86__) || defined(_X86_) || defined(__I86__) || defined(__INTEL__) || defined(__386) || defined(__INTEL__) || defined(__386)
#define ZT_ARCH_X86 1 #define ZT_ARCH_X86 1
#endif #endif

4
core/OwnershipCredential.hpp
View file

@ -28,9 +28,7 @@
// Maximum size of a thing's value field in bytes // Maximum size of a thing's value field in bytes
#define ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE 16 #define ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE 16
#define ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX \ #define ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX (8 + 8 + 8 + 4 + 2 + ((1 + ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE) * ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) + 5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE + 2)
(8 + 8 + 8 + 4 + 2 + ((1 + ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE) * ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) + 5 + 5 + 1 + 2 \
+ ZT_SIGNATURE_BUFFER_SIZE + 2)
namespace ZeroTier { namespace ZeroTier {

12
core/Path.cpp
View file

@ -20,17 +20,7 @@ namespace ZeroTier {
bool Path::send(const Context& ctx, const CallContext& cc, const void* const data, const unsigned int len) noexcept bool Path::send(const Context& ctx, const CallContext& cc, const void* const data, const unsigned int len) noexcept
{ {
if (likely( if (likely(ctx.cb.wirePacketSendFunction(reinterpret_cast<ZT_Node*>(ctx.node), ctx.uPtr, cc.tPtr, m_localSocket, reinterpret_cast<const ZT_InetAddress*>(&m_addr), data, len, 0) == 0)) {
ctx.cb.wirePacketSendFunction(
reinterpret_cast<ZT_Node*>(ctx.node),
ctx.uPtr,
cc.tPtr,
m_localSocket,
reinterpret_cast<const ZT_InetAddress*>(&m_addr),
data,
len,
0)
== 0)) {
m_lastOut = cc.ticks; m_lastOut = cc.ticks;
m_outMeter.log(cc.ticks, len); m_outMeter.log(cc.ticks, len);
return true; return true;

70
core/Peer.cpp
View file

@ -68,15 +68,7 @@ bool Peer::init(const Context& ctx, const CallContext& cc, const Identity& peerI
return true; return true;
} }
void Peer::received( void Peer::received(const Context& ctx, const CallContext& cc, const SharedPtr<Path>& path, const unsigned int hops, const uint64_t packetId, const unsigned int payloadLength, const Protocol::Verb verb, const Protocol::Verb /*inReVerb*/)
const Context& ctx,
const CallContext& cc,
const SharedPtr<Path>& path,
const unsigned int hops,
const uint64_t packetId,
const unsigned int payloadLength,
const Protocol::Verb verb,
const Protocol::Verb /*inReVerb*/)
{ {
m_lastReceive.store(cc.ticks, std::memory_order_relaxed); m_lastReceive.store(cc.ticks, std::memory_order_relaxed);
m_inMeter.log(cc.ticks, payloadLength); m_inMeter.log(cc.ticks, payloadLength);
@ -172,9 +164,7 @@ void Peer::pulse(const Context& ctx, const CallContext& cc)
// to be sent. The latter happens every ZT_PEER_HELLO_INTERVAL or if a new // to be sent. The latter happens every ZT_PEER_HELLO_INTERVAL or if a new
// ephemeral key pair is generated. // ephemeral key pair is generated.
bool needHello = bool needHello =
(((m_vProto >= 20) (((m_vProto >= 20) && (m_keyRenegotiationNeeded || (key == &m_identityKey) || ((cc.ticks - key->timestamp()) >= (ZT_SYMMETRIC_KEY_TTL / 2)) || (key->odometer() > (ZT_SYMMETRIC_KEY_TTL_MESSAGES / 2))))
&& (m_keyRenegotiationNeeded || (key == &m_identityKey) || ((cc.ticks - key->timestamp()) >= (ZT_SYMMETRIC_KEY_TTL / 2))
|| (key->odometer() > (ZT_SYMMETRIC_KEY_TTL_MESSAGES / 2))))
|| ((cc.ticks - m_lastSentHello) >= ZT_PEER_HELLO_INTERVAL)); || ((cc.ticks - m_lastSentHello) >= ZT_PEER_HELLO_INTERVAL));
// Prioritize paths and more importantly for here forget dead ones. // Prioritize paths and more importantly for here forget dead ones.
@ -187,9 +177,7 @@ void Peer::pulse(const Context& ctx, const CallContext& cc)
// callback (if one was supplied). // callback (if one was supplied).
if (m_locator) { if (m_locator) {
for (Vector<std::pair<Endpoint, SharedPtr<const Locator::EndpointAttributes> > >::const_iterator ep(m_locator->endpoints().begin()); for (Vector<std::pair<Endpoint, SharedPtr<const Locator::EndpointAttributes> > >::const_iterator ep(m_locator->endpoints().begin()); ep != m_locator->endpoints().end(); ++ep) {
ep != m_locator->endpoints().end();
++ep) {
if (ep->first.type == ZT_ENDPOINT_TYPE_IP_UDP) { if (ep->first.type == ZT_ENDPOINT_TYPE_IP_UDP) {
if (ctx.node->filterPotentialPath(cc.tPtr, m_id, -1, ep->first.ip())) { if (ctx.node->filterPotentialPath(cc.tPtr, m_id, -1, ep->first.ip())) {
int64_t& lt = m_lastTried[ep->first]; int64_t& lt = m_lastTried[ep->first];
@ -365,15 +353,7 @@ void Peer::contact(const Context& ctx, const CallContext& cc, const Endpoint& ep
// For IPv4 addresses we send a tiny packet with a low TTL, which helps to // For IPv4 addresses we send a tiny packet with a low TTL, which helps to
// traverse some NAT types. It has no effect otherwise. // traverse some NAT types. It has no effect otherwise.
if (ep.isInetAddr() && ep.ip().isV4()) { if (ep.isInetAddr() && ep.ip().isV4()) {
ctx.cb.wirePacketSendFunction( ctx.cb.wirePacketSendFunction(reinterpret_cast<ZT_Node*>(ctx.node), ctx.uPtr, cc.tPtr, -1, reinterpret_cast<const ZT_InetAddress*>(&ep.ip()), &s_arbitraryByte, 1, 2);
reinterpret_cast<ZT_Node*>(ctx.node),
ctx.uPtr,
cc.tPtr,
-1,
reinterpret_cast<const ZT_InetAddress*>(&ep.ip()),
&s_arbitraryByte,
1,
2);
++s_arbitraryByte; ++s_arbitraryByte;
} }
@ -593,13 +573,7 @@ void Peer::m_prioritizePaths(const CallContext& cc)
m_bestPath.store((m_alivePathCount != 0) ? (uintptr_t)m_paths[0].ptr() : (uintptr_t)0, std::memory_order_release); m_bestPath.store((m_alivePathCount != 0) ? (uintptr_t)m_paths[0].ptr() : (uintptr_t)0, std::memory_order_release);
} }
unsigned int Peer::m_sendProbe( unsigned int Peer::m_sendProbe(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, const uint16_t* ports, const unsigned int numPorts)
const Context& ctx,
const CallContext& cc,
int64_t localSocket,
const InetAddress& atAddress,
const uint16_t* ports,
const unsigned int numPorts)
{ {
// Assumes m_lock is locked // Assumes m_lock is locked
@ -620,28 +594,12 @@ unsigned int Peer::m_sendProbe(
InetAddress tmp(atAddress); InetAddress tmp(atAddress);
for (unsigned int i = 0; i < numPorts; ++i) { for (unsigned int i = 0; i < numPorts; ++i) {
tmp.setPort(ports[i]); tmp.setPort(ports[i]);
ctx.cb.wirePacketSendFunction( ctx.cb.wirePacketSendFunction(reinterpret_cast<ZT_Node*>(ctx.node), ctx.uPtr, cc.tPtr, -1, reinterpret_cast<const ZT_InetAddress*>(&tmp), p, ZT_PROTO_MIN_PACKET_LENGTH, 0);
reinterpret_cast<ZT_Node*>(ctx.node),
ctx.uPtr,
cc.tPtr,
-1,
reinterpret_cast<const ZT_InetAddress*>(&tmp),
p,
ZT_PROTO_MIN_PACKET_LENGTH,
0);
} }
return ZT_PROTO_MIN_PACKET_LENGTH * numPorts; return ZT_PROTO_MIN_PACKET_LENGTH * numPorts;
} }
else { else {
ctx.cb.wirePacketSendFunction( ctx.cb.wirePacketSendFunction(reinterpret_cast<ZT_Node*>(ctx.node), ctx.uPtr, cc.tPtr, -1, reinterpret_cast<const ZT_InetAddress*>(&atAddress), p, ZT_PROTO_MIN_PACKET_LENGTH, 0);
reinterpret_cast<ZT_Node*>(ctx.node),
ctx.uPtr,
cc.tPtr,
-1,
reinterpret_cast<const ZT_InetAddress*>(&atAddress),
p,
ZT_PROTO_MIN_PACKET_LENGTH,
0);
return ZT_PROTO_MIN_PACKET_LENGTH; return ZT_PROTO_MIN_PACKET_LENGTH;
} }
} }
@ -766,19 +724,7 @@ unsigned int Peer::m_hello(const Context& ctx, const CallContext& cc, int64_t lo
p1305.finish(polyMac); p1305.finish(polyMac);
Utils::storeMachineEndian<uint64_t>(outp.unsafeData + ZT_PROTO_PACKET_MAC_INDEX, polyMac[0]); Utils::storeMachineEndian<uint64_t>(outp.unsafeData + ZT_PROTO_PACKET_MAC_INDEX, polyMac[0]);
return (likely( return (likely(ctx.cb.wirePacketSendFunction(reinterpret_cast<ZT_Node*>(ctx.node), ctx.uPtr, cc.tPtr, localSocket, reinterpret_cast<const ZT_InetAddress*>(&atAddress), outp.unsafeData, ii, 0) == 0)) ? (unsigned int)ii : 0U;
ctx.cb.wirePacketSendFunction(
reinterpret_cast<ZT_Node*>(ctx.node),
ctx.uPtr,
cc.tPtr,
localSocket,
reinterpret_cast<const ZT_InetAddress*>(&atAddress),
outp.unsafeData,
ii,
0)
== 0))
? (unsigned int)ii
: 0U;
} }
} // namespace ZeroTier } // namespace ZeroTier

13
core/Peer.hpp
View file

@ -125,15 +125,7 @@ class Peer {
* @param verb Packet verb * @param verb Packet verb
* @param inReVerb In-reply verb for OK or ERROR verbs * @param inReVerb In-reply verb for OK or ERROR verbs
*/ */
void received( void received(const Context& ctx, const CallContext& cc, const SharedPtr<Path>& path, unsigned int hops, uint64_t packetId, unsigned int payloadLength, Protocol::Verb verb, Protocol::Verb inReVerb);
const Context& ctx,
const CallContext& cc,
const SharedPtr<Path>& path,
unsigned int hops,
uint64_t packetId,
unsigned int payloadLength,
Protocol::Verb verb,
Protocol::Verb inReVerb);
/** /**
* Log sent data * Log sent data
@ -489,8 +481,7 @@ class Peer {
}; };
void m_prioritizePaths(const CallContext& cc); void m_prioritizePaths(const CallContext& cc);
unsigned int unsigned int m_sendProbe(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, const uint16_t* ports, unsigned int numPorts);
m_sendProbe(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, const uint16_t* ports, unsigned int numPorts);
void m_deriveSecondaryIdentityKeys() noexcept; void m_deriveSecondaryIdentityKeys() noexcept;
unsigned int m_hello(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, bool forceNewKey); unsigned int m_hello(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, bool forceNewKey);

15
core/Poly1305.cpp
View file

@ -309,16 +309,11 @@ void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size
h4 += (U8TO32(m + 12) >> 8) | hibit; h4 += (U8TO32(m + 12) >> 8) | hibit;
/* h *= r */ /* h *= r */
unsigned long long d0 = ((unsigned long long)h0 * r0) + ((unsigned long long)h1 * s4) + ((unsigned long long)h2 * s3) + ((unsigned long long)h3 * s2) unsigned long long d0 = ((unsigned long long)h0 * r0) + ((unsigned long long)h1 * s4) + ((unsigned long long)h2 * s3) + ((unsigned long long)h3 * s2) + ((unsigned long long)h4 * s1);
+ ((unsigned long long)h4 * s1); unsigned long long d1 = ((unsigned long long)h0 * r1) + ((unsigned long long)h1 * r0) + ((unsigned long long)h2 * s4) + ((unsigned long long)h3 * s3) + ((unsigned long long)h4 * s2);
unsigned long long d1 = ((unsigned long long)h0 * r1) + ((unsigned long long)h1 * r0) + ((unsigned long long)h2 * s4) + ((unsigned long long)h3 * s3) unsigned long long d2 = ((unsigned long long)h0 * r2) + ((unsigned long long)h1 * r1) + ((unsigned long long)h2 * r0) + ((unsigned long long)h3 * s4) + ((unsigned long long)h4 * s3);
+ ((unsigned long long)h4 * s2); unsigned long long d3 = ((unsigned long long)h0 * r3) + ((unsigned long long)h1 * r2) + ((unsigned long long)h2 * r1) + ((unsigned long long)h3 * r0) + ((unsigned long long)h4 * s4);
unsigned long long d2 = ((unsigned long long)h0 * r2) + ((unsigned long long)h1 * r1) + ((unsigned long long)h2 * r0) + ((unsigned long long)h3 * s4) unsigned long long d4 = ((unsigned long long)h0 * r4) + ((unsigned long long)h1 * r3) + ((unsigned long long)h2 * r2) + ((unsigned long long)h3 * r1) + ((unsigned long long)h4 * r0);
+ ((unsigned long long)h4 * s3);
unsigned long long d3 = ((unsigned long long)h0 * r3) + ((unsigned long long)h1 * r2) + ((unsigned long long)h2 * r1) + ((unsigned long long)h3 * r0)
+ ((unsigned long long)h4 * s4);
unsigned long long d4 = ((unsigned long long)h0 * r4) + ((unsigned long long)h1 * r3) + ((unsigned long long)h2 * r2) + ((unsigned long long)h3 * r1)
+ ((unsigned long long)h4 * r0);
/* (partial) h %= p */ /* (partial) h %= p */
unsigned long c = (unsigned long)(d0 >> 26); unsigned long c = (unsigned long)(d0 >> 26);

4
core/Protocol.hpp
View file

@ -253,9 +253,7 @@
#define ZT_PROTO_HELLO_NODE_META_EPHEMERAL_ACK "E" #define ZT_PROTO_HELLO_NODE_META_EPHEMERAL_ACK "E"
static_assert(ZT_PROTO_MAX_PACKET_LENGTH < ZT_BUF_MEM_SIZE, "maximum packet length won't fit in Buf"); static_assert(ZT_PROTO_MAX_PACKET_LENGTH < ZT_BUF_MEM_SIZE, "maximum packet length won't fit in Buf");
static_assert( static_assert(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START == (ZT_PROTO_MIN_PACKET_LENGTH - 1), "encrypted packet section must start right before protocol verb at one less than minimum packet size");
ZT_PROTO_PACKET_ENCRYPTED_SECTION_START == (ZT_PROTO_MIN_PACKET_LENGTH - 1),
"encrypted packet section must start right before protocol verb at one less than minimum packet size");
namespace ZeroTier { namespace ZeroTier {
namespace Protocol { namespace Protocol {

33
core/SHA512.cpp
View file

@ -16,22 +16,15 @@ struct sha512_state {
uint8_t buf[128]; uint8_t buf[128];
}; };
static const uint64_t K[80] = { 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, static const uint64_t K[80] = { 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL,
0x59f111f1b605d019ULL, 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL,
0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, 0x983e5152ee66dfabULL, 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL,
0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL,
0x53380d139d95b3dfULL, 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL };
0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, 0x5b9cca4f7763e373ULL,
0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, 0xca273eceea26619cULL,
0xd186b8c721c0c207ULL, 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
0x113f9804bef90daeULL, 0x1b710b35131c471bULL, 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL,
0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL };
#define STORE64H(x, y) Utils::storeBigEndian<uint64_t>(y, x) #define STORE64H(x, y) Utils::storeBigEndian<uint64_t>(y, x)
#define LOAD64H(x, y) x = Utils::loadBigEndian<uint64_t>(y) #define LOAD64H(x, y) x = Utils::loadBigEndian<uint64_t>(y)
@ -58,10 +51,10 @@ static ZT_INLINE void sha512_compress(sha512_state* const md, uint8_t* const buf
for (i = 16; i < 80; i++) for (i = 16; i < 80; i++)
W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16]; W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16];
#define RND(a, b, c, d, e, f, g, h, i) \ #define RND(a, b, c, d, e, f, g, h, i) \
t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \
t1 = Sigma0(a) + Maj(a, b, c); \ t1 = Sigma0(a) + Maj(a, b, c); \
d += t0; \ d += t0; \
h = t0 + t1; h = t0 + t1;
for (i = 0; i < 80; i += 8) { for (i = 0; i < 80; i += 8) {

12
core/Salsa20.cpp
View file

@ -206,15 +206,9 @@ template <unsigned int R> static ZT_INLINE void p_salsaCrypt(p_SalsaState* const
k13 = _mm_shuffle_epi32(k13, _MM_SHUFFLE(0, 1, 2, 3)); k13 = _mm_shuffle_epi32(k13, _MM_SHUFFLE(0, 1, 2, 3));
_mm_storeu_si128(reinterpret_cast<__m128i*>(c), _mm_xor_si128(_mm_unpackhi_epi64(k02, k20), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m)))); _mm_storeu_si128(reinterpret_cast<__m128i*>(c), _mm_xor_si128(_mm_unpackhi_epi64(k02, k20), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m))));
_mm_storeu_si128( _mm_storeu_si128(reinterpret_cast<__m128i*>(c) + 1, _mm_xor_si128(_mm_unpackhi_epi64(k13, k31), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m) + 1)));
reinterpret_cast<__m128i*>(c) + 1, _mm_storeu_si128(reinterpret_cast<__m128i*>(c) + 2, _mm_xor_si128(_mm_unpacklo_epi64(k20, k02), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m) + 2)));
_mm_xor_si128(_mm_unpackhi_epi64(k13, k31), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m) + 1))); _mm_storeu_si128(reinterpret_cast<__m128i*>(c) + 3, _mm_xor_si128(_mm_unpacklo_epi64(k31, k13), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m) + 3)));
_mm_storeu_si128(
reinterpret_cast<__m128i*>(c) + 2,
_mm_xor_si128(_mm_unpacklo_epi64(k20, k02), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m) + 2)));
_mm_storeu_si128(
reinterpret_cast<__m128i*>(c) + 3,
_mm_xor_si128(_mm_unpacklo_epi64(k31, k13), _mm_loadu_si128(reinterpret_cast<const __m128i*>(m) + 3)));
X0 = X0s; X0 = X0s;
X1 = X1s; X1 = X1s;

8
core/SelfAwareness.cpp
View file

@ -29,13 +29,7 @@ SelfAwareness::SelfAwareness(const Context& ctx) : m_ctx(ctx)
{ {
} }
void SelfAwareness::iam( void SelfAwareness::iam(const CallContext& cc, const Identity& reporter, const int64_t receivedOnLocalSocket, const InetAddress& reporterPhysicalAddress, const InetAddress& myPhysicalAddress, bool trusted)
const CallContext& cc,
const Identity& reporter,
const int64_t receivedOnLocalSocket,
const InetAddress& reporterPhysicalAddress,
const InetAddress& myPhysicalAddress,
bool trusted)
{ {
const InetAddress::IpScope scope = myPhysicalAddress.ipScope(); const InetAddress::IpScope scope = myPhysicalAddress.ipScope();

12
core/SelfAwareness.hpp
View file

@ -44,13 +44,7 @@ class SelfAwareness {
* @param myPhysicalAddress Physical address that peer says we have * @param myPhysicalAddress Physical address that peer says we have
* @param trusted True if this peer is trusted as an authority to inform us of external address changes * @param trusted True if this peer is trusted as an authority to inform us of external address changes
*/ */
void void iam(const CallContext& cc, const Identity& reporter, int64_t receivedOnLocalSocket, const InetAddress& reporterPhysicalAddress, const InetAddress& myPhysicalAddress, bool trusted);
iam(const CallContext& cc,
const Identity& reporter,
int64_t receivedOnLocalSocket,
const InetAddress& reporterPhysicalAddress,
const InetAddress& myPhysicalAddress,
bool trusted);
/** /**
* Clean up database periodically * Clean up database periodically
@ -91,9 +85,7 @@ class SelfAwareness {
ZT_INLINE bool operator==(const p_PhySurfaceKey& k) const noexcept ZT_INLINE bool operator==(const p_PhySurfaceKey& k) const noexcept
{ {
return ( return ((reporter == k.reporter) && (receivedOnLocalSocket == k.receivedOnLocalSocket) && (reporterPhysicalAddress == k.reporterPhysicalAddress) && (scope == k.scope));
(reporter == k.reporter) && (receivedOnLocalSocket == k.receivedOnLocalSocket) && (reporterPhysicalAddress == k.reporterPhysicalAddress)
&& (scope == k.scope));
} }
ZT_INLINE bool operator!=(const p_PhySurfaceKey& k) const noexcept ZT_INLINE bool operator!=(const p_PhySurfaceKey& k) const noexcept

4
core/Store.hpp
View file

@ -60,9 +60,7 @@ class Store {
* @param data Data to store * @param data Data to store
* @param len Length of data * @param len Length of data
*/ */
ZT_INLINE void ZT_INLINE void put(const CallContext& cc, ZT_StateObjectType type, const uint64_t* const id, const unsigned int idSize, const void* const data, const unsigned int len) noexcept
put(const CallContext& cc, ZT_StateObjectType type, const uint64_t* const id, const unsigned int idSize, const void* const data, const unsigned int len)
noexcept
{ {
m_ctx.cb.statePutFunction(reinterpret_cast<ZT_Node*>(this), m_ctx.uPtr, cc.tPtr, type, id, idSize, data, (int)len); m_ctx.cb.statePutFunction(reinterpret_cast<ZT_Node*>(this), m_ctx.uPtr, cc.tPtr, type, id, idSize, data, (int)len);
} }

1517
core/Tests.cpp
View file

File diff suppressed because it is too large Load diff

3
core/Topology.cpp
View file

@ -74,8 +74,7 @@ void Topology::doPeriodicTasks(const CallContext& cc)
for (Map<Address, SharedPtr<Peer> >::iterator i(m_peers.begin()); i != m_peers.end(); ++i) { for (Map<Address, SharedPtr<Peer> >::iterator i(m_peers.begin()); i != m_peers.end(); ++i) {
// TODO: also delete if the peer has not exchanged meaningful communication in a while, such as a // TODO: also delete if the peer has not exchanged meaningful communication in a while, such as a
// network frame or non-trivial control packet. // network frame or non-trivial control packet.
if (((cc.ticks - i->second->lastReceive()) > ZT_PEER_ALIVE_TIMEOUT) if (((cc.ticks - i->second->lastReceive()) > ZT_PEER_ALIVE_TIMEOUT) && (! std::binary_search(rootLookup.begin(), rootLookup.end(), reinterpret_cast<uintptr_t>(i->second.ptr()))))
&& (! std::binary_search(rootLookup.begin(), rootLookup.end(), reinterpret_cast<uintptr_t>(i->second.ptr()))))
toDelete.push_back(i->first); toDelete.push_back(i->first);
} }
} }

49
core/Trace.cpp
View file

@ -37,14 +37,7 @@ void Trace::unexpectedError(const CallContext& cc, uint32_t codeLocation, const
m_ctx.node->postEvent(cc.tPtr, ZT_EVENT_TRACE, buf.data()); m_ctx.node->postEvent(cc.tPtr, ZT_EVENT_TRACE, buf.data());
} }
void Trace::m_resettingPathsInScope( void Trace::m_resettingPathsInScope(void* tPtr, uint32_t codeLocation, const Identity& reporter, const InetAddress& from, const InetAddress& oldExternal, const InetAddress& newExternal, ZT_InetAddress_IpScope scope)
void* tPtr,
uint32_t codeLocation,
const Identity& reporter,
const InetAddress& from,
const InetAddress& oldExternal,
const InetAddress& newExternal,
ZT_InetAddress_IpScope scope)
{ {
FCV<uint8_t, 4096> buf; FCV<uint8_t, 4096> buf;
Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_RESETTING_PATHS_IN_SCOPE); Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_RESETTING_PATHS_IN_SCOPE);
@ -89,13 +82,7 @@ void Trace::m_tryingNewPath(
} }
} }
void Trace::m_learnedNewPath( void Trace::m_learnedNewPath(void* tPtr, uint32_t codeLocation, uint64_t packetId, const Identity& peerIdentity, const InetAddress& physicalAddress, const InetAddress& replaced)
void* tPtr,
uint32_t codeLocation,
uint64_t packetId,
const Identity& peerIdentity,
const InetAddress& physicalAddress,
const InetAddress& replaced)
{ {
if (peerIdentity) { if (peerIdentity) {
FCV<uint8_t, 4096> buf; FCV<uint8_t, 4096> buf;
@ -112,16 +99,7 @@ void Trace::m_learnedNewPath(
} }
} }
void Trace::m_incomingPacketDropped( void Trace::m_incomingPacketDropped(void* tPtr, uint32_t codeLocation, uint64_t packetId, uint64_t networkId, const Identity& peerIdentity, const InetAddress& physicalAddress, uint8_t hops, uint8_t verb, ZT_TracePacketDropReason reason)
void* tPtr,
uint32_t codeLocation,
uint64_t packetId,
uint64_t networkId,
const Identity& peerIdentity,
const InetAddress& physicalAddress,
uint8_t hops,
uint8_t verb,
ZT_TracePacketDropReason reason)
{ {
FCV<uint8_t, 4096> buf; FCV<uint8_t, 4096> buf;
Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_INCOMING_PACKET_DROPPED); Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_INCOMING_PACKET_DROPPED);
@ -139,16 +117,7 @@ void Trace::m_incomingPacketDropped(
m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data()); m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data());
} }
void Trace::m_outgoingNetworkFrameDropped( void Trace::m_outgoingNetworkFrameDropped(void* tPtr, uint32_t codeLocation, uint64_t networkId, const MAC& sourceMac, const MAC& destMac, uint16_t etherType, uint16_t frameLength, const uint8_t* frameData, ZT_TraceFrameDropReason reason)
void* tPtr,
uint32_t codeLocation,
uint64_t networkId,
const MAC& sourceMac,
const MAC& destMac,
uint16_t etherType,
uint16_t frameLength,
const uint8_t* frameData,
ZT_TraceFrameDropReason reason)
{ {
FCV<uint8_t, 4096> buf; FCV<uint8_t, 4096> buf;
Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_INCOMING_PACKET_DROPPED); Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_INCOMING_PACKET_DROPPED);
@ -258,15 +227,7 @@ void Trace::m_networkFilter(
m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data()); m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data());
} }
void Trace::m_credentialRejected( void Trace::m_credentialRejected(void* tPtr, uint32_t codeLocation, uint64_t networkId, const Identity& identity, uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason)
void* tPtr,
uint32_t codeLocation,
uint64_t networkId,
const Identity& identity,
uint32_t credentialId,
int64_t credentialTimestamp,
uint8_t credentialType,
ZT_TraceCredentialRejectionReason reason)
{ {
FCV<uint8_t, 4096> buf; FCV<uint8_t, 4096> buf;
Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL2_NETWORK_CREDENTIAL_REJECTED); Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL2_NETWORK_CREDENTIAL_REJECTED);

94
core/Trace.hpp
View file

@ -81,14 +81,8 @@ class Trace {
void unexpectedError(const CallContext& cc, uint32_t codeLocation, const char* message, ...); void unexpectedError(const CallContext& cc, uint32_t codeLocation, const char* message, ...);
ZT_INLINE void resettingPathsInScope( ZT_INLINE void
const CallContext& cc, resettingPathsInScope(const CallContext& cc, const uint32_t codeLocation, const Identity& reporter, const InetAddress& from, const InetAddress& oldExternal, const InetAddress& newExternal, const InetAddress::IpScope scope)
const uint32_t codeLocation,
const Identity& reporter,
const InetAddress& from,
const InetAddress& oldExternal,
const InetAddress& newExternal,
const InetAddress::IpScope scope)
{ {
if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0)) if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0))
m_resettingPathsInScope(cc.tPtr, codeLocation, reporter, from, oldExternal, newExternal, scope); m_resettingPathsInScope(cc.tPtr, codeLocation, reporter, from, oldExternal, newExternal, scope);
@ -108,13 +102,7 @@ class Trace {
m_tryingNewPath(cc.tPtr, codeLocation, trying, physicalAddress, triggerAddress, triggeringPacketId, triggeringPacketVerb, triggeringPeer); m_tryingNewPath(cc.tPtr, codeLocation, trying, physicalAddress, triggerAddress, triggeringPacketId, triggeringPacketVerb, triggeringPeer);
} }
ZT_INLINE void learnedNewPath( ZT_INLINE void learnedNewPath(const CallContext& cc, const uint32_t codeLocation, uint64_t packetId, const Identity& peerIdentity, const InetAddress& physicalAddress, const InetAddress& replaced)
const CallContext& cc,
const uint32_t codeLocation,
uint64_t packetId,
const Identity& peerIdentity,
const InetAddress& physicalAddress,
const InetAddress& replaced)
{ {
if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0)) if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0))
m_learnedNewPath(cc.tPtr, codeLocation, packetId, peerIdentity, physicalAddress, replaced); m_learnedNewPath(cc.tPtr, codeLocation, packetId, peerIdentity, physicalAddress, replaced);
@ -167,21 +155,7 @@ class Trace {
ZT_TraceFrameDropReason reason) ZT_TraceFrameDropReason reason)
{ {
if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0)) if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0))
m_incomingNetworkFrameDropped( m_incomingNetworkFrameDropped(cc.tPtr, codeLocation, networkId, sourceMac, destMac, etherType, peerIdentity, physicalAddress, hops, frameLength, frameData, verb, credentialRequestSent, reason);
cc.tPtr,
codeLocation,
networkId,
sourceMac,
destMac,
etherType,
peerIdentity,
physicalAddress,
hops,
frameLength,
frameData,
verb,
credentialRequestSent,
reason);
} }
ZT_INLINE void networkConfigRequestSent(const CallContext& cc, const uint32_t codeLocation, uint64_t networkId) ZT_INLINE void networkConfigRequestSent(const CallContext& cc, const uint32_t codeLocation, uint64_t networkId)
@ -233,29 +207,15 @@ class Trace {
} }
} }
ZT_INLINE void credentialRejected( ZT_INLINE void
const CallContext& cc, credentialRejected(const CallContext& cc, const uint32_t codeLocation, uint64_t networkId, const Identity& identity, uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason)
const uint32_t codeLocation,
uint64_t networkId,
const Identity& identity,
uint32_t credentialId,
int64_t credentialTimestamp,
uint8_t credentialType,
ZT_TraceCredentialRejectionReason reason)
{ {
if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0)) if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0))
m_credentialRejected(cc.tPtr, codeLocation, networkId, identity, credentialId, credentialTimestamp, credentialType, reason); m_credentialRejected(cc.tPtr, codeLocation, networkId, identity, credentialId, credentialTimestamp, credentialType, reason);
} }
private: private:
void m_resettingPathsInScope( void m_resettingPathsInScope(void* tPtr, uint32_t codeLocation, const Identity& reporter, const InetAddress& from, const InetAddress& oldExternal, const InetAddress& newExternal, InetAddress::IpScope scope);
void* tPtr,
uint32_t codeLocation,
const Identity& reporter,
const InetAddress& from,
const InetAddress& oldExternal,
const InetAddress& newExternal,
InetAddress::IpScope scope);
void m_tryingNewPath( void m_tryingNewPath(
void* tPtr, void* tPtr,
@ -267,35 +227,11 @@ class Trace {
uint8_t triggeringPacketVerb, uint8_t triggeringPacketVerb,
const Identity& triggeringPeer); const Identity& triggeringPeer);
void m_learnedNewPath( void m_learnedNewPath(void* tPtr, uint32_t codeLocation, uint64_t packetId, const Identity& peerIdentity, const InetAddress& physicalAddress, const InetAddress& replaced);
void* tPtr,
uint32_t codeLocation,
uint64_t packetId,
const Identity& peerIdentity,
const InetAddress& physicalAddress,
const InetAddress& replaced);
void m_incomingPacketDropped( void m_incomingPacketDropped(void* tPtr, uint32_t codeLocation, uint64_t packetId, uint64_t networkId, const Identity& peerIdentity, const InetAddress& physicalAddress, uint8_t hops, uint8_t verb, ZT_TracePacketDropReason reason);
void* tPtr,
uint32_t codeLocation,
uint64_t packetId,
uint64_t networkId,
const Identity& peerIdentity,
const InetAddress& physicalAddress,
uint8_t hops,
uint8_t verb,
ZT_TracePacketDropReason reason);
void m_outgoingNetworkFrameDropped( void m_outgoingNetworkFrameDropped(void* tPtr, uint32_t codeLocation, uint64_t networkId, const MAC& sourceMac, const MAC& destMac, uint16_t etherType, uint16_t frameLength, const uint8_t* frameData, ZT_TraceFrameDropReason reason);
void* tPtr,
uint32_t codeLocation,
uint64_t networkId,
const MAC& sourceMac,
const MAC& destMac,
uint16_t etherType,
uint16_t frameLength,
const uint8_t* frameData,
ZT_TraceFrameDropReason reason);
void m_incomingNetworkFrameDropped( void m_incomingNetworkFrameDropped(
void* tPtr, void* tPtr,
@ -335,15 +271,7 @@ class Trace {
bool inbound, bool inbound,
int accept); int accept);
void m_credentialRejected( void m_credentialRejected(void* tPtr, uint32_t codeLocation, uint64_t networkId, const Identity& identity, uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason);
void* tPtr,
uint32_t codeLocation,
uint64_t networkId,
const Identity& identity,
uint32_t credentialId,
int64_t credentialTimestamp,
uint8_t credentialType,
ZT_TraceCredentialRejectionReason reason);
const Context& m_ctx; const Context& m_ctx;
volatile unsigned int m_traceFlags; // faster than atomic, but may not "instantly" change... should be okay volatile unsigned int m_traceFlags; // faster than atomic, but may not "instantly" change... should be okay

21
core/TrustStore.cpp
View file

@ -42,8 +42,7 @@ Map<Identity, SharedPtr<const Locator> > TrustStore::roots()
for (Map<Fingerprint, Vector<SharedPtr<Entry> > >::const_iterator cv(m_bySubjectIdentity.begin()); cv != m_bySubjectIdentity.end(); ++cv) { for (Map<Fingerprint, Vector<SharedPtr<Entry> > >::const_iterator cv(m_bySubjectIdentity.begin()); cv != m_bySubjectIdentity.end(); ++cv) {
for (Vector<SharedPtr<Entry> >::const_iterator c(cv->second.begin()); c != cv->second.end(); ++c) { for (Vector<SharedPtr<Entry> >::const_iterator c(cv->second.begin()); c != cv->second.end(); ++c) {
// A root set cert must be marked for this use and authorized to influence this node's config. // A root set cert must be marked for this use and authorized to influence this node's config.
if ((((*c)->m_certificate.usageFlags & ZT_CERTIFICATE_USAGE_ZEROTIER_ROOT_SET) != 0) if ((((*c)->m_certificate.usageFlags & ZT_CERTIFICATE_USAGE_ZEROTIER_ROOT_SET) != 0) && (((*c)->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_CONFIG) != 0)) {
&& (((*c)->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_CONFIG) != 0)) {
// Add all identities to the root set, and for each entry in the set make sure we have the latest // Add all identities to the root set, and for each entry in the set make sure we have the latest
// locator if there's more than one cert with one. // locator if there's more than one cert with one.
for (unsigned int j = 0; j < (*c)->certificate().subject.identityCount; ++j) { for (unsigned int j = 0; j < (*c)->certificate().subject.identityCount; ++j) {
@ -150,8 +149,7 @@ bool TrustStore::update(const int64_t clock, Vector<SharedPtr<Entry> >* const pu
Vector<Entry*> visited; Vector<Entry*> visited;
visited.reserve(8); visited.reserve(8);
for (Map<H384, SharedPtr<Entry> >::iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { for (Map<H384, SharedPtr<Entry> >::iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) {
if ((c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) && (! c->second->m_onTrustPath) if ((c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) && (! c->second->m_onTrustPath) && ((c->second->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_ROOT_CA) == 0)) {
&& ((c->second->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_ROOT_CA) == 0)) {
// Trace the path of each certificate all the way back to a trusted CA. // Trace the path of each certificate all the way back to a trusted CA.
unsigned int pathLength = 0; unsigned int pathLength = 0;
Map<H384, SharedPtr<Entry> >::const_iterator current(c); Map<H384, SharedPtr<Entry> >::const_iterator current(c);
@ -167,14 +165,9 @@ bool TrustStore::update(const int64_t clock, Vector<SharedPtr<Entry> >* const pu
visited.push_back(current->second.ptr()); visited.push_back(current->second.ptr());
const Map<H384, SharedPtr<Entry> >::const_iterator prevChild(current); const Map<H384, SharedPtr<Entry> >::const_iterator prevChild(current);
current = m_bySerial.find(H384(current->second->m_certificate.issuer)); current = m_bySerial.find(H384(current->second->m_certificate.issuer));
if ((current != m_bySerial.end()) && (std::find(visited.begin(), visited.end(), current->second.ptr()) == visited.end()) if ((current != m_bySerial.end()) && (std::find(visited.begin(), visited.end(), current->second.ptr()) == visited.end()) && (current->second->m_error == ZT_CERTIFICATE_ERROR_NONE)
&& (current->second->m_error == ZT_CERTIFICATE_ERROR_NONE)
&& (current->second->m_certificate.publicKeySize == prevChild->second->m_certificate.issuerPublicKeySize) && (current->second->m_certificate.publicKeySize == prevChild->second->m_certificate.issuerPublicKeySize)
&& (memcmp( && (memcmp(current->second->m_certificate.publicKey, prevChild->second->m_certificate.issuerPublicKey, current->second->m_certificate.publicKeySize) == 0)) {
current->second->m_certificate.publicKey,
prevChild->second->m_certificate.issuerPublicKey,
current->second->m_certificate.publicKeySize)
== 0)) {
++pathLength; ++pathLength;
continue; continue;
} }
@ -208,8 +201,7 @@ bool TrustStore::update(const int64_t clock, Vector<SharedPtr<Entry> >* const pu
if (c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) { if (c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) {
const unsigned int uniqueIdSize = c->second->m_certificate.subject.uniqueIdSize; const unsigned int uniqueIdSize = c->second->m_certificate.subject.uniqueIdSize;
if ((uniqueIdSize > 0) && (uniqueIdSize <= ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE)) { if ((uniqueIdSize > 0) && (uniqueIdSize <= ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE)) {
SharedPtr<Entry>& entry = SharedPtr<Entry>& entry = m_bySubjectUniqueId[Blob<ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE>(c->second->m_certificate.subject.uniqueId, uniqueIdSize)];
m_bySubjectUniqueId[Blob<ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE>(c->second->m_certificate.subject.uniqueId, uniqueIdSize)];
if (entry) { if (entry) {
// If there's already an entry, see if there's a newer certificate for this subject. // If there's already an entry, see if there's a newer certificate for this subject.
if (c->second->m_certificate.subject.timestamp > entry->m_certificate.subject.timestamp) { if (c->second->m_certificate.subject.timestamp > entry->m_certificate.subject.timestamp) {
@ -325,8 +317,7 @@ int TrustStore::load(const Vector<uint8_t>& data)
Vector<uint8_t> uncomp; Vector<uint8_t> uncomp;
uncomp.resize(uncompSize); uncomp.resize(uncompSize);
if (LZ4_decompress_safe(reinterpret_cast<const char*>(data.data() + 8), reinterpret_cast<char*>(uncomp.data()), (int)(data.size() - 8), (int)uncompSize) if (LZ4_decompress_safe(reinterpret_cast<const char*>(data.data() + 8), reinterpret_cast<char*>(uncomp.data()), (int)(data.size() - 8), (int)uncompSize) != (int)uncompSize)
!= (int)uncompSize)
return -1; return -1;
const uint8_t* b = uncomp.data(); const uint8_t* b = uncomp.data();
if (Utils::fnv1a32(b, (unsigned int)uncompSize) != Utils::loadBigEndian<uint32_t>(data.data() + 4)) if (Utils::fnv1a32(b, (unsigned int)uncompSize) != Utils::loadBigEndian<uint32_t>(data.data() + 4))

17
core/Utils.hpp
View file

@ -36,10 +36,9 @@ namespace Utils {
// Macros to convert endian-ness at compile time for constants. // Macros to convert endian-ness at compile time for constants.
#if __BYTE_ORDER == __LITTLE_ENDIAN #if __BYTE_ORDER == __LITTLE_ENDIAN
#define ZT_CONST_TO_BE_UINT16(x) ((uint16_t)((uint16_t)((uint16_t)(x) << 8U) | (uint16_t)((uint16_t)(x) >> 8U))) #define ZT_CONST_TO_BE_UINT16(x) ((uint16_t)((uint16_t)((uint16_t)(x) << 8U) | (uint16_t)((uint16_t)(x) >> 8U)))
#define ZT_CONST_TO_BE_UINT64(x) \ #define ZT_CONST_TO_BE_UINT64(x) \
((((uint64_t)(x)&0x00000000000000ffULL) << 56U) | (((uint64_t)(x)&0x000000000000ff00ULL) << 40U) | (((uint64_t)(x)&0x0000000000ff0000ULL) << 24U) \ ((((uint64_t)(x)&0x00000000000000ffULL) << 56U) | (((uint64_t)(x)&0x000000000000ff00ULL) << 40U) | (((uint64_t)(x)&0x0000000000ff0000ULL) << 24U) | (((uint64_t)(x)&0x00000000ff000000ULL) << 8U) \
| (((uint64_t)(x)&0x00000000ff000000ULL) << 8U) | (((uint64_t)(x)&0x000000ff00000000ULL) >> 8U) | (((uint64_t)(x)&0x0000ff0000000000ULL) >> 24U) \ | (((uint64_t)(x)&0x000000ff00000000ULL) >> 8U) | (((uint64_t)(x)&0x0000ff0000000000ULL) >> 24U) | (((uint64_t)(x)&0x00ff000000000000ULL) >> 40U) | (((uint64_t)(x)&0xff00000000000000ULL) >> 56U))
| (((uint64_t)(x)&0x00ff000000000000ULL) >> 40U) | (((uint64_t)(x)&0xff00000000000000ULL) >> 56U))
#else #else
#define ZT_CONST_TO_BE_UINT16(x) ((uint16_t)(x)) #define ZT_CONST_TO_BE_UINT16(x) ((uint16_t)(x))
#define ZT_CONST_TO_BE_UINT64(x) ((uint64_t)(x)) #define ZT_CONST_TO_BE_UINT64(x) ((uint64_t)(x))
@ -301,8 +300,8 @@ static ZT_INLINE uint64_t swapBytes(const uint64_t n) noexcept
return (uint64_t)_byteswap_uint64((unsigned __int64)n); return (uint64_t)_byteswap_uint64((unsigned __int64)n);
#else #else
return ( return (
((n & 0x00000000000000ffULL) << 56) | ((n & 0x000000000000ff00ULL) << 40) | ((n & 0x0000000000ff0000ULL) << 24) | ((n & 0x00000000ff000000ULL) << 8) ((n & 0x00000000000000ffULL) << 56) | ((n & 0x000000000000ff00ULL) << 40) | ((n & 0x0000000000ff0000ULL) << 24) | ((n & 0x00000000ff000000ULL) << 8) | ((n & 0x000000ff00000000ULL) >> 8) | ((n & 0x0000ff0000000000ULL) >> 24)
| ((n & 0x000000ff00000000ULL) >> 8) | ((n & 0x0000ff0000000000ULL) >> 24) | ((n & 0x00ff000000000000ULL) >> 40) | ((n & 0xff00000000000000ULL) >> 56)); | ((n & 0x00ff000000000000ULL) >> 40) | ((n & 0xff00000000000000ULL) >> 56));
#endif #endif
#endif #endif
} }
@ -411,8 +410,7 @@ template <typename I> class _load_be_bysize<I, 8> {
public: public:
static ZT_INLINE I l(const uint8_t* const p) noexcept static ZT_INLINE I l(const uint8_t* const p) noexcept
{ {
return ( return (I)(((uint64_t)p[0] << 56U) | ((uint64_t)p[1] << 48U) | ((uint64_t)p[2] << 40U) | ((uint64_t)p[3] << 32U) | ((uint64_t)p[4] << 24U) | ((uint64_t)p[5] << 16U) | ((uint64_t)p[6] << 8U) | (uint64_t)p[7]);
I)(((uint64_t)p[0] << 56U) | ((uint64_t)p[1] << 48U) | ((uint64_t)p[2] << 40U) | ((uint64_t)p[3] << 32U) | ((uint64_t)p[4] << 24U) | ((uint64_t)p[5] << 16U) | ((uint64_t)p[6] << 8U) | (uint64_t)p[7]);
} }
}; };
@ -446,8 +444,7 @@ template <typename I> class _load_le_bysize<I, 8> {
public: public:
static ZT_INLINE I l(const uint8_t* const p) noexcept static ZT_INLINE I l(const uint8_t* const p) noexcept
{ {
return ( return (I)((uint64_t)p[0] | ((uint64_t)p[1] << 8U) | ((uint64_t)p[2] << 16U) | ((uint64_t)p[3] << 24U) | ((uint64_t)p[4] << 32U) | ((uint64_t)p[5] << 40U) | ((uint64_t)p[6] << 48U) | ((uint64_t)p[7]) << 56U);
I)((uint64_t)p[0] | ((uint64_t)p[1] << 8U) | ((uint64_t)p[2] << 16U) | ((uint64_t)p[3] << 24U) | ((uint64_t)p[4] << 32U) | ((uint64_t)p[5] << 40U) | ((uint64_t)p[6] << 48U) | ((uint64_t)p[7]) << 56U);
} }
}; };

335
core/VL1.cpp
View file

@ -41,10 +41,7 @@ struct p_SalsaPolyCopyFunction {
Poly1305 poly1305; Poly1305 poly1305;
unsigned int hdrRemaining; unsigned int hdrRemaining;
ZT_INLINE p_SalsaPolyCopyFunction(const void* salsaKey, const void* salsaIv) ZT_INLINE p_SalsaPolyCopyFunction(const void* salsaKey, const void* salsaIv) : s20(salsaKey, salsaIv), poly1305(), hdrRemaining(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START)
: s20(salsaKey, salsaIv)
, poly1305()
, hdrRemaining(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START)
{ {
uint8_t macKey[ZT_POLY1305_KEY_SIZE]; uint8_t macKey[ZT_POLY1305_KEY_SIZE];
s20.crypt12(Utils::ZERO256, macKey, ZT_POLY1305_KEY_SIZE); s20.crypt12(Utils::ZERO256, macKey, ZT_POLY1305_KEY_SIZE);
@ -135,16 +132,7 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
static_assert(ZT_PROTO_PACKET_FRAGMENT_COUNTS < ZT_PROTO_MIN_FRAGMENT_LENGTH, "overflow"); static_assert(ZT_PROTO_PACKET_FRAGMENT_COUNTS < ZT_PROTO_MIN_FRAGMENT_LENGTH, "overflow");
const unsigned int totalFragments = (data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] >> 4U) & 0x0fU; const unsigned int totalFragments = (data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] >> 4U) & 0x0fU;
const unsigned int fragmentNo = data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] & 0x0fU; const unsigned int fragmentNo = data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] & 0x0fU;
switch (m_inputPacketAssembler.assemble( switch (m_inputPacketAssembler.assemble(packetId, pktv, data, ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT, len - ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT, fragmentNo, totalFragments, cc.ticks, path)) {
packetId,
pktv,
data,
ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT,
len - ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT,
fragmentNo,
totalFragments,
cc.ticks,
path)) {
case Defragmenter<ZT_MAX_PACKET_FRAGMENTS>::COMPLETE: case Defragmenter<ZT_MAX_PACKET_FRAGMENTS>::COMPLETE:
break; break;
default: default:
@ -207,18 +195,11 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
int pktSize = 0; int pktSize = 0;
static_assert(ZT_PROTO_PACKET_VERB_INDEX < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); static_assert(ZT_PROTO_PACKET_VERB_INDEX < ZT_PROTO_MIN_PACKET_LENGTH, "overflow");
if (unlikely( if (unlikely(((cipher == ZT_PROTO_CIPHER_POLY1305_NONE) || (cipher == ZT_PROTO_CIPHER_NONE)) && ((hdr[ZT_PROTO_PACKET_VERB_INDEX] & ZT_PROTO_VERB_MASK) == Protocol::VERB_HELLO))) {
((cipher == ZT_PROTO_CIPHER_POLY1305_NONE) || (cipher == ZT_PROTO_CIPHER_NONE))
&& ((hdr[ZT_PROTO_PACKET_VERB_INDEX] & ZT_PROTO_VERB_MASK) == Protocol::VERB_HELLO))) {
// Handle unencrypted HELLO packets. // Handle unencrypted HELLO packets.
pktSize = pktv.mergeCopy(*pkt); pktSize = pktv.mergeCopy(*pkt);
if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) { if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) {
ZT_SPEW( ZT_SPEW("discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize);
"discarding packet %.16llx from %s(%s): assembled packet size: %d",
packetId,
source.toString().c_str(),
fromAddr.toString().c_str(),
pktSize);
return; return;
} }
const SharedPtr<Peer> peer(m_HELLO(cc, path, *pkt, pktSize)); const SharedPtr<Peer> peer(m_HELLO(cc, path, *pkt, pktSize));
@ -242,12 +223,7 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
pktSize = pktv.mergeMap<p_PolyCopyFunction&>(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf); pktSize = pktv.mergeMap<p_PolyCopyFunction&>(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf);
if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) { if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) {
ZT_SPEW( ZT_SPEW("discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize);
"discarding packet %.16llx from %s(%s): assembled packet size: %d",
packetId,
source.toString().c_str(),
fromAddr.toString().c_str(),
pktSize);
return; return;
} }
@ -255,21 +231,8 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
s20cf.poly1305.finish(mac); s20cf.poly1305.finish(mac);
static_assert((ZT_PROTO_PACKET_MAC_INDEX + 8) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); static_assert((ZT_PROTO_PACKET_MAC_INDEX + 8) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow");
if (unlikely(Utils::loadMachineEndian<uint64_t>(hdr + ZT_PROTO_PACKET_MAC_INDEX) != mac[0])) { if (unlikely(Utils::loadMachineEndian<uint64_t>(hdr + ZT_PROTO_PACKET_MAC_INDEX) != mac[0])) {
ZT_SPEW( ZT_SPEW("discarding packet %.16llx from %s(%s): packet MAC failed (none/poly1305)", packetId, source.toString().c_str(), fromAddr.toString().c_str());
"discarding packet %.16llx from %s(%s): packet MAC failed (none/poly1305)", m_ctx.t->incomingPacketDropped(cc, 0xcc89c812, packetId, 0, peer->identity(), path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
packetId,
source.toString().c_str(),
fromAddr.toString().c_str());
m_ctx.t->incomingPacketDropped(
cc,
0xcc89c812,
packetId,
0,
peer->identity(),
path->address(),
hops,
Protocol::VERB_NOP,
ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return; return;
} }
@ -283,12 +246,7 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
pktSize = pktv.mergeMap<p_SalsaPolyCopyFunction&>(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf); pktSize = pktv.mergeMap<p_SalsaPolyCopyFunction&>(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf);
if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) { if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) {
ZT_SPEW( ZT_SPEW("discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize);
"discarding packet %.16llx from %s(%s): assembled packet size: %d",
packetId,
source.toString().c_str(),
fromAddr.toString().c_str(),
pktSize);
return; return;
} }
@ -296,21 +254,8 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
s20cf.poly1305.finish(mac); s20cf.poly1305.finish(mac);
static_assert((ZT_PROTO_PACKET_MAC_INDEX + 8) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); static_assert((ZT_PROTO_PACKET_MAC_INDEX + 8) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow");
if (unlikely(Utils::loadMachineEndian<uint64_t>(hdr + ZT_PROTO_PACKET_MAC_INDEX) != mac[0])) { if (unlikely(Utils::loadMachineEndian<uint64_t>(hdr + ZT_PROTO_PACKET_MAC_INDEX) != mac[0])) {
ZT_SPEW( ZT_SPEW("discarding packet %.16llx from %s(%s): packet MAC failed (salsa/poly1305)", packetId, source.toString().c_str(), fromAddr.toString().c_str());
"discarding packet %.16llx from %s(%s): packet MAC failed (salsa/poly1305)", m_ctx.t->incomingPacketDropped(cc, 0xcc89c812, packetId, 0, peer->identity(), path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
packetId,
source.toString().c_str(),
fromAddr.toString().c_str());
m_ctx.t->incomingPacketDropped(
cc,
0xcc89c812,
packetId,
0,
peer->identity(),
path->address(),
hops,
Protocol::VERB_NOP,
ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return; return;
} }
@ -326,16 +271,7 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
} break; } break;
default: default:
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x5b001099, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
cc,
0x5b001099,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_NOP,
ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
return; return;
} }
} }
@ -381,16 +317,7 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
pktSize = ZT_PROTO_PACKET_PAYLOAD_START + uncompressedLen; pktSize = ZT_PROTO_PACKET_PAYLOAD_START + uncompressedLen;
} }
else { else {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0xee9e4392, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, verb, ZT_TRACE_PACKET_DROP_REASON_INVALID_COMPRESSED_DATA);
cc,
0xee9e4392,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
verb,
ZT_TRACE_PACKET_DROP_REASON_INVALID_COMPRESSED_DATA);
return; return;
} }
} }
@ -463,16 +390,7 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA
break; break;
default: default:
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0xeeeeeff0, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, verb, ZT_TRACE_PACKET_DROP_REASON_UNRECOGNIZED_VERB);
cc,
0xeeeeeff0,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
verb,
ZT_TRACE_PACKET_DROP_REASON_UNRECOGNIZED_VERB);
break; break;
} }
if (likely(ok)) if (likely(ok))
@ -555,16 +473,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
const uint8_t protoVersion = pkt.lI8<ZT_PROTO_PACKET_PAYLOAD_START>(); const uint8_t protoVersion = pkt.lI8<ZT_PROTO_PACKET_PAYLOAD_START>();
if (unlikely(protoVersion < ZT_PROTO_VERSION_MIN)) { if (unlikely(protoVersion < ZT_PROTO_VERSION_MIN)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x907a9891, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_PEER_TOO_OLD);
cc,
0x907a9891,
packetId,
0,
Identity::NIL,
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_PEER_TOO_OLD);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
const unsigned int versionMajor = pkt.lI8<ZT_PROTO_PACKET_PAYLOAD_START + 1>(); const unsigned int versionMajor = pkt.lI8<ZT_PROTO_PACKET_PAYLOAD_START + 1>();
@ -577,29 +486,11 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
// Get identity and verify that it matches the sending address in the packet. // Get identity and verify that it matches the sending address in the packet.
Identity id; Identity id;
if (unlikely(pkt.rO(ii, id) < 0)) { if (unlikely(pkt.rO(ii, id) < 0)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9810, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
cc,
0x707a9810,
packetId,
0,
Identity::NIL,
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
if (unlikely(id.address() != Address(pkt.unsafeData + ZT_PROTO_PACKET_SOURCE_INDEX))) { if (unlikely(id.address() != Address(pkt.unsafeData + ZT_PROTO_PACKET_SOURCE_INDEX))) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9010, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
cc,
0x707a9010,
packetId,
0,
Identity::NIL,
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
@ -607,16 +498,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
SharedPtr<Peer> peer(m_ctx.topology->peer(cc, id.address(), true)); SharedPtr<Peer> peer(m_ctx.topology->peer(cc, id.address(), true));
if (peer) { if (peer) {
if (unlikely(peer->identity() != id)) { if (unlikely(peer->identity() != id)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
cc,
0x707a9891,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
if (unlikely(peer->deduplicateIncomingPacket(packetId))) { if (unlikely(peer->deduplicateIncomingPacket(packetId))) {
@ -626,30 +508,12 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
} }
else { else {
if (unlikely(! id.locallyValidate())) { if (unlikely(! id.locallyValidate())) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9892, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
cc,
0x707a9892,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
peer.set(new Peer()); peer.set(new Peer());
if (unlikely(! peer->init(m_ctx, cc, id))) { if (unlikely(! peer->init(m_ctx, cc, id))) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9893, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_UNSPECIFIED);
cc,
0x707a9893,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_UNSPECIFIED);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
peer = m_ctx.topology->add(cc, peer); peer = m_ctx.topology->add(cc, peer);
@ -665,16 +529,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
// field is ignored, and eventually it'll be undefined. // field is ignored, and eventually it'll be undefined.
uint8_t hmac[ZT_HMACSHA384_LEN]; uint8_t hmac[ZT_HMACSHA384_LEN];
if (unlikely(packetSize < ZT_HMACSHA384_LEN)) { if (unlikely(packetSize < ZT_HMACSHA384_LEN)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0xab9c9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
cc,
0xab9c9891,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
packetSize -= ZT_HMACSHA384_LEN; packetSize -= ZT_HMACSHA384_LEN;
@ -682,16 +537,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
Utils::storeMachineEndian<uint64_t>(pkt.unsafeData + ZT_PROTO_PACKET_MAC_INDEX, 0); // set MAC field to 0 Utils::storeMachineEndian<uint64_t>(pkt.unsafeData + ZT_PROTO_PACKET_MAC_INDEX, 0); // set MAC field to 0
HMACSHA384(peer->identityHelloHmacKey(), pkt.unsafeData, packetSize, hmac); HMACSHA384(peer->identityHelloHmacKey(), pkt.unsafeData, packetSize, hmac);
if (unlikely(! Utils::secureEq(hmac, pkt.unsafeData + packetSize, ZT_HMACSHA384_LEN))) { if (unlikely(! Utils::secureEq(hmac, pkt.unsafeData + packetSize, ZT_HMACSHA384_LEN))) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
cc,
0x707a9891,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
} }
@ -707,8 +553,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
uint64_t polyMac[2]; uint64_t polyMac[2];
poly1305.finish(polyMac); poly1305.finish(polyMac);
if (unlikely(mac != polyMac[0])) { if (unlikely(mac != polyMac[0])) {
m_ctx.t m_ctx.t->incomingPacketDropped(cc, 0x11bfff82, packetId, 0, id, path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
->incomingPacketDropped(cc, 0x11bfff82, packetId, 0, id, path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
} }
@ -724,16 +569,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
InetAddress sentTo; InetAddress sentTo;
if (unlikely(pkt.rO(ii, sentTo) < 0)) { if (unlikely(pkt.rO(ii, sentTo) < 0)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9811, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
cc,
0x707a9811,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
return SharedPtr<Peer>(); return SharedPtr<Peer>();
} }
@ -753,30 +589,12 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
ii += 2; // skip reserved field ii += 2; // skip reserved field
const unsigned int dictSize = pkt.rI16(ii); const unsigned int dictSize = pkt.rI16(ii);
if (unlikely((ii + dictSize) > packetSize)) { if (unlikely((ii + dictSize) > packetSize)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9815, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
cc,
0x707a9815,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
return peer; return peer;
} }
Dictionary md; Dictionary md;
if (! md.decode(pkt.unsafeData + ii, dictSize)) { if (! md.decode(pkt.unsafeData + ii, dictSize)) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x707a9816, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
cc,
0x707a9816,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
hops,
Protocol::VERB_HELLO,
ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT);
return peer; return peer;
} }
@ -815,15 +633,7 @@ SharedPtr<Peer> VL1::m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf&
return peer; return peer;
} }
bool VL1::m_ERROR( bool VL1::m_ERROR(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize,
Protocol::Verb& inReVerb)
{ {
#if 0 #if 0
if (packetSize < (int)sizeof(Protocol::ERROR::Header)) { if (packetSize < (int)sizeof(Protocol::ERROR::Header)) {
@ -870,54 +680,23 @@ bool VL1::m_ERROR(
#endif #endif
} }
bool VL1::m_OK( bool VL1::m_OK(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize,
Protocol::Verb& inReVerb)
{ {
int ii = ZT_PROTO_PACKET_PAYLOAD_START + 13; int ii = ZT_PROTO_PACKET_PAYLOAD_START + 13;
inReVerb = (Protocol::Verb)pkt.rI8(ii); inReVerb = (Protocol::Verb)pkt.rI8(ii);
const uint64_t inRePacketId = pkt.rI64(ii); const uint64_t inRePacketId = pkt.rI64(ii);
if (unlikely(Buf::readOverflow(ii, packetSize))) { if (unlikely(Buf::readOverflow(ii, packetSize))) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x4c1f1ff7, packetId, 0, identityFromPeerPtr(peer), path->address(), 0, Protocol::VERB_OK, ZT_TRACE_PACKET_DROP_REASON_MALFORMED_PACKET);
cc,
0x4c1f1ff7,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
0,
Protocol::VERB_OK,
ZT_TRACE_PACKET_DROP_REASON_MALFORMED_PACKET);
return false; return false;
} }
if (unlikely(! m_ctx.expect->expecting(inRePacketId, cc.ticks))) { if (unlikely(! m_ctx.expect->expecting(inRePacketId, cc.ticks))) {
m_ctx.t->incomingPacketDropped( m_ctx.t->incomingPacketDropped(cc, 0x4c1f1ff8, packetId, 0, identityFromPeerPtr(peer), path->address(), 0, Protocol::VERB_OK, ZT_TRACE_PACKET_DROP_REASON_REPLY_NOT_EXPECTED);
cc,
0x4c1f1ff8,
packetId,
0,
identityFromPeerPtr(peer),
path->address(),
0,
Protocol::VERB_OK,
ZT_TRACE_PACKET_DROP_REASON_REPLY_NOT_EXPECTED);
return false; return false;
} }
ZT_SPEW( ZT_SPEW("got OK in-re %s (packet ID %.16llx) from %s(%s)", Protocol::verbName(inReVerb), inRePacketId, peer->address().toString().c_str(), path->address().toString().c_str());
"got OK in-re %s (packet ID %.16llx) from %s(%s)",
Protocol::verbName(inReVerb),
inRePacketId,
peer->address().toString().c_str(),
path->address().toString().c_str());
switch (inReVerb) { switch (inReVerb) {
case Protocol::VERB_HELLO: case Protocol::VERB_HELLO:
@ -936,14 +715,7 @@ bool VL1::m_OK(
return true; return true;
} }
bool VL1::m_WHOIS( bool VL1::m_WHOIS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
#if 0 #if 0
if (packetSize < (int)sizeof(Protocol::OK::Header)) { if (packetSize < (int)sizeof(Protocol::OK::Header)) {
@ -997,14 +769,7 @@ bool VL1::m_WHOIS(
#endif #endif
} }
bool VL1::m_RENDEZVOUS( bool VL1::m_RENDEZVOUS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
#if 0 #if 0
if (RR->topology->isRoot(peer->identity())) { if (RR->topology->isRoot(peer->identity())) {
@ -1052,14 +817,7 @@ bool VL1::m_RENDEZVOUS(
#endif #endif
} }
bool VL1::m_ECHO( bool VL1::m_ECHO(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
#if 0 #if 0
const uint64_t packetId = Protocol::packetId(pkt,packetSize); const uint64_t packetId = Protocol::packetId(pkt,packetSize);
@ -1097,14 +855,7 @@ bool VL1::m_ECHO(
#endif #endif
} }
bool VL1::m_PUSH_DIRECT_PATHS( bool VL1::m_PUSH_DIRECT_PATHS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
#if 0 #if 0
if (packetSize < (int)sizeof(Protocol::PUSH_DIRECT_PATHS)) { if (packetSize < (int)sizeof(Protocol::PUSH_DIRECT_PATHS)) {
@ -1195,27 +946,13 @@ bool VL1::m_PUSH_DIRECT_PATHS(
#endif #endif
} }
bool VL1::m_USER_MESSAGE( bool VL1::m_USER_MESSAGE(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
// TODO // TODO
return true; return true;
} }
bool VL1::m_ENCAP( bool VL1::m_ENCAP(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
// TODO: not implemented yet // TODO: not implemented yet
return true; return true;

35
core/VL1.hpp
View file

@ -67,38 +67,13 @@ class VL1 {
void m_relay(CallContext& cc, const SharedPtr<Path>& path, Address destination, SharedPtr<Buf>& pkt, int pktSize); void m_relay(CallContext& cc, const SharedPtr<Path>& path, Address destination, SharedPtr<Buf>& pkt, int pktSize);
void m_sendPendingWhois(CallContext& cc); void m_sendPendingWhois(CallContext& cc);
SharedPtr<Peer> m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf& pkt, int packetSize); SharedPtr<Peer> m_HELLO(CallContext& cc, const SharedPtr<Path>& path, Buf& pkt, int packetSize);
bool m_ERROR( bool m_ERROR(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb);
CallContext& cc, bool m_OK(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb);
uint64_t packetId,
unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize,
Protocol::Verb& inReVerb);
bool m_OK(
CallContext& cc,
uint64_t packetId,
unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize,
Protocol::Verb& inReVerb);
bool m_WHOIS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_WHOIS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool bool m_RENDEZVOUS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
m_RENDEZVOUS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_ECHO(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_ECHO(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_PUSH_DIRECT_PATHS( bool m_PUSH_DIRECT_PATHS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
CallContext& cc, bool m_USER_MESSAGE(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
uint64_t packetId,
unsigned int auth,
const SharedPtr<Path>& path,
const SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize);
bool
m_USER_MESSAGE(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_ENCAP(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_ENCAP(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, const SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
const Context& m_ctx; const Context& m_ctx;

91
core/VL2.cpp
View file

@ -27,114 +27,43 @@ VL2::VL2(const Context& ctx) : m_ctx(ctx)
{ {
} }
void VL2::onLocalEthernet( void VL2::onLocalEthernet(CallContext& cc, const SharedPtr<Network>& network, const MAC& from, const MAC& to, const unsigned int etherType, unsigned int vlanId, SharedPtr<Buf>& data, unsigned int len)
CallContext& cc,
const SharedPtr<Network>& network,
const MAC& from,
const MAC& to,
const unsigned int etherType,
unsigned int vlanId,
SharedPtr<Buf>& data,
unsigned int len)
{ {
} }
bool VL2::m_FRAME( bool VL2::m_FRAME(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_EXT_FRAME( bool VL2::m_EXT_FRAME(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_MULTICAST_LIKE( bool VL2::m_MULTICAST_LIKE(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_NETWORK_CREDENTIALS( bool VL2::m_NETWORK_CREDENTIALS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_NETWORK_CONFIG_REQUEST( bool VL2::m_NETWORK_CONFIG_REQUEST(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_NETWORK_CONFIG( bool VL2::m_NETWORK_CONFIG(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_MULTICAST_GATHER( bool VL2::m_MULTICAST_GATHER(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_MULTICAST_FRAME_deprecated( bool VL2::m_MULTICAST_FRAME_deprecated(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }
bool VL2::m_MULTICAST( bool VL2::m_MULTICAST(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize)
CallContext& cc,
const uint64_t packetId,
const unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize)
{ {
} }

34
core/VL2.hpp
View file

@ -49,41 +49,17 @@ class VL2 {
* @param data Ethernet payload * @param data Ethernet payload
* @param len Frame length * @param len Frame length
*/ */
void onLocalEthernet( void onLocalEthernet(CallContext& cc, const SharedPtr<Network>& network, const MAC& from, const MAC& to, unsigned int etherType, unsigned int vlanId, SharedPtr<Buf>& data, unsigned int len);
CallContext& cc,
const SharedPtr<Network>& network,
const MAC& from,
const MAC& to,
unsigned int etherType,
unsigned int vlanId,
SharedPtr<Buf>& data,
unsigned int len);
protected: protected:
bool m_FRAME(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_FRAME(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_EXT_FRAME(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_EXT_FRAME(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_MULTICAST_LIKE(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_MULTICAST_LIKE(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool bool m_NETWORK_CREDENTIALS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
m_NETWORK_CREDENTIALS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_NETWORK_CONFIG_REQUEST(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_NETWORK_CONFIG_REQUEST(
CallContext& cc,
uint64_t packetId,
unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize);
bool m_NETWORK_CONFIG(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_NETWORK_CONFIG(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool bool m_MULTICAST_GATHER(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
m_MULTICAST_GATHER(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_MULTICAST_FRAME_deprecated(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
bool m_MULTICAST_FRAME_deprecated(
CallContext& cc,
uint64_t packetId,
unsigned int auth,
const SharedPtr<Path>& path,
SharedPtr<Peer>& peer,
Buf& pkt,
int packetSize);
bool m_MULTICAST(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize); bool m_MULTICAST(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr<Path>& path, SharedPtr<Peer>& peer, Buf& pkt, int packetSize);
private: private:

64
core/zerotier.h
View file

@ -778,14 +778,7 @@ typedef struct {
/** /**
* Credential type IDs * Credential type IDs
*/ */
enum ZT_CredentialType { enum ZT_CredentialType { ZT_CREDENTIAL_TYPE_NULL = 0, ZT_CREDENTIAL_TYPE_COM = 1, ZT_CREDENTIAL_TYPE_CAPABILITY = 2, ZT_CREDENTIAL_TYPE_TAG = 3, ZT_CREDENTIAL_TYPE_COO = 4, ZT_CREDENTIAL_TYPE_REVOCATION = 6 };
ZT_CREDENTIAL_TYPE_NULL = 0,
ZT_CREDENTIAL_TYPE_COM = 1,
ZT_CREDENTIAL_TYPE_CAPABILITY = 2,
ZT_CREDENTIAL_TYPE_TAG = 3,
ZT_CREDENTIAL_TYPE_COO = 4,
ZT_CREDENTIAL_TYPE_REVOCATION = 6
};
/** /**
* Endpoint address and protocol types * Endpoint address and protocol types
@ -2200,8 +2193,7 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame(
* @param nextBackgroundTaskDeadline Value/result: set to deadline for next call to processBackgroundTasks() * @param nextBackgroundTaskDeadline Value/result: set to deadline for next call to processBackgroundTasks()
* @return OK (0) or error code if a fatal error condition has occurred * @return OK (0) or error code if a fatal error condition has occurred
*/ */
ZT_SDK_API enum ZT_ResultCode ZT_SDK_API enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, volatile int64_t* nextBackgroundTaskDeadline);
ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, volatile int64_t* nextBackgroundTaskDeadline);
/** /**
* Join a network * Join a network
@ -2216,8 +2208,7 @@ ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void
* @param fingerprintHash If non-NULL this is the full fingerprint of the controller * @param fingerprintHash If non-NULL this is the full fingerprint of the controller
* @return OK (0) or error code if a fatal error condition has occurred * @return OK (0) or error code if a fatal error condition has occurred
*/ */
ZT_SDK_API enum ZT_ResultCode ZT_SDK_API enum ZT_ResultCode ZT_Node_join(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void* uptr, uint64_t nwid, const ZT_Fingerprint* controllerFingerprint);
ZT_Node_join(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void* uptr, uint64_t nwid, const ZT_Fingerprint* controllerFingerprint);
/** /**
* Leave a network * Leave a network
@ -2257,8 +2248,7 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_leave(ZT_Node* node, int64_t clock, int64_
* @param multicastAdi Multicast ADI (least significant 32 bits only, use 0 if not needed) * @param multicastAdi Multicast ADI (least significant 32 bits only, use 0 if not needed)
* @return OK (0) or error code if a fatal error condition has occurred * @return OK (0) or error code if a fatal error condition has occurred
*/ */
ZT_SDK_API enum ZT_ResultCode ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi);
ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi);
/** /**
* Unsubscribe from an Ethernet multicast group (or all groups) * Unsubscribe from an Ethernet multicast group (or all groups)
@ -2273,8 +2263,7 @@ ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tp
* @param multicastAdi Multicast ADI (least significant 32 bits only, use 0 if not needed) * @param multicastAdi Multicast ADI (least significant 32 bits only, use 0 if not needed)
* @return OK (0) or error code if a fatal error condition has occurred * @return OK (0) or error code if a fatal error condition has occurred
*/ */
ZT_SDK_API enum ZT_ResultCode ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi);
ZT_Node_multicastUnsubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi);
/** /**
* Get this node's 40-bit ZeroTier address * Get this node's 40-bit ZeroTier address
@ -2347,8 +2336,7 @@ ZT_SDK_API void ZT_Node_setNetworkUserPtr(ZT_Node* node, uint64_t nwid, void* pt
* @param addrs Addresses * @param addrs Addresses
* @param addrCount Number of items in addrs[] * @param addrCount Number of items in addrs[]
*/ */
ZT_SDK_API void ZT_SDK_API void ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, const ZT_InterfaceAddress* addrs, unsigned int addrCount);
ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, const ZT_InterfaceAddress* addrs, unsigned int addrCount);
/** /**
* Add a certificate to this node's certificate store * Add a certificate to this node's certificate store
@ -2362,15 +2350,7 @@ ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t clock, int64_t ticks, void*
* @param certSize Size of certificate binary data, 0 if none * @param certSize Size of certificate binary data, 0 if none
* @return Certificate error or ZT_CERTIFICATE_ERROR_NONE on success * @return Certificate error or ZT_CERTIFICATE_ERROR_NONE on success
*/ */
ZT_SDK_API enum ZT_CertificateError ZT_Node_addCertificate( ZT_SDK_API enum ZT_CertificateError ZT_Node_addCertificate(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize);
ZT_Node* node,
int64_t clock,
int64_t ticks,
void* tptr,
unsigned int localTrust,
const ZT_Certificate* cert,
const void* certData,
unsigned int certSize);
/** /**
* Delete a certificate from this node's certificate store * Delete a certificate from this node's certificate store
@ -2407,8 +2387,7 @@ ZT_SDK_API ZT_CertificateList* ZT_Node_listCertificates(ZT_Node* node, int64_t c
* @param len Length of data in bytes * @param len Length of data in bytes
* @return Boolean: non-zero on success, zero on failure * @return Boolean: non-zero on success, zero on failure
*/ */
ZT_SDK_API int ZT_SDK_API int ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t dest, uint64_t typeId, const void* data, unsigned int len);
ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t dest, uint64_t typeId, const void* data, unsigned int len);
/** /**
* Set a network controller instance for this node * Set a network controller instance for this node
@ -2604,12 +2583,7 @@ ZT_SDK_API int ZT_Endpoint_fromBytes(ZT_Endpoint* ep, const void* bytes, unsigne
* @param signer Identity to sign locator (must include private key) * @param signer Identity to sign locator (must include private key)
* @return Locator or NULL on error (too many endpoints or identity does not have private key) * @return Locator or NULL on error (too many endpoints or identity does not have private key)
*/ */
ZT_SDK_API ZT_Locator* ZT_Locator_create( ZT_SDK_API ZT_Locator* ZT_Locator_create(int64_t rev, const ZT_Endpoint* endpoints, const ZT_EndpointAttributes* endpointAttributes, unsigned int endpointCount, const ZT_Identity* signer);
int64_t rev,
const ZT_Endpoint* endpoints,
const ZT_EndpointAttributes* endpointAttributes,
unsigned int endpointCount,
const ZT_Identity* signer);
/** /**
* Decode a serialized locator * Decode a serialized locator
@ -2733,12 +2707,8 @@ ZT_SDK_API void ZT_version(int* major, int* minor, int* revision, int* build);
* @param privateKeySize Result parameter: set to size of private key * @param privateKeySize Result parameter: set to size of private key
* @return OK (0) or error * @return OK (0) or error
*/ */
ZT_SDK_API int ZT_Certificate_newKeyPair( ZT_SDK_API int
enum ZT_CertificatePublicKeyAlgorithm type, ZT_Certificate_newKeyPair(enum ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize);
uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE],
int* const publicKeySize,
uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE],
int* const privateKeySize);
/** /**
* Create a new certificate signing request (CSR) * Create a new certificate signing request (CSR)
@ -2758,14 +2728,7 @@ ZT_SDK_API int ZT_Certificate_newKeyPair(
* @param csrSize Value/result: size of buffer * @param csrSize Value/result: size of buffer
* @return OK (0) or error * @return OK (0) or error
*/ */
ZT_SDK_API int ZT_Certificate_newCSR( ZT_SDK_API int ZT_Certificate_newCSR(const ZT_Certificate_Subject* subject, const void* certificatePublicKey, int certificatePublicKeySize, const void* uniqueIdPrivateKey, int uniqueIdPrivateKeySize, void* csr, int* csrSize);
const ZT_Certificate_Subject* subject,
const void* certificatePublicKey,
int certificatePublicKeySize,
const void* uniqueIdPrivateKey,
int uniqueIdPrivateKeySize,
void* csr,
int* csrSize);
/** /**
* Sign a CSR to generate a complete certificate. * Sign a CSR to generate a complete certificate.
@ -2782,8 +2745,7 @@ ZT_SDK_API int ZT_Certificate_newCSR(
* @param issuerPrivateKeySize Size of private key in bytes * @param issuerPrivateKeySize Size of private key in bytes
* @return Signed certificate or NULL on error * @return Signed certificate or NULL on error
*/ */
ZT_SDK_API ZT_Certificate* ZT_SDK_API ZT_Certificate* ZT_Certificate_sign(const ZT_Certificate* cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, int issuerPrivateKeySize);
ZT_Certificate_sign(const ZT_Certificate* cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, int issuerPrivateKeySize);
/** /**
* Decode a certificate or CSR * Decode a certificate or CSR

127
osdep/ManagedRoute.cpp
View file

@ -130,8 +130,7 @@ static std::vector<_RTE> _getRTEs(const InetAddress& target, bool contains)
InetAddress sa_t, sa_v; InetAddress sa_t, sa_v;
int deviceIndex = -9999; int deviceIndex = -9999;
if (((rtm->rtm_flags & RTF_LLINFO) == 0) && ((rtm->rtm_flags & RTF_HOST) == 0) if (((rtm->rtm_flags & RTF_LLINFO) == 0) && ((rtm->rtm_flags & RTF_HOST) == 0) && ((rtm->rtm_flags & RTF_UP) != 0) && ((rtm->rtm_flags & RTF_MULTICAST) == 0)) {
&& ((rtm->rtm_flags & RTF_UP) != 0) && ((rtm->rtm_flags & RTF_MULTICAST) == 0)) {
int which = 0; int which = 0;
while (saptr < saend) { while (saptr < saend) {
struct sockaddr* sa = (struct sockaddr*)saptr; struct sockaddr* sa = (struct sockaddr*)saptr;
@ -155,14 +154,11 @@ static std::vector<_RTE> _getRTEs(const InetAddress& target, bool contains)
// printf("RTA_DST\n"); // printf("RTA_DST\n");
if (sa->sa_family == AF_INET6) { if (sa->sa_family == AF_INET6) {
struct sockaddr_in6* sin6 = (struct sockaddr_in6*)sa; struct sockaddr_in6* sin6 = (struct sockaddr_in6*)sa;
if ((sin6->sin6_addr.s6_addr[0] == 0xfe) if ((sin6->sin6_addr.s6_addr[0] == 0xfe) && ((sin6->sin6_addr.s6_addr[1] & 0xc0) == 0x80)) {
&& ((sin6->sin6_addr.s6_addr[1] & 0xc0) == 0x80)) {
// BSD uses this fucking strange in-band signaling method to encode device // BSD uses this fucking strange in-band signaling method to encode device
// scope IDs for IPv6 addresses... probably a holdover from very early // scope IDs for IPv6 addresses... probably a holdover from very early
// versions of the spec. // versions of the spec.
unsigned int interfaceIndex = unsigned int interfaceIndex = ((((unsigned int)sin6->sin6_addr.s6_addr[2]) << 8) & 0xff) | (((unsigned int)sin6->sin6_addr.s6_addr[3]) & 0xff);
((((unsigned int)sin6->sin6_addr.s6_addr[2]) << 8) & 0xff)
| (((unsigned int)sin6->sin6_addr.s6_addr[3]) & 0xff);
sin6->sin6_addr.s6_addr[2] = 0; sin6->sin6_addr.s6_addr[2] = 0;
sin6->sin6_addr.s6_addr[3] = 0; sin6->sin6_addr.s6_addr[3] = 0;
if (! sin6->sin6_scope_id) if (! sin6->sin6_scope_id)
@ -189,8 +185,7 @@ static std::vector<_RTE> _getRTEs(const InetAddress& target, bool contains)
salen = sizeof(struct sockaddr_in6); salen = sizeof(struct sockaddr_in6);
unsigned int bits = 0; unsigned int bits = 0;
for (int i = 0; i < 16; ++i) { for (int i = 0; i < 16; ++i) {
unsigned char c = unsigned char c = (unsigned char)((const struct sockaddr_in6*)sa)->sin6_addr.s6_addr[i];
(unsigned char)((const struct sockaddr_in6*)sa)->sin6_addr.s6_addr[i];
if (c == 0xff) if (c == 0xff)
bits += 8; bits += 8;
else else
@ -200,8 +195,7 @@ static std::vector<_RTE> _getRTEs(const InetAddress& target, bool contains)
} }
else if (sa_t.ss_family == AF_INET) { else if (sa_t.ss_family == AF_INET) {
salen = sizeof(struct sockaddr_in); salen = sizeof(struct sockaddr_in);
sa_t.setPort((unsigned int)Utils::countBits( sa_t.setPort((unsigned int)Utils::countBits((uint32_t)((const struct sockaddr_in*)sa)->sin_addr.s_addr));
(uint32_t)((const struct sockaddr_in*)sa)->sin_addr.s_addr));
} }
} break; } break;
/* /*
@ -233,8 +227,7 @@ static std::vector<_RTE> _getRTEs(const InetAddress& target, bool contains)
else { else {
rtes.back().device[0] = (char)0; rtes.back().device[0] = (char)0;
} }
rtes.back().metric = rtes.back().metric = ((int)rtm->rtm_rmx.rmx_hopcount < 0) ? 0 : (int)rtm->rtm_rmx.rmx_hopcount;
((int)rtm->rtm_rmx.rmx_hopcount < 0) ? 0 : (int)rtm->rtm_rmx.rmx_hopcount;
} }
} }
@ -250,12 +243,7 @@ static std::vector<_RTE> _getRTEs(const InetAddress& target, bool contains)
} }
#endif #endif
static void _routeCmd( static void _routeCmd(const char* op, const InetAddress& target, const InetAddress& via, const char* ifscope, const char* localInterface)
const char* op,
const InetAddress& target,
const InetAddress& via,
const char* ifscope,
const char* localInterface)
{ {
// char f1[1024],f2[1024]; printf("%s %s %s %s // char f1[1024],f2[1024]; printf("%s %s %s %s
// %s\n",op,target.toString(f1),via.toString(f2),ifscope,localInterface); // %s\n",op,target.toString(f1),via.toString(f2),ifscope,localInterface);
@ -271,52 +259,18 @@ static void _routeCmd(
char iptmp[64]; char iptmp[64];
if (via) { if (via) {
if ((ifscope) && (ifscope[0])) { if ((ifscope) && (ifscope[0])) {
::execl( ::execl(ZT_BSD_ROUTE_CMD, ZT_BSD_ROUTE_CMD, op, "-ifscope", ifscope, ((target.ss_family == AF_INET6) ? "-inet6" : "-inet"), target.toString(ttmp), via.toIpString(iptmp), (const char*)0);
ZT_BSD_ROUTE_CMD,
ZT_BSD_ROUTE_CMD,
op,
"-ifscope",
ifscope,
((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),
target.toString(ttmp),
via.toIpString(iptmp),
(const char*)0);
} }
else { else {
::execl( ::execl(ZT_BSD_ROUTE_CMD, ZT_BSD_ROUTE_CMD, op, ((target.ss_family == AF_INET6) ? "-inet6" : "-inet"), target.toString(ttmp), via.toIpString(iptmp), (const char*)0);
ZT_BSD_ROUTE_CMD,
ZT_BSD_ROUTE_CMD,
op,
((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),
target.toString(ttmp),
via.toIpString(iptmp),
(const char*)0);
} }
} }
else if ((localInterface) && (localInterface[0])) { else if ((localInterface) && (localInterface[0])) {
if ((ifscope) && (ifscope[0])) { if ((ifscope) && (ifscope[0])) {
::execl( ::execl(ZT_BSD_ROUTE_CMD, ZT_BSD_ROUTE_CMD, op, "-ifscope", ifscope, ((target.ss_family == AF_INET6) ? "-inet6" : "-inet"), target.toString(ttmp), "-interface", localInterface, (const char*)0);
ZT_BSD_ROUTE_CMD,
ZT_BSD_ROUTE_CMD,
op,
"-ifscope",
ifscope,
((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),
target.toString(ttmp),
"-interface",
localInterface,
(const char*)0);
} }
else { else {
::execl( ::execl(ZT_BSD_ROUTE_CMD, ZT_BSD_ROUTE_CMD, op, ((target.ss_family == AF_INET6) ? "-inet6" : "-inet"), target.toString(ttmp), "-interface", localInterface, (const char*)0);
ZT_BSD_ROUTE_CMD,
ZT_BSD_ROUTE_CMD,
op,
((target.ss_family == AF_INET6) ? "-inet6" : "-inet"),
target.toString(ttmp),
"-interface",
localInterface,
(const char*)0);
} }
} }
::_exit(-1); ::_exit(-1);
@ -335,12 +289,7 @@ static void _routeCmd(
#ifdef __WINDOWS__ // -------------------------------------------------------- #ifdef __WINDOWS__ // --------------------------------------------------------
#define ZT_ROUTING_SUPPORT_FOUND 1 #define ZT_ROUTING_SUPPORT_FOUND 1
static bool _winRoute( static bool _winRoute(bool del, const NET_LUID& interfaceLuid, const NET_IFINDEX& interfaceIndex, const InetAddress& target, const InetAddress& via)
bool del,
const NET_LUID& interfaceLuid,
const NET_IFINDEX& interfaceIndex,
const InetAddress& target,
const InetAddress& via)
{ {
MIB_IPFORWARD_ROW2 rtrow; MIB_IPFORWARD_ROW2 rtrow;
InitializeIpForwardEntry(&rtrow); InitializeIpForwardEntry(&rtrow);
@ -349,29 +298,21 @@ static bool _winRoute(
if (target.ss_family == AF_INET) { if (target.ss_family == AF_INET) {
rtrow.DestinationPrefix.Prefix.si_family = AF_INET; rtrow.DestinationPrefix.Prefix.si_family = AF_INET;
rtrow.DestinationPrefix.Prefix.Ipv4.sin_family = AF_INET; rtrow.DestinationPrefix.Prefix.Ipv4.sin_family = AF_INET;
rtrow.DestinationPrefix.Prefix.Ipv4.sin_addr.S_un.S_addr = rtrow.DestinationPrefix.Prefix.Ipv4.sin_addr.S_un.S_addr = reinterpret_cast<const struct sockaddr_in*>(&target)->sin_addr.S_un.S_addr;
reinterpret_cast<const struct sockaddr_in*>(&target)->sin_addr.S_un.S_addr;
if (via.ss_family == AF_INET) { if (via.ss_family == AF_INET) {
rtrow.NextHop.si_family = AF_INET; rtrow.NextHop.si_family = AF_INET;
rtrow.NextHop.Ipv4.sin_family = AF_INET; rtrow.NextHop.Ipv4.sin_family = AF_INET;
rtrow.NextHop.Ipv4.sin_addr.S_un.S_addr = rtrow.NextHop.Ipv4.sin_addr.S_un.S_addr = reinterpret_cast<const struct sockaddr_in*>(&via)->sin_addr.S_un.S_addr;
reinterpret_cast<const struct sockaddr_in*>(&via)->sin_addr.S_un.S_addr;
} }
} }
else if (target.ss_family == AF_INET6) { else if (target.ss_family == AF_INET6) {
rtrow.DestinationPrefix.Prefix.si_family = AF_INET6; rtrow.DestinationPrefix.Prefix.si_family = AF_INET6;
rtrow.DestinationPrefix.Prefix.Ipv6.sin6_family = AF_INET6; rtrow.DestinationPrefix.Prefix.Ipv6.sin6_family = AF_INET6;
memcpy( memcpy(rtrow.DestinationPrefix.Prefix.Ipv6.sin6_addr.u.Byte, reinterpret_cast<const struct sockaddr_in6*>(&target)->sin6_addr.u.Byte, 16);
rtrow.DestinationPrefix.Prefix.Ipv6.sin6_addr.u.Byte,
reinterpret_cast<const struct sockaddr_in6*>(&target)->sin6_addr.u.Byte,
16);
if (via.ss_family == AF_INET6) { if (via.ss_family == AF_INET6) {
rtrow.NextHop.si_family = AF_INET6; rtrow.NextHop.si_family = AF_INET6;
rtrow.NextHop.Ipv6.sin6_family = AF_INET6; rtrow.NextHop.Ipv6.sin6_family = AF_INET6;
memcpy( memcpy(rtrow.NextHop.Ipv6.sin6_addr.u.Byte, reinterpret_cast<const struct sockaddr_in6*>(&via)->sin6_addr.u.Byte, 16);
rtrow.NextHop.Ipv6.sin6_addr.u.Byte,
reinterpret_cast<const struct sockaddr_in6*>(&via)->sin6_addr.u.Byte,
16);
} }
} }
else { else {
@ -406,11 +347,7 @@ static bool _winRoute(
} }
} }
static bool _winHasRoute( static bool _winHasRoute(const NET_LUID& interfaceLuid, const NET_IFINDEX& interfaceIndex, const InetAddress& target, const InetAddress& via)
const NET_LUID& interfaceLuid,
const NET_IFINDEX& interfaceIndex,
const InetAddress& target,
const InetAddress& via)
{ {
MIB_IPFORWARD_ROW2 rtrow; MIB_IPFORWARD_ROW2 rtrow;
InitializeIpForwardEntry(&rtrow); InitializeIpForwardEntry(&rtrow);
@ -419,29 +356,21 @@ static bool _winHasRoute(
if (target.ss_family == AF_INET) { if (target.ss_family == AF_INET) {
rtrow.DestinationPrefix.Prefix.si_family = AF_INET; rtrow.DestinationPrefix.Prefix.si_family = AF_INET;
rtrow.DestinationPrefix.Prefix.Ipv4.sin_family = AF_INET; rtrow.DestinationPrefix.Prefix.Ipv4.sin_family = AF_INET;
rtrow.DestinationPrefix.Prefix.Ipv4.sin_addr.S_un.S_addr = rtrow.DestinationPrefix.Prefix.Ipv4.sin_addr.S_un.S_addr = reinterpret_cast<const struct sockaddr_in*>(&target)->sin_addr.S_un.S_addr;
reinterpret_cast<const struct sockaddr_in*>(&target)->sin_addr.S_un.S_addr;
if (via.ss_family == AF_INET) { if (via.ss_family == AF_INET) {
rtrow.NextHop.si_family = AF_INET; rtrow.NextHop.si_family = AF_INET;
rtrow.NextHop.Ipv4.sin_family = AF_INET; rtrow.NextHop.Ipv4.sin_family = AF_INET;
rtrow.NextHop.Ipv4.sin_addr.S_un.S_addr = rtrow.NextHop.Ipv4.sin_addr.S_un.S_addr = reinterpret_cast<const struct sockaddr_in*>(&via)->sin_addr.S_un.S_addr;
reinterpret_cast<const struct sockaddr_in*>(&via)->sin_addr.S_un.S_addr;
} }
} }
else if (target.ss_family == AF_INET6) { else if (target.ss_family == AF_INET6) {
rtrow.DestinationPrefix.Prefix.si_family = AF_INET6; rtrow.DestinationPrefix.Prefix.si_family = AF_INET6;
rtrow.DestinationPrefix.Prefix.Ipv6.sin6_family = AF_INET6; rtrow.DestinationPrefix.Prefix.Ipv6.sin6_family = AF_INET6;
memcpy( memcpy(rtrow.DestinationPrefix.Prefix.Ipv6.sin6_addr.u.Byte, reinterpret_cast<const struct sockaddr_in6*>(&target)->sin6_addr.u.Byte, 16);
rtrow.DestinationPrefix.Prefix.Ipv6.sin6_addr.u.Byte,
reinterpret_cast<const struct sockaddr_in6*>(&target)->sin6_addr.u.Byte,
16);
if (via.ss_family == AF_INET6) { if (via.ss_family == AF_INET6) {
rtrow.NextHop.si_family = AF_INET6; rtrow.NextHop.si_family = AF_INET6;
rtrow.NextHop.Ipv6.sin6_family = AF_INET6; rtrow.NextHop.Ipv6.sin6_family = AF_INET6;
memcpy( memcpy(rtrow.NextHop.Ipv6.sin6_addr.u.Byte, reinterpret_cast<const struct sockaddr_in6*>(&via)->sin6_addr.u.Byte, 16);
rtrow.NextHop.Ipv6.sin6_addr.u.Byte,
reinterpret_cast<const struct sockaddr_in6*>(&via)->sin6_addr.u.Byte,
16);
} }
} }
else { else {
@ -455,17 +384,13 @@ static bool _winHasRoute(
#endif // __WINDOWS__ -------------------------------------------------------- #endif // __WINDOWS__ --------------------------------------------------------
#ifndef ZT_ROUTING_SUPPORT_FOUND #ifndef ZT_ROUTING_SUPPORT_FOUND
#error \ #error \
"ManagedRoute.cpp has no support for managing routes on this platform! You'll need to check and see if one of the existing ones will work and make sure proper defines are set, or write one. Please do a GitHub pull request if you do this for a new OS." "ManagedRoute.cpp has no support for managing routes on this platform! You'll need to check and see if one of the existing ones will work and make sure proper defines are set, or write one. Please do a GitHub pull request if you do this for a new OS."
#endif #endif
} // anonymous namespace } // anonymous namespace
ManagedRoute::ManagedRoute( ManagedRoute::ManagedRoute(const InetAddress& target, const InetAddress& via, const InetAddress& src, const char* device)
const InetAddress& target,
const InetAddress& via,
const InetAddress& src,
const char* device)
{ {
_target = target; _target = target;
_via = via; _via = via;
@ -511,8 +436,7 @@ bool ManagedRoute::sync()
{ {
#ifdef __WINDOWS__ #ifdef __WINDOWS__
NET_LUID interfaceLuid; NET_LUID interfaceLuid;
interfaceLuid.Value = (ULONG64)Utils::hexStrToU64( interfaceLuid.Value = (ULONG64)Utils::hexStrToU64(_device); // on Windows we use the hex LUID as the "interface name" for ManagedRoute
_device); // on Windows we use the hex LUID as the "interface name" for ManagedRoute
NET_IFINDEX interfaceIndex = -1; NET_IFINDEX interfaceIndex = -1;
if (ConvertInterfaceLuidToIndex(&interfaceLuid, &interfaceIndex) != NO_ERROR) if (ConvertInterfaceLuidToIndex(&interfaceLuid, &interfaceIndex) != NO_ERROR)
return false; return false;
@ -626,8 +550,7 @@ void ManagedRoute::remove()
{ {
#ifdef __WINDOWS__ #ifdef __WINDOWS__
NET_LUID interfaceLuid; NET_LUID interfaceLuid;
interfaceLuid.Value = (ULONG64)Utils::hexStrToU64( interfaceLuid.Value = (ULONG64)Utils::hexStrToU64(_device); // on Windows we use the hex LUID as the "interface name" for ManagedRoute
_device); // on Windows we use the hex LUID as the "interface name" for ManagedRoute
NET_IFINDEX interfaceIndex = -1; NET_IFINDEX interfaceIndex = -1;
if (ConvertInterfaceLuidToIndex(&interfaceLuid, &interfaceIndex) != NO_ERROR) if (ConvertInterfaceLuidToIndex(&interfaceLuid, &interfaceIndex) != NO_ERROR)
return; return;

31
osdep/OSUtils.cpp
View file

@ -108,9 +108,7 @@ Vector<String> OSUtils::listDirectory(const char* path, bool includeDirectories)
WIN32_FIND_DATAA ffd; WIN32_FIND_DATAA ffd;
if ((hFind = FindFirstFileA((String(path) + "\\*").c_str(), &ffd)) != INVALID_HANDLE_VALUE) { if ((hFind = FindFirstFileA((String(path) + "\\*").c_str(), &ffd)) != INVALID_HANDLE_VALUE) {
do { do {
if ((strcmp(ffd.cFileName, ".")) && (strcmp(ffd.cFileName, "..")) if ((strcmp(ffd.cFileName, ".")) && (strcmp(ffd.cFileName, "..")) && (((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == 0) || (((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0) && (includeDirectories))))
&& (((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == 0)
|| (((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0) && (includeDirectories))))
r.push_back(String(ffd.cFileName)); r.push_back(String(ffd.cFileName));
} while (FindNextFileA(hFind, &ffd)); } while (FindNextFileA(hFind, &ffd));
FindClose(hFind); FindClose(hFind);
@ -126,8 +124,7 @@ Vector<String> OSUtils::listDirectory(const char* path, bool includeDirectories)
if (readdir_r(d, &de, &dptr)) if (readdir_r(d, &de, &dptr))
break; break;
if (dptr) { if (dptr) {
if ((strcmp(dptr->d_name, ".") != 0) && (strcmp(dptr->d_name, "..") != 0) if ((strcmp(dptr->d_name, ".") != 0) && (strcmp(dptr->d_name, "..") != 0) && ((dptr->d_type != DT_DIR) || (includeDirectories)))
&& ((dptr->d_type != DT_DIR) || (includeDirectories)))
r.push_back(String(dptr->d_name)); r.push_back(String(dptr->d_name));
} }
else else
@ -200,17 +197,7 @@ void OSUtils::lockDownFile(const char* path, bool isDir)
startupInfo.cb = sizeof(startupInfo); startupInfo.cb = sizeof(startupInfo);
memset(&startupInfo, 0, sizeof(STARTUPINFOA)); memset(&startupInfo, 0, sizeof(STARTUPINFOA));
memset(&processInfo, 0, sizeof(PROCESS_INFORMATION)); memset(&processInfo, 0, sizeof(PROCESS_INFORMATION));
if (CreateProcessA( if (CreateProcessA(NULL, (LPSTR)(String("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /inheritance:d /Q").c_str(), NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &startupInfo, &processInfo)) {
NULL,
(LPSTR)(String("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /inheritance:d /Q").c_str(),
NULL,
NULL,
FALSE,
CREATE_NO_WINDOW,
NULL,
NULL,
&startupInfo,
&processInfo)) {
WaitForSingleObject(processInfo.hProcess, INFINITE); WaitForSingleObject(processInfo.hProcess, INFINITE);
CloseHandle(processInfo.hProcess); CloseHandle(processInfo.hProcess);
CloseHandle(processInfo.hThread); CloseHandle(processInfo.hThread);
@ -219,17 +206,7 @@ void OSUtils::lockDownFile(const char* path, bool isDir)
startupInfo.cb = sizeof(startupInfo); startupInfo.cb = sizeof(startupInfo);
memset(&startupInfo, 0, sizeof(STARTUPINFOA)); memset(&startupInfo, 0, sizeof(STARTUPINFOA));
memset(&processInfo, 0, sizeof(PROCESS_INFORMATION)); memset(&processInfo, 0, sizeof(PROCESS_INFORMATION));
if (CreateProcessA( if (CreateProcessA(NULL, (LPSTR)(String("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /remove *S-1-5-32-545 /Q").c_str(), NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &startupInfo, &processInfo)) {
NULL,
(LPSTR)(String("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /remove *S-1-5-32-545 /Q").c_str(),
NULL,
NULL,
FALSE,
CREATE_NO_WINDOW,
NULL,
NULL,
&startupInfo,
&processInfo)) {
WaitForSingleObject(processInfo.hProcess, INFINITE); WaitForSingleObject(processInfo.hProcess, INFINITE);
CloseHandle(processInfo.hProcess); CloseHandle(processInfo.hProcess);
CloseHandle(processInfo.hThread); CloseHandle(processInfo.hThread);