void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-06 12:33:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add a Log table to log queries for debugging and security logging. No JSON API support for querying the log yet, but will probably come via /network/###/member/###/log/... or something.

Browse source
This commit is contained in:
Adam Ierymenko 2015-07-22 14:01:49 -07:00
parent 8ca885d27c
commit e2a2993b18
4 changed files with 54 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
controller/SqliteNetworkController.cpp
View file

@ -142,6 +142,7 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
// Prepare statement will fail if Config table doesn't exist, which means our DB // Prepare statement will fail if Config table doesn't exist, which means our DB
// needs to be initialized. // needs to be initialized.
if (sqlite3_exec(_db,ZT_NETCONF_SCHEMA_SQL"INSERT INTO Config (k,v) VALUES ('schemaVersion',"ZT_NETCONF_SQLITE_SCHEMA_VERSION_STR");",0,0,0) != SQLITE_OK) { if (sqlite3_exec(_db,ZT_NETCONF_SCHEMA_SQL"INSERT INTO Config (k,v) VALUES ('schemaVersion',"ZT_NETCONF_SQLITE_SCHEMA_VERSION_STR");",0,0,0) != SQLITE_OK) {
//printf("%s\n",sqlite3_errmsg(_db));
sqlite3_close(_db); sqlite3_close(_db);
throw std::runtime_error("SqliteNetworkController cannot initialize database and/or insert schemaVersion into Config table"); throw std::runtime_error("SqliteNetworkController cannot initialize database and/or insert schemaVersion into Config table");
} }
@ -199,16 +200,20 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
||(sqlite3_prepare_v2(_db,"DELETE FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sDeleteMember,(const char **)0) != SQLITE_OK) ||(sqlite3_prepare_v2(_db,"DELETE FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sDeleteMember,(const char **)0) != SQLITE_OK)
/* Gateway */ /* Gateway */
||(sqlite3_prepare_v2(_db,"SELECT ip,ipVersion,metric FROM Gateway WHERE networkId = ? ORDER BY metric ASC",-1,&_sGetGateways,(const char **)0) != SQLITE_OK) ||(sqlite3_prepare_v2(_db,"SELECT \"ip\",ipVersion,metric FROM Gateway WHERE networkId = ? ORDER BY metric ASC",-1,&_sGetGateways,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"DELETE FROM Gateway WHERE networkId = ?",-1,&_sDeleteGateways,(const char **)0) != SQLITE_OK) ||(sqlite3_prepare_v2(_db,"DELETE FROM Gateway WHERE networkId = ?",-1,&_sDeleteGateways,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"INSERT INTO Gateway (networkId,ip,ipVersion,metric) VALUES (?,?,?,?)",-1,&_sCreateGateway,(const char **)0) != SQLITE_OK) ||(sqlite3_prepare_v2(_db,"INSERT INTO Gateway (networkId,\"ip\",ipVersion,metric) VALUES (?,?,?,?)",-1,&_sCreateGateway,(const char **)0) != SQLITE_OK)
/* Log */
||(sqlite3_prepare_v2(_db,"INSERT INTO \"Log\" (networkId,nodeId,\"ts\",\"authorized\",fromAddr) VALUES (?,?,?,?,?)",-1,&_sPutLog,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT \"ts\",\"authorized\",fromAddr FROM \"Log\" WHERE networkId = ? AND nodeId = ? AND \"ts\" >= ? ORDER BY \"ts\" ASC",-1,&_sGetMemberLog,(const char **)0) != SQLITE_OK)
/* Config */ /* Config */
||(sqlite3_prepare_v2(_db,"SELECT \"v\" FROM \"Config\" WHERE \"k\" = ?",-1,&_sGetConfig,(const char **)0) != SQLITE_OK) ||(sqlite3_prepare_v2(_db,"SELECT \"v\" FROM \"Config\" WHERE \"k\" = ?",-1,&_sGetConfig,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"INSERT OR REPLACE INTO \"Config\" (\"k\",\"v\") VALUES (?,?)",-1,&_sSetConfig,(const char **)0) != SQLITE_OK) ||(sqlite3_prepare_v2(_db,"INSERT OR REPLACE INTO \"Config\" (\"k\",\"v\") VALUES (?,?)",-1,&_sSetConfig,(const char **)0) != SQLITE_OK)
) { ) {
//printf("!!! %s\n",sqlite3_errmsg(_db)); //printf("%s\n",sqlite3_errmsg(_db));
sqlite3_close(_db); sqlite3_close(_db);
throw std::runtime_error("SqliteNetworkController unable to initialize one or more prepared statements"); throw std::runtime_error("SqliteNetworkController unable to initialize one or more prepared statements");
} }
@ -283,6 +288,8 @@ SqliteNetworkController::~SqliteNetworkController()
sqlite3_finalize(_sIncrementMemberRevisionCounter); sqlite3_finalize(_sIncrementMemberRevisionCounter);
sqlite3_finalize(_sGetConfig); sqlite3_finalize(_sGetConfig);
sqlite3_finalize(_sSetConfig); sqlite3_finalize(_sSetConfig);
sqlite3_finalize(_sPutLog);
sqlite3_finalize(_sGetMemberLog);
sqlite3_close(_db); sqlite3_close(_db);
} }
} }
@ -387,6 +394,25 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
sqlite3_step(_sIncrementMemberRevisionCounter); sqlite3_step(_sIncrementMemberRevisionCounter);
} }
// Add log entry
{
std::string fa;
if (fromAddr) {
fa = fromAddr.toString();
if (fa.length() > 64)
fa = fa.substr(0,64);
}
sqlite3_reset(_sPutLog);
sqlite3_bind_text(_sPutLog,1,network.id,16,SQLITE_STATIC);
sqlite3_bind_text(_sPutLog,2,member.nodeId,10,SQLITE_STATIC);
sqlite3_bind_int64(_sPutLog,3,(long long)OSUtils::now());
sqlite3_bind_int(_sPutLog,4,member.authorized ? 1 : 0);
if (fa.length() > 0)
sqlite3_bind_text(_sPutLog,5,fa.c_str(),-1,SQLITE_STATIC);
else sqlite3_bind_null(_sPutLog,5);
sqlite3_step(_sPutLog);
}
// Check member authorization // Check member authorization
if (!member.authorized) if (!member.authorized)

3
controller/SqliteNetworkController.hpp
View file

@ -97,6 +97,7 @@ private:
std::string _dbPath; std::string _dbPath;
std::string _instanceId; std::string _instanceId;
sqlite3 *_db; sqlite3 *_db;
sqlite3_stmt *_sGetNetworkById; sqlite3_stmt *_sGetNetworkById;
@ -141,6 +142,8 @@ private:
sqlite3_stmt *_sIncrementMemberRevisionCounter; sqlite3_stmt *_sIncrementMemberRevisionCounter;
sqlite3_stmt *_sGetConfig; sqlite3_stmt *_sGetConfig;
sqlite3_stmt *_sSetConfig; sqlite3_stmt *_sSetConfig;
sqlite3_stmt *_sPutLog;
sqlite3_stmt *_sGetMemberLog;
Mutex _lock; Mutex _lock;
}; };

11
controller/schema.sql
View file

@ -65,6 +65,17 @@ CREATE TABLE Member (
CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge); CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);
CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision); CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);
CREATE TABLE Log (
networkId char(16) NOT NULL,
nodeId char(10) NOT NULL,
ts integer NOT NULL,
authorized integer NOT NULL,
fromAddr varchar(64)
);
CREATE INDEX Log_networkId_nodeId ON Log(networkId, nodeId);
CREATE INDEX Log_ts ON Log(ts);
CREATE TABLE Relay ( CREATE TABLE Relay (
networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE, networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,
address char(10) NOT NULL, address char(10) NOT NULL,

11
controller/schema.sql.c
View file

@ -66,6 +66,17 @@
"CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);\n"\ "CREATE INDEX Member_networkId_activeBridge ON Member(networkId, activeBridge);\n"\
"CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);\n"\ "CREATE INDEX Member_networkId_memberRevision ON Member(networkId, memberRevision);\n"\
"\n"\ "\n"\
"CREATE TABLE Log (\n"\
" networkId char(16) NOT NULL,\n"\
" nodeId char(10) NOT NULL,\n"\
" ts integer NOT NULL,\n"\
" authorized integer NOT NULL,\n"\
" fromAddr varchar(64)\n"\
");\n"\
"\n"\
"CREATE INDEX Log_networkId_nodeId ON Log(networkId, nodeId);\n"\
"CREATE INDEX Log_ts ON Log(ts);\n"\
"\n"\
"CREATE TABLE Relay (\n"\ "CREATE TABLE Relay (\n"\
" networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,\n"\ " networkId char(16) NOT NULL REFERENCES Network(id) ON DELETE CASCADE,\n"\
" address char(10) NOT NULL,\n"\ " address char(10) NOT NULL,\n"\