mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-06-06 12:33:44 +02:00
Add a Log table to log queries for debugging and security logging. No JSON API support for querying the log yet, but will probably come via /network/###/member/###/log/... or something.
This commit is contained in:
parent
8ca885d27c
commit
e2a2993b18
4 changed files with 54 additions and 3 deletions
|
@ -142,6 +142,7 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
|
||||||
// Prepare statement will fail if Config table doesn't exist, which means our DB
|
// Prepare statement will fail if Config table doesn't exist, which means our DB
|
||||||
// needs to be initialized.
|
// needs to be initialized.
|
||||||
if (sqlite3_exec(_db,ZT_NETCONF_SCHEMA_SQL"INSERT INTO Config (k,v) VALUES ('schemaVersion',"ZT_NETCONF_SQLITE_SCHEMA_VERSION_STR");",0,0,0) != SQLITE_OK) {
|
if (sqlite3_exec(_db,ZT_NETCONF_SCHEMA_SQL"INSERT INTO Config (k,v) VALUES ('schemaVersion',"ZT_NETCONF_SQLITE_SCHEMA_VERSION_STR");",0,0,0) != SQLITE_OK) {
|
||||||
|
//printf("%s\n",sqlite3_errmsg(_db));
|
||||||
sqlite3_close(_db);
|
sqlite3_close(_db);
|
||||||
throw std::runtime_error("SqliteNetworkController cannot initialize database and/or insert schemaVersion into Config table");
|
throw std::runtime_error("SqliteNetworkController cannot initialize database and/or insert schemaVersion into Config table");
|
||||||
}
|
}
|
||||||
|
@ -199,16 +200,20 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
|
||||||
||(sqlite3_prepare_v2(_db,"DELETE FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sDeleteMember,(const char **)0) != SQLITE_OK)
|
||(sqlite3_prepare_v2(_db,"DELETE FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sDeleteMember,(const char **)0) != SQLITE_OK)
|
||||||
|
|
||||||
/* Gateway */
|
/* Gateway */
|
||||||
||(sqlite3_prepare_v2(_db,"SELECT ip,ipVersion,metric FROM Gateway WHERE networkId = ? ORDER BY metric ASC",-1,&_sGetGateways,(const char **)0) != SQLITE_OK)
|
||(sqlite3_prepare_v2(_db,"SELECT \"ip\",ipVersion,metric FROM Gateway WHERE networkId = ? ORDER BY metric ASC",-1,&_sGetGateways,(const char **)0) != SQLITE_OK)
|
||||||
||(sqlite3_prepare_v2(_db,"DELETE FROM Gateway WHERE networkId = ?",-1,&_sDeleteGateways,(const char **)0) != SQLITE_OK)
|
||(sqlite3_prepare_v2(_db,"DELETE FROM Gateway WHERE networkId = ?",-1,&_sDeleteGateways,(const char **)0) != SQLITE_OK)
|
||||||
||(sqlite3_prepare_v2(_db,"INSERT INTO Gateway (networkId,ip,ipVersion,metric) VALUES (?,?,?,?)",-1,&_sCreateGateway,(const char **)0) != SQLITE_OK)
|
||(sqlite3_prepare_v2(_db,"INSERT INTO Gateway (networkId,\"ip\",ipVersion,metric) VALUES (?,?,?,?)",-1,&_sCreateGateway,(const char **)0) != SQLITE_OK)
|
||||||
|
|
||||||
|
/* Log */
|
||||||
|
||(sqlite3_prepare_v2(_db,"INSERT INTO \"Log\" (networkId,nodeId,\"ts\",\"authorized\",fromAddr) VALUES (?,?,?,?,?)",-1,&_sPutLog,(const char **)0) != SQLITE_OK)
|
||||||
|
||(sqlite3_prepare_v2(_db,"SELECT \"ts\",\"authorized\",fromAddr FROM \"Log\" WHERE networkId = ? AND nodeId = ? AND \"ts\" >= ? ORDER BY \"ts\" ASC",-1,&_sGetMemberLog,(const char **)0) != SQLITE_OK)
|
||||||
|
|
||||||
/* Config */
|
/* Config */
|
||||||
||(sqlite3_prepare_v2(_db,"SELECT \"v\" FROM \"Config\" WHERE \"k\" = ?",-1,&_sGetConfig,(const char **)0) != SQLITE_OK)
|
||(sqlite3_prepare_v2(_db,"SELECT \"v\" FROM \"Config\" WHERE \"k\" = ?",-1,&_sGetConfig,(const char **)0) != SQLITE_OK)
|
||||||
||(sqlite3_prepare_v2(_db,"INSERT OR REPLACE INTO \"Config\" (\"k\",\"v\") VALUES (?,?)",-1,&_sSetConfig,(const char **)0) != SQLITE_OK)
|
||(sqlite3_prepare_v2(_db,"INSERT OR REPLACE INTO \"Config\" (\"k\",\"v\") VALUES (?,?)",-1,&_sSetConfig,(const char **)0) != SQLITE_OK)
|
||||||
|
|
||||||
) {
|
) {
|
||||||
//printf("!!! %s\n",sqlite3_errmsg(_db));
|
//printf("%s\n",sqlite3_errmsg(_db));
|
||||||
sqlite3_close(_db);
|
sqlite3_close(_db);
|
||||||
throw std::runtime_error("SqliteNetworkController unable to initialize one or more prepared statements");
|
throw std::runtime_error("SqliteNetworkController unable to initialize one or more prepared statements");
|
||||||
}
|
}
|
||||||
|
@ -283,6 +288,8 @@ SqliteNetworkController::~SqliteNetworkController()
|
||||||
sqlite3_finalize(_sIncrementMemberRevisionCounter);
|
sqlite3_finalize(_sIncrementMemberRevisionCounter);
|
||||||
sqlite3_finalize(_sGetConfig);
|
sqlite3_finalize(_sGetConfig);
|
||||||
sqlite3_finalize(_sSetConfig);
|
sqlite3_finalize(_sSetConfig);
|
||||||
|
sqlite3_finalize(_sPutLog);
|
||||||
|
sqlite3_finalize(_sGetMemberLog);
|
||||||
sqlite3_close(_db);
|
sqlite3_close(_db);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -387,6 +394,25 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
|
||||||
sqlite3_step(_sIncrementMemberRevisionCounter);
|
sqlite3_step(_sIncrementMemberRevisionCounter);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Add log entry
|
||||||
|
{
|
||||||
|
std::string fa;
|
||||||
|
if (fromAddr) {
|
||||||
|
fa = fromAddr.toString();
|
||||||
|
if (fa.length() > 64)
|
||||||
|
fa = fa.substr(0,64);
|
||||||
|
}
|
||||||
|
sqlite3_reset(_sPutLog);
|
||||||
|
sqlite3_bind_text(_sPutLog,1,network.id,16,SQLITE_STATIC);
|
||||||
|
sqlite3_bind_text(_sPutLog,2,member.nodeId,10,SQLITE_STATIC);
|
||||||
|
sqlite3_bind_int64(_sPutLog,3,(long long)OSUtils::now());
|
||||||
|
sqlite3_bind_int(_sPutLog,4,member.authorized ? 1 : 0);
|
||||||
|
if (fa.length() > 0)
|
||||||
|
sqlite3_bind_text(_sPutLog,5,fa.c_str(),-1,SQLITE_STATIC);
|
||||||
|
else sqlite3_bind_null(_sPutLog,5);
|
||||||
|
sqlite3_step(_sPutLog);
|
||||||
|
}
|
||||||
|
|
||||||
// Check member authorization
|
// Check member authorization
|
||||||
|
|
||||||
if (!member.authorized)
|
if (!member.authorized)
|
||||||
|
|
|
@ -97,6 +97,7 @@ private:
|
||||||
|
|
||||||
std::string _dbPath;
|
std::string _dbPath;
|
||||||
std::string _instanceId;
|
std::string _instanceId;
|
||||||
|
|
||||||
sqlite3 *_db;
|
sqlite3 *_db;
|
||||||
|
|
||||||
sqlite3_stmt *_sGetNetworkById;
|
sqlite3_stmt *_sGetNetworkById;
|
||||||
|
@ -141,6 +142,8 @@ private:
|
||||||
sqlite3_stmt *_sIncrementMemberRevisionCounter;
|
sqlite3_stmt *_sIncrementMemberRevisionCounter;
|
||||||
sqlite3_stmt *_sGetConfig;
|
sqlite3_stmt *_sGetConfig;
|
||||||
sqlite3_stmt *_sSetConfig;
|
sqlite3_stmt *_sSetConfig;
|
||||||
|
sqlite3_stmt *_sPutLog;
|
||||||
|
sqlite3_stmt *_sGetMemberLog;
|
||||||
|
|
||||||
Mutex _lock;
|
Mutex _lock;
|
||||||
};
|
};
|
||||||
|
|
|
@ -65,6 +65,17 @@ CREATE TABLE Member (
|
||||||
CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);
|
CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);
|
||||||
CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);
|
CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);
|
||||||
|
|
||||||
|
CREATE TABLE Log (
|
||||||
|
networkId char(16) NOT NULL,
|
||||||
|
nodeId char(10) NOT NULL,
|
||||||
|
ts integer NOT NULL,
|
||||||
|
authorized integer NOT NULL,
|
||||||
|
fromAddr varchar(64)
|
||||||
|
);
|
||||||
|
|
||||||
|
CREATE INDEX Log_networkId_nodeId ON Log(networkId, nodeId);
|
||||||
|
CREATE INDEX Log_ts ON Log(ts);
|
||||||
|
|
||||||
CREATE TABLE Relay (
|
CREATE TABLE Relay (
|
||||||
networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,
|
networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,
|
||||||
address char(10) NOT NULL,
|
address char(10) NOT NULL,
|
||||||
|
|
|
@ -66,6 +66,17 @@
|
||||||
"CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);\n"\
|
"CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);\n"\
|
||||||
"CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);\n"\
|
"CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);\n"\
|
||||||
"\n"\
|
"\n"\
|
||||||
|
"CREATE TABLE Log (\n"\
|
||||||
|
" networkId char(16) NOT NULL,\n"\
|
||||||
|
" nodeId char(10) NOT NULL,\n"\
|
||||||
|
" ts integer NOT NULL,\n"\
|
||||||
|
" authorized integer NOT NULL,\n"\
|
||||||
|
" fromAddr varchar(64)\n"\
|
||||||
|
");\n"\
|
||||||
|
"\n"\
|
||||||
|
"CREATE INDEX Log_networkId_nodeId ON Log(networkId, nodeId);\n"\
|
||||||
|
"CREATE INDEX Log_ts ON Log(ts);\n"\
|
||||||
|
"\n"\
|
||||||
"CREATE TABLE Relay (\n"\
|
"CREATE TABLE Relay (\n"\
|
||||||
" networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,\n"\
|
" networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,\n"\
|
||||||
" address char(10) NOT NULL,\n"\
|
" address char(10) NOT NULL,\n"\
|
||||||
|
|
Loading…
Add table
Reference in a new issue