github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-08-20 05:13:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Gogogogogogogo

Browse source
This commit is contained in:
Adam Ierymenko 2019-09-23 15:18:52 -07:00
commit b6175bd408
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
12 changed files with 583 additions and 150 deletions
Download patch file Download diff file Expand all files Collapse all files

237
go/pkg/zerotier/node.go
View file

@ -13,6 +13,9 @@
package zerotier
// This wraps the C++ Node implementation, C++ EthernetTap implementations,
// and generally contains all the other CGO stuff.
//#cgo CFLAGS: -O3
//#cgo LDFLAGS: ${SRCDIR}/../../../build/node/libzt_core.a ${SRCDIR}/../../../build/osdep/libzt_osdep.a ${SRCDIR}/../../../build/go/native/libzt_go_native.a -lc++ -lpthread
//#define ZT_CGO 1
@ -20,14 +23,17 @@ package zerotier
import "C"
import (
"bytes"
"encoding/binary"
"errors"
"fmt"
"io/ioutil"
rand "math/rand"
"net"
"net/http"
"os"
"path"
"sort"
"sync"
"sync/atomic"
"time"
@ -61,8 +67,8 @@ const (
// PlatformDefaultHomePath is the default location of ZeroTier's working path on this system
PlatformDefaultHomePath string = C.GoString(C.ZT_PLATFORM_DEFAULT_HOMEPATH)
afInet = C.AF_INET
afInet6 = C.AF_INET6
AFInet = C.AF_INET
AFInet6 = C.AF_INET6
defaultVirtualNetworkMTU = C.ZT_DEFAULT_MTU
)
@ -75,14 +81,14 @@ var (
func sockaddrStorageToIPNet(ss *C.struct_sockaddr_storage) *net.IPNet {
var a net.IPNet
switch ss.ss_family {
case afInet:
case AFInet:
sa4 := (*C.struct_sockaddr_in)(unsafe.Pointer(ss))
var ip4 [4]byte
copy(ip4[:], (*[4]byte)(unsafe.Pointer(&sa4.sin_addr))[:])
a.IP = net.IP(ip4[:])
a.Mask = net.CIDRMask(int(binary.BigEndian.Uint16(((*[2]byte)(unsafe.Pointer(&sa4.sin_port)))[:])), 32)
return &a
case afInet6:
case AFInet6:
sa6 := (*C.struct_sockaddr_in6)(unsafe.Pointer(ss))
var ip6 [16]byte
copy(ip6[:], (*[16]byte)(unsafe.Pointer(&sa6.sin6_addr))[:])
@ -96,14 +102,14 @@ func sockaddrStorageToIPNet(ss *C.struct_sockaddr_storage) *net.IPNet {
func sockaddrStorageToUDPAddr(ss *C.struct_sockaddr_storage) *net.UDPAddr {
var a net.UDPAddr
switch ss.ss_family {
case afInet:
case AFInet:
sa4 := (*C.struct_sockaddr_in)(unsafe.Pointer(ss))
var ip4 [4]byte
copy(ip4[:], (*[4]byte)(unsafe.Pointer(&sa4.sin_addr))[:])
a.IP = net.IP(ip4[:])
a.Port = int(binary.BigEndian.Uint16(((*[2]byte)(unsafe.Pointer(&sa4.sin_port)))[:]))
return &a
case afInet6:
case AFInet6:
sa6 := (*C.struct_sockaddr_in6)(unsafe.Pointer(ss))
var ip6 [16]byte
copy(ip6[:], (*[16]byte)(unsafe.Pointer(&sa6.sin6_addr))[:])
@ -114,18 +120,22 @@ func sockaddrStorageToUDPAddr(ss *C.struct_sockaddr_storage) *net.UDPAddr {
return nil
}
func sockaddrStorageToUDPAddr2(ss unsafe.Pointer) *net.UDPAddr {
return sockaddrStorageToUDPAddr((*C.struct_sockaddr_storage)(ss))
}
func makeSockaddrStorage(ip net.IP, port int, ss *C.struct_sockaddr_storage) bool {
C.memset(unsafe.Pointer(ss), 0, C.sizeof_struct_sockaddr_storage)
if len(ip) == 4 {
sa4 := (*C.struct_sockaddr_in)(unsafe.Pointer(ss))
sa4.sin_family = afInet
sa4.sin_family = AFInet
copy(((*[4]byte)(unsafe.Pointer(&sa4.sin_addr)))[:], ip)
binary.BigEndian.PutUint16(((*[2]byte)(unsafe.Pointer(&sa4.sin_port)))[:], uint16(port))
return true
}
if len(ip) == 16 {
sa6 := (*C.struct_sockaddr_in6)(unsafe.Pointer(ss))
sa6.sin6_family = afInet6
sa6.sin6_family = AFInet6
copy(((*[16]byte)(unsafe.Pointer(&sa6.sin6_addr)))[:], ip)
binary.BigEndian.PutUint16(((*[2]byte)(unsafe.Pointer(&sa6.sin6_port)))[:], uint16(port))
return true
@ -137,26 +147,26 @@ func makeSockaddrStorage(ip net.IP, port int, ss *C.struct_sockaddr_storage) boo
// Node is an instance of the ZeroTier core node and related C++ I/O code
type Node struct {
basePath string
localConfig LocalConfig
networks map[NetworkID]*Network
networksByMAC map[MAC]*Network // locked by networksLock
externalAddresses map[string]*net.IPNet
localConfigLock sync.RWMutex
networksLock sync.RWMutex
externalAddressesLock sync.Mutex
gn *C.ZT_GoNode
zn *C.ZT_Node
id *Identity
online uint32
running uint32
runLock sync.Mutex
basePath string
localConfigPath string
localConfig LocalConfig
networks map[NetworkID]*Network
networksByMAC map[MAC]*Network // locked by networksLock
interfaceAddresses map[string]net.IP // physical external IPs on the machine
localConfigLock sync.RWMutex
networksLock sync.RWMutex
interfaceAddressesLock sync.Mutex
gn *C.ZT_GoNode
zn *C.ZT_Node
id *Identity
apiServer *http.Server
online uint32
running uint32
runLock sync.Mutex
}
// NewNode creates and initializes a new instance of the ZeroTier node service
func NewNode(basePath string) (*Node, error) {
var err error
os.MkdirAll(basePath, 0755)
if _, err := os.Stat(basePath); err != nil {
return nil, err
@ -164,9 +174,14 @@ func NewNode(basePath string) (*Node, error) {
n := new(Node)
n.basePath = basePath
n.localConfigPath = path.Join(basePath, "local.conf")
err := n.localConfig.Read(n.localConfigPath, true)
if err != nil {
return nil, err
}
n.networks = make(map[NetworkID]*Network)
n.networksByMAC = make(map[MAC]*Network)
n.externalAddresses = make(map[string]*net.IPNet)
n.interfaceAddresses = make(map[string]net.IP)
cpath := C.CString(basePath)
n.gn = C.ZT_GoNode_new(cpath)
@ -184,6 +199,12 @@ func NewNode(basePath string) (*Node, error) {
return nil, err
}
n.apiServer, err = createAPIServer(basePath, n)
if err != nil {
C.ZT_GoNode_delete(n.gn)
return nil, err
}
gnRawAddr := uintptr(unsafe.Pointer(n.gn))
nodesByUserPtrLock.Lock()
nodesByUserPtr[gnRawAddr] = n
@ -202,7 +223,7 @@ func NewNode(basePath string) (*Node, error) {
if (now - lastScannedInterfaces) >= 30000 {
lastScannedInterfaces = now
externalAddresses := make(map[string]*net.IPNet)
interfaceAddresses := make(map[string]net.IP)
ifs, _ := net.Interfaces()
if len(ifs) > 0 {
n.networksLock.RLock()
@ -214,7 +235,7 @@ func NewNode(basePath string) (*Node, error) {
for _, a := range addrs {
ipn, _ := a.(*net.IPNet)
if ipn != nil {
externalAddresses[ipn.String()] = ipn
interfaceAddresses[ipn.IP.String()] = ipn.IP
}
}
}
@ -224,10 +245,10 @@ func NewNode(basePath string) (*Node, error) {
}
n.localConfigLock.RLock()
n.externalAddressesLock.Lock()
for astr, ipn := range externalAddresses {
if _, alreadyKnown := n.externalAddresses[astr]; !alreadyKnown {
ipCstr := C.CString(ipn.IP.String())
n.interfaceAddressesLock.Lock()
for astr, ipn := range interfaceAddresses {
if _, alreadyKnown := n.interfaceAddresses[astr]; !alreadyKnown {
ipCstr := C.CString(ipn.String())
if n.localConfig.Settings.PrimaryPort > 0 && n.localConfig.Settings.PrimaryPort < 65536 {
C.ZT_GoNode_phyStartListen(n.gn, nil, ipCstr, C.int(n.localConfig.Settings.PrimaryPort))
}
@ -240,9 +261,9 @@ func NewNode(basePath string) (*Node, error) {
C.free(unsafe.Pointer(ipCstr))
}
}
for astr, ipn := range n.externalAddresses {
if _, stillPresent := externalAddresses[astr]; !stillPresent {
ipCstr := C.CString(ipn.IP.String())
for astr, ipn := range n.interfaceAddresses {
if _, stillPresent := interfaceAddresses[astr]; !stillPresent {
ipCstr := C.CString(ipn.String())
if n.localConfig.Settings.PrimaryPort > 0 && n.localConfig.Settings.PrimaryPort < 65536 {
C.ZT_GoNode_phyStopListen(n.gn, nil, ipCstr, C.int(n.localConfig.Settings.PrimaryPort))
}
@ -255,8 +276,8 @@ func NewNode(basePath string) (*Node, error) {
C.free(unsafe.Pointer(ipCstr))
}
}
n.externalAddresses = externalAddresses
n.externalAddressesLock.Unlock()
n.interfaceAddresses = interfaceAddresses
n.interfaceAddressesLock.Unlock()
n.localConfigLock.RUnlock()
}
}
@ -269,6 +290,7 @@ func NewNode(basePath string) (*Node, error) {
// Close closes this Node and frees its underlying C++ Node structures
func (n *Node) Close() {
if atomic.SwapUint32(&n.running, 0) != 0 {
n.apiServer.Close()
C.ZT_GoNode_delete(n.gn)
nodesByUserPtrLock.Lock()
delete(nodesByUserPtr, uintptr(unsafe.Pointer(n.gn)))
@ -284,6 +306,21 @@ func (n *Node) Address() Address { return n.id.address }
// Identity returns this node's identity (including secret portion)
func (n *Node) Identity() *Identity { return n.id }
// Online returns true if this node can reach something
func (n *Node) Online() bool { return atomic.LoadUint32(&n.online) != 0 }
// InterfaceAddresses are external IPs belonging to physical interfaces on this machine
func (n *Node) InterfaceAddresses() []net.IP {
var ea []net.IP
n.interfaceAddressesLock.Lock()
for _, a := range n.interfaceAddresses {
ea = append(ea, a)
}
n.interfaceAddressesLock.Unlock()
sort.Slice(ea, func(a, b int) bool { return bytes.Compare(ea[a], ea[b]) < 0 })
return ea
}
// LocalConfig gets this node's local configuration
func (n *Node) LocalConfig() LocalConfig {
n.localConfigLock.RLock()
@ -396,11 +433,11 @@ func (n *Node) Roots() []*Root {
root := (*C.ZT_Root)(unsafe.Pointer(uintptr(unsafe.Pointer(rl)) + C.sizeof_ZT_RootList))
id, err := NewIdentityFromString(C.GoString(root.identity))
if err == nil {
var addrs []net.Addr
var addrs []InetAddress
for j := uintptr(0); j < uintptr(root.addressCount); j++ {
a := sockaddrStorageToUDPAddr((*C.struct_sockaddr_storage)(unsafe.Pointer(uintptr(unsafe.Pointer(root.addresses)) + (j * C.sizeof_struct_sockaddr_storage))))
if a != nil {
addrs = append(addrs, a)
a := NewInetAddressFromSockaddr(unsafe.Pointer(uintptr(unsafe.Pointer(root.addresses)) + (j * C.sizeof_struct_sockaddr_storage)))
if a != nil && a.Valid() {
addrs = append(addrs, *a)
}
}
roots = append(roots, &Root{
@ -488,10 +525,8 @@ func (n *Node) pathLookup(ztAddress Address) (net.IP, int) {
defer n.localConfigLock.RUnlock()
virt := n.localConfig.Virtual[ztAddress]
if virt != nil && len(virt.Try) > 0 {
udpA, _ := virt.Try[rand.Int()%len(virt.Try)].(*net.UDPAddr)
if udpA != nil {
return udpA.IP, udpA.Port
}
idx := rand.Int() % len(virt.Try)
return virt.Try[idx].IP, virt.Try[idx].Port
}
return nil, 0
}
@ -521,28 +556,24 @@ func (n *Node) makeStateObjectPath(objType int, id [2]uint64) (string, bool) {
}
func (n *Node) stateObjectPut(objType int, id [2]uint64, data []byte) {
go func() {
fp, secret := n.makeStateObjectPath(objType, id)
if len(fp) > 0 {
fileMode := os.FileMode(0644)
if secret {
fileMode = os.FileMode(0600)
}
ioutil.WriteFile(fp, data, fileMode)
if secret {
acl.Chmod(fp, 0600) // this emulates Unix chmod on Windows and uses os.Chmod on Unix-type systems
}
fp, secret := n.makeStateObjectPath(objType, id)
if len(fp) > 0 {
fileMode := os.FileMode(0644)
if secret {
fileMode = os.FileMode(0600)
}
}()
ioutil.WriteFile(fp, data, fileMode)
if secret {
acl.Chmod(fp, 0600) // this emulates Unix chmod on Windows and uses os.Chmod on Unix-type systems
}
}
}
func (n *Node) stateObjectDelete(objType int, id [2]uint64) {
go func() {
fp, _ := n.makeStateObjectPath(objType, id)
if len(fp) > 0 {
os.Remove(fp)
}
}()
fp, _ := n.makeStateObjectPath(objType, id)
if len(fp) > 0 {
os.Remove(fp)
}
}
func (n *Node) stateObjectGet(objType int, id [2]uint64) ([]byte, bool) {
@ -592,12 +623,12 @@ func goPathLookupFunc(gn unsafe.Pointer, ztAddress C.uint64_t, desiredAddressFam
if len(ip) > 0 && port > 0 && port <= 65535 {
ip4 := ip.To4()
if len(ip4) == 4 {
*((*C.int)(familyP)) = C.int(afInet)
*((*C.int)(familyP)) = C.int(AFInet)
copy((*[4]byte)(ipP)[:], ip4)
*((*C.int)(portP)) = C.int(port)
return 1
} else if len(ip) == 16 {
*((*C.int)(familyP)) = C.int(afInet6)
*((*C.int)(familyP)) = C.int(AFInet6)
copy((*[16]byte)(ipP)[:], ip)
*((*C.int)(portP)) = C.int(port)
return 1
@ -609,17 +640,19 @@ func goPathLookupFunc(gn unsafe.Pointer, ztAddress C.uint64_t, desiredAddressFam
//export goStateObjectPutFunc
func goStateObjectPutFunc(gn unsafe.Pointer, objType C.int, id, data unsafe.Pointer, len C.int) {
nodesByUserPtrLock.RLock()
node := nodesByUserPtr[uintptr(gn)]
nodesByUserPtrLock.RUnlock()
if node == nil {
return
}
if len < 0 {
node.stateObjectDelete(int(objType), *((*[2]uint64)(id)))
} else {
node.stateObjectPut(int(objType), *((*[2]uint64)(id)), C.GoBytes(data, len))
}
go func() {
nodesByUserPtrLock.RLock()
node := nodesByUserPtr[uintptr(gn)]
nodesByUserPtrLock.RUnlock()
if node == nil {
return
}
if len < 0 {
node.stateObjectDelete(int(objType), *((*[2]uint64)(id)))
} else {
node.stateObjectPut(int(objType), *((*[2]uint64)(id)), C.GoBytes(data, len))
}
}()
}
//export goStateObjectGetFunc
@ -642,17 +675,17 @@ func goStateObjectGetFunc(gn unsafe.Pointer, objType C.int, id, data unsafe.Poin
//export goDNSResolverFunc
func goDNSResolverFunc(gn unsafe.Pointer, dnsRecordTypes unsafe.Pointer, numDNSRecordTypes C.int, name unsafe.Pointer, requestID C.uintptr_t) {
nodesByUserPtrLock.RLock()
node := nodesByUserPtr[uintptr(gn)]
nodesByUserPtrLock.RUnlock()
if node == nil {
return
}
recordTypes := C.GoBytes(dnsRecordTypes, numDNSRecordTypes)
recordName := C.GoString((*C.char)(name))
go func() {
nodesByUserPtrLock.RLock()
node := nodesByUserPtr[uintptr(gn)]
nodesByUserPtrLock.RUnlock()
if node == nil {
return
}
recordTypes := C.GoBytes(dnsRecordTypes, numDNSRecordTypes)
recordName := C.GoString((*C.char)(name))
recordNameCStrCopy := C.CString(recordName)
for _, rt := range recordTypes {
switch rt {
@ -794,12 +827,12 @@ func (t *nativeTap) AddIP(ip *net.IPNet) error {
if bits > 128 || bits < 0 {
return ErrInvalidParameter
}
C.ZT_GoTap_addIp(t.tap, C.int(afInet6), unsafe.Pointer(&ip.IP[0]), C.int(bits))
C.ZT_GoTap_addIp(t.tap, C.int(AFInet6), unsafe.Pointer(&ip.IP[0]), C.int(bits))
} else if len(ip.IP) == 4 {
if bits > 32 || bits < 0 {
return ErrInvalidParameter
}
C.ZT_GoTap_addIp(t.tap, C.int(afInet), unsafe.Pointer(&ip.IP[0]), C.int(bits))
C.ZT_GoTap_addIp(t.tap, C.int(AFInet), unsafe.Pointer(&ip.IP[0]), C.int(bits))
}
return ErrInvalidParameter
}
@ -811,14 +844,14 @@ func (t *nativeTap) RemoveIP(ip *net.IPNet) error {
if bits > 128 || bits < 0 {
return ErrInvalidParameter
}
C.ZT_GoTap_removeIp(t.tap, C.int(afInet6), unsafe.Pointer(&ip.IP[0]), C.int(bits))
C.ZT_GoTap_removeIp(t.tap, C.int(AFInet6), unsafe.Pointer(&ip.IP[0]), C.int(bits))
return nil
}
if len(ip.IP) == 4 {
if bits > 32 || bits < 0 {
return ErrInvalidParameter
}
C.ZT_GoTap_removeIp(t.tap, C.int(afInet), unsafe.Pointer(&ip.IP[0]), C.int(bits))
C.ZT_GoTap_removeIp(t.tap, C.int(AFInet), unsafe.Pointer(&ip.IP[0]), C.int(bits))
return nil
}
return ErrInvalidParameter
@ -839,7 +872,7 @@ func (t *nativeTap) IPs() (ips []net.IPNet, err error) {
af := int(ipbuf[ipptr])
ipptr++
switch af {
case afInet:
case AFInet:
var ip [4]byte
for j := 0; j < 4; j++ {
ip[j] = ipbuf[ipptr]
@ -848,7 +881,7 @@ func (t *nativeTap) IPs() (ips []net.IPNet, err error) {
bits := ipbuf[ipptr]
ipptr++
ips = append(ips, net.IPNet{IP: net.IP(ip[:]), Mask: net.CIDRMask(int(bits), 32)})
case afInet6:
case AFInet6:
var ip [16]byte
for j := 0; j < 16; j++ {
ip[j] = ipbuf[ipptr]
@ -888,16 +921,16 @@ func (t *nativeTap) AddRoute(r *Route) error {
if len(r.Target.IP) == 4 {
mask, _ := r.Target.Mask.Size()
if len(r.Via) == 4 {
rc = int(C.ZT_GoTap_addRoute(t.tap, afInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), afInet, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
rc = int(C.ZT_GoTap_addRoute(t.tap, AFInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), AFInet, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
} else {
rc = int(C.ZT_GoTap_addRoute(t.tap, afInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
rc = int(C.ZT_GoTap_addRoute(t.tap, AFInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
}
} else if len(r.Target.IP) == 16 {
mask, _ := r.Target.Mask.Size()
if len(r.Via) == 4 {
rc = int(C.ZT_GoTap_addRoute(t.tap, afInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), afInet6, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
rc = int(C.ZT_GoTap_addRoute(t.tap, AFInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), AFInet6, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
} else {
rc = int(C.ZT_GoTap_addRoute(t.tap, afInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
rc = int(C.ZT_GoTap_addRoute(t.tap, AFInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
}
}
}
@ -914,16 +947,16 @@ func (t *nativeTap) RemoveRoute(r *Route) error {
if len(r.Target.IP) == 4 {
mask, _ := r.Target.Mask.Size()
if len(r.Via) == 4 {
rc = int(C.ZT_GoTap_removeRoute(t.tap, afInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), afInet, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
rc = int(C.ZT_GoTap_removeRoute(t.tap, AFInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), AFInet, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
} else {
rc = int(C.ZT_GoTap_removeRoute(t.tap, afInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
rc = int(C.ZT_GoTap_removeRoute(t.tap, AFInet, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
}
} else if len(r.Target.IP) == 16 {
mask, _ := r.Target.Mask.Size()
if len(r.Via) == 4 {
rc = int(C.ZT_GoTap_removeRoute(t.tap, afInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), afInet6, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
rc = int(C.ZT_GoTap_removeRoute(t.tap, AFInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), AFInet6, unsafe.Pointer(&r.Via[0]), C.uint(r.Metric)))
} else {
rc = int(C.ZT_GoTap_removeRoute(t.tap, afInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
rc = int(C.ZT_GoTap_removeRoute(t.tap, AFInet6, unsafe.Pointer(&r.Target.IP[0]), C.int(mask), 0, nil, C.uint(r.Metric)))
}
}
}
@ -933,12 +966,6 @@ func (t *nativeTap) RemoveRoute(r *Route) error {
return nil
}
// SyncRoutes synchronizes managed routes
func (t *nativeTap) SyncRoutes() error {
C.ZT_GoTap_syncRoutes(t.tap)
return nil
}
//////////////////////////////////////////////////////////////////////////////
func handleTapMulticastGroupChange(gn unsafe.Pointer, nwid, mac C.uint64_t, adi C.uint32_t, added bool) {