github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-07-08 05:51:17 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'dev' into asflags-noexecstack

Browse source
This commit is contained in:
Joseph Henry 2023-08-02 14:29:47 -07:00 committed by GitHub
commit 42e18c6365
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 154 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

2
attic/world/build.sh
View file

@ -1,3 +1,3 @@
#!/bin/bash #!/bin/bash
c++ -std=c++11 -I../.. -I.. -g -o mkworld ../../node/C25519.cpp ../../node/Salsa20.cpp ../../node/SHA512.cpp ../../node/Identity.cpp ../../node/Utils.cpp ../../node/InetAddress.cpp ../../osdep/OSUtils.cpp mkworld.cpp -lm c++ -std=c++11 -I../.. -I../../ext -I.. -g -o mkworld ../../node/C25519.cpp ../../node/Salsa20.cpp ../../node/SHA512.cpp ../../node/Identity.cpp ../../node/Utils.cpp ../../node/InetAddress.cpp ../../osdep/OSUtils.cpp mkworld.cpp -lm

2
node/Constants.hpp
View file

@ -299,7 +299,7 @@
/** /**
* Delay between checks of peer pings, etc., and also related housekeeping tasks * Delay between checks of peer pings, etc., and also related housekeeping tasks
*/ */
#define ZT_PING_CHECK_INVERVAL 5000 #define ZT_PING_CHECK_INTERVAL 5000
/** /**
* How often the local.conf file is checked for changes (service, should be moved there) * How often the local.conf file is checked for changes (service, should be moved there)

4
node/Node.cpp
View file

@ -307,7 +307,7 @@ ZT_ResultCode Node::processBackgroundTasks(void *tptr,int64_t now,volatile int64
Mutex::Lock bl(_backgroundTasksLock); Mutex::Lock bl(_backgroundTasksLock);
// Process background bond tasks // Process background bond tasks
unsigned long bondCheckInterval = ZT_PING_CHECK_INVERVAL; unsigned long bondCheckInterval = ZT_PING_CHECK_INTERVAL;
if (RR->bc->inUse()) { if (RR->bc->inUse()) {
bondCheckInterval = std::max(RR->bc->minReqMonitorInterval(), ZT_CORE_TIMER_TASK_GRANULARITY); bondCheckInterval = std::max(RR->bc->minReqMonitorInterval(), ZT_CORE_TIMER_TASK_GRANULARITY);
if ((now - _lastGratuitousPingCheck) >= ZT_CORE_TIMER_TASK_GRANULARITY) { if ((now - _lastGratuitousPingCheck) >= ZT_CORE_TIMER_TASK_GRANULARITY) {
@ -316,7 +316,7 @@ ZT_ResultCode Node::processBackgroundTasks(void *tptr,int64_t now,volatile int64
} }
} }
unsigned long timeUntilNextPingCheck = _lowBandwidthMode ? (ZT_PING_CHECK_INVERVAL * 5) : ZT_PING_CHECK_INVERVAL; unsigned long timeUntilNextPingCheck = _lowBandwidthMode ? (ZT_PING_CHECK_INTERVAL * 5) : ZT_PING_CHECK_INTERVAL;
const int64_t timeSinceLastPingCheck = now - _lastPingCheck; const int64_t timeSinceLastPingCheck = now - _lastPingCheck;
if (timeSinceLastPingCheck >= timeUntilNextPingCheck) { if (timeSinceLastPingCheck >= timeUntilNextPingCheck) {
try { try {

2
osdep/LinuxNetLink.cpp
View file

@ -546,7 +546,7 @@ void LinuxNetLink::_requestIPv4Routes()
la.nl_pid = 0; //getpid(); la.nl_pid = 0; //getpid();
la.nl_groups = RTMGRP_IPV4_ROUTE; la.nl_groups = RTMGRP_IPV4_ROUTE;
if(bind(fd, (struct sockaddr*)&la, sizeof(la))) { if(bind(fd, (struct sockaddr*)&la, sizeof(la))) {
fprintf(stderr, "Error binding RTNETLINK (_requiestIPv4Routes #1): %s\n", strerror(errno)); fprintf(stderr, "Error binding RTNETLINK (_requestIPv4Routes #1): %s\n", strerror(errno));
close(fd); close(fd);
return; return;
} }

6
osdep/MacDNSHelper.hpp
View file

@ -12,8 +12,10 @@ class MacDNSHelper
public: public:
static void setDNS(uint64_t nwid, const char *domain, const std::vector<InetAddress> &servers); static void setDNS(uint64_t nwid, const char *domain, const std::vector<InetAddress> &servers);
static void removeDNS(uint64_t nwid); static void removeDNS(uint64_t nwid);
static bool addIps(uint64_t nwid, const MAC mac, const char *dev, const std::vector<InetAddress> &addrs); static bool addIps4(uint64_t nwid, const MAC mac, const char *dev, const std::vector<InetAddress> &addrs);
static bool removeIps(uint64_t nwid); static bool addIps6(uint64_t nwid, const MAC mac, const char *dev, const std::vector<InetAddress> &addrs);
static bool removeIps4(uint64_t nwid);
static bool removeIps6(uint64_t nwid);
}; };
} }

141
osdep/MacDNSHelper.mm
View file

@ -25,19 +25,23 @@ void MacDNSHelper::setDNS(uint64_t nwid, const char *domain, const std::vector<I
CFArrayRef serverArray = CFArrayCreate(NULL, (const void**)s, servers.size(), &kCFTypeArrayCallBacks); CFArrayRef serverArray = CFArrayCreate(NULL, (const void**)s, servers.size(), &kCFTypeArrayCallBacks);
CFStringRef keys[2]; CFStringRef keys[3];
keys[0] = CFSTR("SupplementalMatchDomains"); keys[0] = CFSTR("SupplementalMatchDomains");
keys[1] = CFSTR("ServerAddresses"); keys[1] = CFSTR("ServerAddresses");
keys[2] = CFSTR("SearchDomains");
CFStringRef cfdomain = CFStringCreateWithCString(NULL, domain, kCFStringEncodingUTF8); CFStringRef cfdomain = CFStringCreateWithCString(NULL, domain, kCFStringEncodingUTF8);
CFStringRef cfdomain2 = CFStringCreateWithCString(NULL, domain, kCFStringEncodingUTF8);
CFArrayRef domainArray = CFArrayCreate(NULL, (const void**)&cfdomain, 1, &kCFTypeArrayCallBacks); CFArrayRef domainArray = CFArrayCreate(NULL, (const void**)&cfdomain, 1, &kCFTypeArrayCallBacks);
CFArrayRef domainArray2 = CFArrayCreate(NULL, (const void**)&cfdomain2, 1, &kCFTypeArrayCallBacks);
CFTypeRef values[2]; CFTypeRef values[3];
values[0] = domainArray; values[0] = domainArray;
values[1] = serverArray; values[1] = serverArray;
values[2] = domainArray2;
CFDictionaryRef dict = CFDictionaryCreate(NULL, CFDictionaryRef dict = CFDictionaryCreate(NULL,
(const void**)keys, (const void**)values, 2, &kCFCopyStringDictionaryKeyCallBacks, (const void**)keys, (const void**)values, 3, &kCFCopyStringDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks); &kCFTypeDictionaryValueCallBacks);
char buf[256] = {0}; char buf[256] = {0};
@ -69,7 +73,9 @@ void MacDNSHelper::setDNS(uint64_t nwid, const char *domain, const std::vector<I
CFRelease(key); CFRelease(key);
CFRelease(dict); CFRelease(dict);
CFRelease(domainArray); CFRelease(domainArray);
CFRelease(domainArray2);
CFRelease(cfdomain); CFRelease(cfdomain);
CFRelease(cfdomain2);
CFRelease(serverArray); CFRelease(serverArray);
for (int i = 0; i < servers.size(); ++i) { for (int i = 0; i < servers.size(); ++i) {
CFRelease(s[i]); CFRelease(s[i]);
@ -95,9 +101,114 @@ void MacDNSHelper::removeDNS(uint64_t nwid)
// Originally I planned to put all the v6 ip addresses from the network into the config. // Originally I planned to put all the v6 ip addresses from the network into the config.
// But only the link local address is necessary and sufficient. Added other v6 addresses // But only the link local address is necessary and sufficient. Added other v6 addresses
// doesn't do anything. // doesn't do anything.
bool MacDNSHelper::addIps(uint64_t nwid, const MAC mac, const char *dev, const std::vector<InetAddress>& addrs) //
{ // As of Monterey we need IPv4 set up too.
bool MacDNSHelper::addIps4(uint64_t nwid, const MAC mac, const char *dev, const std::vector<InetAddress>& addrs)
{
const char* ipStr = {0};
const char* ipStr2 = {0};
char buf2[256] = {0};
bool hasV4 = false;
for (unsigned int i = 0; i < addrs.size(); ++i) {
if (addrs[i].isV4()) {
hasV4 = true;
ipStr = addrs[i].toIpString(buf2);
ipStr2 = addrs[i].toIpString(buf2);
break;
}
}
if (!hasV4) {
MacDNSHelper::removeIps4(nwid);
return true;
}
SCDynamicStoreRef ds = SCDynamicStoreCreate(NULL, CFSTR("zerotier"), NULL, NULL);
char buf[256] = { 0 };
sprintf(buf, "State:/Network/Service/%.16llx/IPv4", nwid);
CFStringRef key = CFStringCreateWithCString(NULL, buf, kCFStringEncodingUTF8);
CFStringRef cfaddr = CFStringCreateWithCString(NULL, ipStr, kCFStringEncodingUTF8);
CFArrayRef addrArray = CFArrayCreate(NULL, (const void**)&cfaddr, 1, &kCFTypeArrayCallBacks);
CFStringRef cfdev = CFStringCreateWithCString(NULL, dev, kCFStringEncodingUTF8);
CFStringRef cfserver = CFStringCreateWithCString(NULL, "127.0.0.1", kCFStringEncodingUTF8);
CFStringRef cfrouter = CFStringCreateWithCString(NULL, ipStr2, kCFStringEncodingUTF8);
const int SIZE = 4;
CFStringRef keys[SIZE];
keys[0] = CFSTR("Addresses");
keys[1] = CFSTR("InterfaceName");
keys[2] = CFSTR("ServerAddress");
keys[3] = CFSTR("Router");
CFTypeRef values[SIZE];
values[0] = addrArray;
values[1] = cfdev;
values[2] = cfserver;
values[3] = cfrouter;
CFDictionaryRef dict = CFDictionaryCreate(NULL,
(const void**)keys, (const void**)values, SIZE, &kCFCopyStringDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
// CFDictionaryApplyFunction(dict, printKeys, NULL);
CFArrayRef list = SCDynamicStoreCopyKeyList(ds, key);
CFIndex i = 0, j = CFArrayGetCount(list);
bool addrsChanged = true;
CFPropertyListRef oldAddrs = NULL;
bool ret = TRUE;
if (j > 0) {
oldAddrs = SCDynamicStoreCopyValue(ds, (CFStringRef)CFArrayGetValueAtIndex(list, i));
addrsChanged = !CFEqual(oldAddrs,dict);
}
if (addrsChanged) {
if (j <= 0) {
ret &= SCDynamicStoreAddValue(ds, key, dict);
} else {
ret &= SCDynamicStoreSetValue(ds, (CFStringRef)CFArrayGetValueAtIndex(list, i), dict);
}
if (!ret) {
fprintf(stderr, "Error writing IPv6 configuration\n");
}
}
if (oldAddrs != NULL) {
CFRelease(oldAddrs);
}
CFRelease(cfaddr);
CFRelease(addrArray);
CFRelease(cfdev);
CFRelease(cfserver);
CFRelease(cfrouter);
CFRelease(ds);
CFRelease(key);
// for (unsigned int i = 0; i < SIZE; ++i) {
// values[i] = NULL;
// }
CFRelease(list);
CFRelease(dict);
return ret;
}
bool MacDNSHelper::addIps6(uint64_t nwid, const MAC mac, const char *dev, const std::vector<InetAddress>& addrs)
{
bool hasV6 = false; bool hasV6 = false;
for (unsigned int i = 0; i < addrs.size(); ++i) { for (unsigned int i = 0; i < addrs.size(); ++i) {
if (addrs[i].isV6()) { if (addrs[i].isV6()) {
@ -107,7 +218,7 @@ bool MacDNSHelper::addIps(uint64_t nwid, const MAC mac, const char *dev, const s
} }
if (!hasV6) { if (!hasV6) {
MacDNSHelper::removeIps(nwid); MacDNSHelper::removeIps6(nwid);
return true; return true;
} }
@ -204,7 +315,7 @@ bool MacDNSHelper::addIps(uint64_t nwid, const MAC mac, const char *dev, const s
return ret; return ret;
} }
bool MacDNSHelper::removeIps(uint64_t nwid) bool MacDNSHelper::removeIps6(uint64_t nwid)
{ {
SCDynamicStoreRef ds = SCDynamicStoreCreate(NULL, CFSTR("zerotier"), NULL, NULL); SCDynamicStoreRef ds = SCDynamicStoreCreate(NULL, CFSTR("zerotier"), NULL, NULL);
@ -218,4 +329,20 @@ bool MacDNSHelper::removeIps(uint64_t nwid)
return res; return res;
} }
bool MacDNSHelper::removeIps4(uint64_t nwid)
{
SCDynamicStoreRef ds = SCDynamicStoreCreate(NULL, CFSTR("zerotier"), NULL, NULL);
char buf[256] = {0};
sprintf(buf, "State:/Network/Service/%.16llx/IPv4", nwid);
CFStringRef key = CFStringCreateWithCString(NULL, buf, kCFStringEncodingUTF8);
bool res = SCDynamicStoreRemoveValue(ds, key);
CFRelease(key);
CFRelease(ds);
return res;
}
} }

3
osdep/MacEthernetTap.cpp
View file

@ -245,7 +245,8 @@ MacEthernetTap::~MacEthernetTap()
pid_t pid0,pid1; pid_t pid0,pid1;
MacDNSHelper::removeDNS(_nwid); MacDNSHelper::removeDNS(_nwid);
MacDNSHelper::removeIps(_nwid); MacDNSHelper::removeIps4(_nwid);
MacDNSHelper::removeIps6(_nwid);
Mutex::Lock _gl(globalTapCreateLock); Mutex::Lock _gl(globalTapCreateLock);
::write(_shutdownSignalPipe[1],"\0",1); // causes thread to exit ::write(_shutdownSignalPipe[1],"\0",1); // causes thread to exit

13
service/OneService.cpp
View file

@ -1056,7 +1056,7 @@ public:
if (_secondaryPort) { if (_secondaryPort) {
_ports[1] = _secondaryPort; _ports[1] = _secondaryPort;
} else { } else {
_ports[1] = _getRandomPort(); _ports[1] = _secondaryPort = _getRandomPort();
} }
} }
#ifdef ZT_USE_MINIUPNPC #ifdef ZT_USE_MINIUPNPC
@ -1067,7 +1067,7 @@ public:
if (_tertiaryPort) { if (_tertiaryPort) {
_ports[2] = _tertiaryPort; _ports[2] = _tertiaryPort;
} else { } else {
_ports[2] = _getRandomPort(); _ports[2] = _tertiaryPort = _getRandomPort();
} }
if (_ports[2]) { if (_ports[2]) {
@ -2531,8 +2531,13 @@ public:
} }
#ifdef __APPLE__ #ifdef __APPLE__
if (!MacDNSHelper::addIps(n.config().nwid, n.config().mac, n.tap()->deviceName().c_str(), newManagedIps)) if (!MacDNSHelper::addIps6(n.config().nwid, n.config().mac, n.tap()->deviceName().c_str(), newManagedIps)) {
fprintf(stderr, "ERROR: unable to add v6 addresses to system configuration" ZT_EOL_S); fprintf(stderr, "ERROR: unable to add v6 addresses to system configuration" ZT_EOL_S);
}
if (!MacDNSHelper::addIps4(n.config().nwid, n.config().mac, n.tap()->deviceName().c_str(), newManagedIps)) {
fprintf(stderr, "ERROR: unable to add v4 addresses to system configuration" ZT_EOL_S);
}
#endif #endif
n.setManagedIps(newManagedIps); n.setManagedIps(newManagedIps);
} }
@ -3388,7 +3393,7 @@ public:
void *tmpptr = (void *)_tcpFallbackTunnel; void *tmpptr = (void *)_tcpFallbackTunnel;
phyOnTcpWritable(_tcpFallbackTunnel->sock,&tmpptr); phyOnTcpWritable(_tcpFallbackTunnel->sock,&tmpptr);
} }
} else if (_forceTcpRelay || (((now - _lastSendToGlobalV4) < ZT_TCP_FALLBACK_AFTER)&&((now - _lastSendToGlobalV4) > (ZT_PING_CHECK_INVERVAL / 2)))) { } else if (_forceTcpRelay || (((now - _lastSendToGlobalV4) < ZT_TCP_FALLBACK_AFTER)&&((now - _lastSendToGlobalV4) > (ZT_PING_CHECK_INTERVAL / 2)))) {
const InetAddress addr(_fallbackRelayAddress); const InetAddress addr(_fallbackRelayAddress);
TcpConnection *tc = new TcpConnection(); TcpConnection *tc = new TcpConnection();
{ {