From b5c01999b8d74ea5e05f1f91bfb98ed440a66119 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 25 Mar 2020 14:10:26 -0700 Subject: [PATCH] More tweaks to COM stuff. --- node/CertificateOfMembership.hpp | 5 ++++ node/Membership.cpp | 4 +-- node/Membership.hpp | 48 ++++++++++++++++---------------- node/Network.cpp | 10 +++++++ node/Network.hpp | 11 ++------ 5 files changed, 43 insertions(+), 35 deletions(-) diff --git a/node/CertificateOfMembership.hpp b/node/CertificateOfMembership.hpp index 0317c7f24..004a0cf7f 100644 --- a/node/CertificateOfMembership.hpp +++ b/node/CertificateOfMembership.hpp @@ -138,6 +138,11 @@ public: */ ZT_INLINE int64_t timestamp() const noexcept { return _timestamp; } + /** + * @return Maximum allowed difference between timestamps + */ + ZT_INLINE int64_t timestampMaxDelta() const noexcept { return _timestampMaxDelta; } + /** * @return Fingerprint of identity to which this cert was issued */ diff --git a/node/Membership.cpp b/node/Membership.cpp index 1d6ea87b6..71edb887a 100644 --- a/node/Membership.cpp +++ b/node/Membership.cpp @@ -37,7 +37,7 @@ Membership::~Membership() { } -void Membership::pushCredentials(const RuntimeEnvironment *RR,void *tPtr,const int64_t now,const Identity &to,const NetworkConfig &nconf) +void Membership::pushCredentials(const RuntimeEnvironment *RR,void *tPtr,const int64_t now,const SharedPtr &to,const NetworkConfig &nconf) { if (!nconf.com) // sanity check return; @@ -50,7 +50,7 @@ void Membership::pushCredentials(const RuntimeEnvironment *RR,void *tPtr,const i bool complete = false; while (!complete) { ph.packetId = Protocol::getPacketId(); - to.address().copyTo(ph.destination); + to->address().copyTo(ph.destination); RR->identity.address().copyTo(ph.source); ph.flags = 0; ph.verb = Protocol::VERB_NETWORK_CREDENTIALS; diff --git a/node/Membership.hpp b/node/Membership.hpp index 4be3bd208..5980fe8c1 100644 --- a/node/Membership.hpp +++ b/node/Membership.hpp @@ -60,36 +60,13 @@ public: * @param to Peer identity * @param nconf My network config */ - void pushCredentials(const RuntimeEnvironment *RR,void *tPtr,int64_t now,const Identity &to,const NetworkConfig &nconf); + void pushCredentials(const RuntimeEnvironment *RR,void *tPtr,int64_t now,const SharedPtr &to,const NetworkConfig &nconf); /** * @return Time we last pushed credentials to this member */ ZT_INLINE int64_t lastPushedCredentials() const noexcept { return _lastPushedCredentials; } - /** - * Check whether the peer represented by this Membership owns a given address - * - * @tparam Type of resource: InetAddress or MAC - * @param nconf Our network config - * @param r Resource to check - * @return True if this peer has a certificate of ownership for the given resource - */ - template - ZT_INLINE bool peerOwnsAddress(const NetworkConfig &nconf,const T &r) const noexcept - { - if (_isUnspoofableAddress(nconf,r)) - return true; - uint32_t *k = nullptr; - CertificateOfOwnership *v = nullptr; - Hashtable< uint32_t,CertificateOfOwnership >::Iterator i(*(const_cast< Hashtable< uint32_t,CertificateOfOwnership> *>(&_remoteCoos))); - while (i.next(k,v)) { - if (_isCredentialTimestampValid(nconf,*v)&&(v->owns(r))) - return true; - } - return false; - } - /** * Get a remote member's tag (if we have it) * @@ -116,6 +93,29 @@ public: */ static ZT_INLINE uint64_t credentialKey(const ZT_CredentialType &t,const uint32_t i) noexcept { return (((uint64_t)t << 32U) | (uint64_t)i); } + /** + * Check whether the peer represented by this Membership owns a given address + * + * @tparam Type of resource: InetAddress or MAC + * @param nconf Our network config + * @param r Resource to check + * @return True if this peer has a certificate of ownership for the given resource + */ + template + ZT_INLINE bool peerOwnsAddress(const NetworkConfig &nconf,const T &r) const noexcept + { + if (_isUnspoofableAddress(nconf,r)) + return true; + uint32_t *k = nullptr; + CertificateOfOwnership *v = nullptr; + Hashtable< uint32_t,CertificateOfOwnership >::Iterator i(*(const_cast< Hashtable< uint32_t,CertificateOfOwnership> *>(&_remoteCoos))); + while (i.next(k,v)) { + if (_isCredentialTimestampValid(nconf,*v)&&(v->owns(r))) + return true; + } + return false; + } + /** * Check if our local COM agrees with theirs, with possible memo-ization. * diff --git a/node/Network.cpp b/node/Network.cpp index b0bbeaf2f..620eedce1 100644 --- a/node/Network.cpp +++ b/node/Network.cpp @@ -1217,6 +1217,16 @@ Membership::AddCredentialResult Network::addCredential(void *tPtr,const Identity return _memberships[coo.issuedTo()].addCredential(RR,tPtr,sourcePeerIdentity,_config,coo); } +void Network::pushCredentials(void *tPtr,const SharedPtr &to,const int64_t now) +{ + const int64_t tout = std::min(_config.credentialTimeMaxDelta,_config.com.timestampMaxDelta()); + Mutex::Lock _l(_memberships_l); + Membership &m = _memberships[to->address()]; + if (((now - m.lastPushedCredentials()) + 5000) >= tout) { + m.pushCredentials(RR,tPtr,now,to,_config); + } +} + void Network::destroy() { _memberships_l.lock(); diff --git a/node/Network.hpp b/node/Network.hpp index 35389f0ec..50502e737 100644 --- a/node/Network.hpp +++ b/node/Network.hpp @@ -293,20 +293,13 @@ public: Membership::AddCredentialResult addCredential(void *tPtr,const Identity &sourcePeerIdentity,const CertificateOfOwnership &coo); /** - * Push credentials if we haven't done so in a long time + * Push credentials to a peer if timeouts indicate that we should do so * * @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call * @param to Destination peer * @param now Current time */ - ZT_INLINE void pushCredentialsIfNeeded(void *tPtr,const Identity &to,const int64_t now) - { - const int64_t tout = std::min(_config.credentialTimeMaxDelta,(int64_t)ZT_PEER_ACTIVITY_TIMEOUT); - Mutex::Lock _l(_memberships_l); - Membership &m = _memberships[to.address()]; - if (((now - m.lastPushedCredentials()) + 5000) >= tout) - m.pushCredentials(RR,tPtr,now,to,_config); - } + void pushCredentials(void *tPtr,const SharedPtr &to,const int64_t now); /** * Destroy this network