Simplify network briding modes -- we only need passive toggle and active bridge list, not three mode types. Also change isOpen to isPublic for terminology consistency.

netconf-service/config.js

@@ -1,3 +1,3 @@
-//exports.redisDb = 0; // live
+exports.redisDb = 0; // live
-exports.redisDb = 1; // test
+//exports.redisDb = 1; // test
 //exports.redisDb = 2; // dev

netconf-service/index.js

@@ -42,7 +42,7 @@ var ZT_NETWORKCONFIG_DICT_KEY_IPV4_STATIC = "v4s";
 var ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC = "v6s";
 var ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP = "com";
 var ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST = "eb";
-var ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE = "br";
+var ZT_NETWORKCONFIG_DICT_KEY_ALLOW_PASSIVE_BRIDGING = "pb";
 var ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES = "ab";
 
 // Path to zerotier-idtool binary, invoked to enerate certificates of membership

netconf-service/redis-schema.md

@@ -69,7 +69,7 @@ Each network has a network record indexed by its 64-bit network ID in lower-case
 - M v4AssignPool :: network/bits from which to assign IPs
 - M v6AssignMode :: 'none' (or null/empty/etc.), 'zt', 'v6native', 'dhcp6'
 - M v6AssignPool :: network/bits from which to assign IPs
-- M bridgingMode :: 0 == none, 1 == active only, 2 == permissive/all
+- M allowPassiveBridging :: if true, allow passive bridging
 - M subscriptions :: comma-delimited list of subscriptions for this network
 - M ui :: arbitrary field that can be used by the UI to store stuff
 
@@ -82,7 +82,7 @@ The netconf-master will automatically add any peer that even attempts to request
 - !R id :: must be \<address\>
 - !R nwid :: must be \<nwid\>
 - M authorized :: true if node is authorized and will be issued valid certificates and network configurations
-- M bridge :: true if node is an active bridge
+- M activeBridge :: true if node is an active bridge
 - M name :: name of system
 - M notes :: annotation field
 - R authorizedBy :: user ID of user who authorized membership

node/Network.cpp

@@ -235,7 +235,7 @@ bool Network::isAllowed(const Address &peer) const
 
 		if (!_config)
 			return false;
-		if (_config->isOpen())
+		if (_config->isPublic())
 			return true;
 
 		std::map<Address,CertificateOfMembership>::const_iterator pc(_membershipCertificates.find(peer));
@@ -255,7 +255,7 @@ void Network::clean()
 	Mutex::Lock _l(_lock);
 	uint64_t now = Utils::now();
 
-	if ((_config)&&(_config->isOpen())) {
+	if ((_config)&&(_config->isPublic())) {
 		// Open (public) networks do not track certs or cert pushes at all.
 		_membershipCertificates.clear();
 		_lastPushedMembershipCertificate.clear();
@@ -446,7 +446,7 @@ void Network::_restoreState()
 	}
 
 	// Read most recent multicast cert dump
-	if ((_config)&&(!_config->isOpen())&&(Utils::fileExists(mcdbPath.c_str()))) {
+	if ((_config)&&(!_config->isPublic())&&(Utils::fileExists(mcdbPath.c_str()))) {
 		CertificateOfMembership com;
 		Mutex::Lock _l(_lock);
 
@@ -497,7 +497,7 @@ void Network::_dumpMulticastCerts()
 	if (!_config)
 		return;
 
-	if ((!_id)||(_config->isOpen())) {
+	if ((!_id)||(_config->isPublic())) {
 		Utils::rm(mcdbPath);
 		return;
 	}

node/Network.hpp

@@ -229,7 +229,7 @@ public:
 	inline void pushMembershipCertificate(const Address &peer,bool force,uint64_t now)
 	{
 		Mutex::Lock _l(_lock);
-		if ((_config)&&(!_config->isOpen())&&(_config->com()))
+		if ((_config)&&(!_config->isPublic())&&(_config->com()))
 			_pushMembershipCertificate(peer,force,now);
 	}
 

node/NetworkConfig.cpp

@@ -86,7 +86,7 @@ void NetworkConfig::_fromDictionary(const Dictionary &d)
 	_issuedTo = Address(d.get(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO));
 	_multicastPrefixBits = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_PREFIX_BITS,zero).c_str());
 	_multicastDepth = Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_DEPTH,zero).c_str());
-	_bridgingMode = (BridgingMode)Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE,zero).c_str());
+	_allowPassiveBridging = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_ALLOW_PASSIVE_BRIDGING,zero).c_str()) != 0);
 	_private = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_PRIVATE,one).c_str()) != 0);
 	_enableBroadcast = (Utils::hexStrToUInt(d.get(ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST,one).c_str()) != 0);
 	_name = d.get(ZT_NETWORKCONFIG_DICT_KEY_NAME);

node/NetworkConfig.hpp

@@ -62,7 +62,7 @@ namespace ZeroTier {
 #define ZT_NETWORKCONFIG_DICT_KEY_IPV6_STATIC "v6s"
 #define ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATE_OF_MEMBERSHIP "com"
 #define ZT_NETWORKCONFIG_DICT_KEY_ENABLE_BROADCAST "eb"
-#define ZT_NETWORKCONFIG_DICT_KEY_BRIDGING_MODE "br"
+#define ZT_NETWORKCONFIG_DICT_KEY_ALLOW_PASSIVE_BRIDGING "pb"
 #define ZT_NETWORKCONFIG_DICT_KEY_ACTIVE_BRIDGES "ab"
 
 /**
@@ -75,16 +75,6 @@ class NetworkConfig
 public:
 	friend class SharedPtr<NetworkConfig>;
 
-	/**
-	 * Network bridging mode
-	 */
-	enum BridgingMode
-	{
-		BRIDGING_DISABLED = 0,    // no bridging
-		BRIDGING_ACTIVE_ONLY = 1, // only active bridges may bridge
-		BRIDGING_PERMISSIVE = 2   // allow passive bridging by any peer
-	};
-
 	/**
 	 * Tuple of multicast rate parameters
 	 */
@@ -129,7 +119,8 @@ public:
 	inline unsigned int multicastPrefixBits() const throw() { return _multicastPrefixBits; }
 	inline unsigned int multicastDepth() const throw() { return _multicastDepth; }
 	inline const std::map<MulticastGroup,MulticastRate> &multicastRates() const throw() { return _multicastRates; }
-	inline bool isOpen() const throw() { return (!_private); }
+	inline bool allowPassiveBridging() const throw() { return _allowPassiveBridging; }
+	inline bool isPublic() const throw() { return (!_private); }
 	inline bool isPrivate() const throw() { return _private; }
 	inline const std::string &name() const throw() { return _name; }
 	inline const std::string &description() const throw() { return _description; }
@@ -143,17 +134,8 @@ public:
 	 * @return True if this network allows bridging
 	 */
 	inline bool permitsBridging(const Address &fromPeer) const
-		throw()
 	{
-		switch(_bridgingMode) {
+		return ((_allowPassiveBridging) ? true : (_activeBridges.count(fromPeer) > 0));
-			case BRIDGING_ACTIVE_ONLY:
-				return (_activeBridges.count(fromPeer) > 0);
-			case BRIDGING_PERMISSIVE:
-				return true;
-			//case BRIDGING_DISABLED:
-			default:
-				return false;
-		}
 	}
 
 	/**
@@ -175,7 +157,7 @@ private:
 	Address _issuedTo;
 	unsigned int _multicastPrefixBits;
 	unsigned int _multicastDepth;
-	BridgingMode _bridgingMode;
+	bool _allowPassiveBridging;
 	bool _private;
 	bool _enableBroadcast;
 	std::string _name;

node/NodeConfig.cpp

@@ -249,7 +249,7 @@ void NodeConfig::_doCommand(IpcConnection *ipcc,const char *commandLine)
 					((nconf) ? nconf->name().c_str() : "?"),
 					Network::statusString(nw->second->status()),
 					age,
-					((nconf) ? (nconf->isOpen() ? "public" : "private") : "?"),
+					((nconf) ? (nconf->isPublic() ? "public" : "private") : "?"),
 					(dn.length() > 0) ? dn.c_str() : "?",
 					((tmp.length() > 0) ? tmp.c_str() : "-"));
 			}