void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-05 03:53:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Change this back.

Browse source 
Wasn't doing what I thought it was there.  Still keeping the erase iterator change
This commit is contained in:
Grant Limberg 2023-05-15 17:29:36 -07:00
parent fbeae3c468
commit d0a7ae4907
No known key found for this signature in database
GPG key ID: 8F2F97D3BE8D7735
1 changed files with 28 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
controller/EmbeddedNetworkController.cpp
View file

@ -1769,9 +1769,6 @@ void EmbeddedNetworkController::_startThreads()
nlohmann::json network, member; nlohmann::json network, member;
for(;;) { for(;;) {
expired.clear(); expired.clear();
network.clear();
member.clear();
_RQEntry *qe = (_RQEntry *)0; _RQEntry *qe = (_RQEntry *)0;
Metrics::network_config_request_queue_size = _queue.size(); Metrics::network_config_request_queue_size = _queue.size();
auto timedWaitResult = _queue.get(qe, 1000); auto timedWaitResult = _queue.get(qe, 1000);
@ -1781,33 +1778,6 @@ void EmbeddedNetworkController::_startThreads()
if (qe) { if (qe) {
try { try {
_request(qe->nwid,qe->fromAddr,qe->requestPacketId,qe->identity,qe->metaData); _request(qe->nwid,qe->fromAddr,qe->requestPacketId,qe->identity,qe->metaData);
if (_db.get(qe->nwid, network, qe->identity.address().toInt(), member)) {
bool networkSSOEnabled = OSUtils::jsonBool(network["ssoEnabled"], false);
if (networkSSOEnabled) {
int64_t now = OSUtils::now();
{
std::lock_guard<std::mutex> l(_expiringSoon_l);
for(auto s=_expiringSoon.begin();s!=_expiringSoon.end();) {
Metrics::sso_expiration_checks++;
const int64_t when = s->first;
if (when <= now) {
int64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0);
if (authenticationExpiryTime <= now) {
expired.push_back(s->second);
}
s = _expiringSoon.erase(s);
} else {
// Don't bother going further into the future than necessary.
break;
}
}
}
for(auto e=expired.begin();e!=expired.end();++e) {
Metrics::sso_member_deauth++;
onNetworkMemberDeauthorize(nullptr, e->networkId, e->nodeId);
}
}
}
} catch (std::exception &e) { } catch (std::exception &e) {
fprintf(stderr,"ERROR: exception in controller request handling thread: %s" ZT_EOL_S,e.what()); fprintf(stderr,"ERROR: exception in controller request handling thread: %s" ZT_EOL_S,e.what());
} catch ( ... ) { } catch ( ... ) {
@ -1817,6 +1787,34 @@ void EmbeddedNetworkController::_startThreads()
qe = nullptr; qe = nullptr;
} }
} }
int64_t now = OSUtils::now();
{
std::lock_guard<std::mutex> l(_expiringSoon_l);
for(auto s=_expiringSoon.begin();s!=_expiringSoon.end();) {
Metrics::sso_expiration_checks++;
const int64_t when = s->first;
if (when <= now) {
// The user may have re-authorized, so we must actually look it up and check.
network.clear();
member.clear();
if (_db.get(s->second.networkId, network, s->second.nodeId, member)) {
int64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0);
if (authenticationExpiryTime <= now) {
expired.push_back(s->second);
}
}
s = _expiringSoon.erase(s);
} else {
// Don't bother going further into the future than necessary.
break;
}
}
}
for(auto e=expired.begin();e!=expired.end();++e) {
Metrics::sso_member_deauth++;
onNetworkMemberDeauthorize(nullptr, e->networkId, e->nodeId);
}
} }
}); });
} }