From c21636b295052b3feb8f2e53a3a9b06d758d1e57 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Mon, 11 Aug 2025 13:22:39 -0400 Subject: [PATCH] Remove moon comments from the CLI help. They still work but are not shown. --- one.cpp | 1805 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 911 insertions(+), 894 deletions(-) diff --git a/one.cpp b/one.cpp index e5c9042ab..bf63a0611 100644 --- a/one.cpp +++ b/one.cpp @@ -16,14 +16,14 @@ #include "node/ECC.hpp" #endif +#include "node/Constants.hpp" + +#include +#include #include #include #include -#include #include -#include - -#include "node/Constants.hpp" #ifdef __WINDOWS__ // clang-format off @@ -43,24 +43,25 @@ #include "windows/ZeroTierOne/ZeroTierOneService.h" // clang-format on #else -#include -#include -#include -#include -#include -#include #include +#include +#include #include -#ifdef __LINUX__ -#include -#include -#include -#include +#include #include -#include -#include -#include +#include +#include +#ifdef __LINUX__ #include "osdep/ExtOsdep.hpp" + +#include +#include +#include +#include +#include +#include +#include +#include #ifndef ZT_NO_CAPABILITIES #include #include @@ -68,49 +69,44 @@ #endif #endif -#include -#include -#include -#include -#include - -#include "version.h" #include "include/ZeroTierOne.h" - -#include "node/Identity.hpp" -#include "node/CertificateOfMembership.hpp" -#include "node/Utils.hpp" -#include "node/NetworkController.hpp" -#include "node/Buffer.hpp" -#include "node/World.hpp" - -#include "osdep/OSUtils.hpp" -#include "osdep/Http.hpp" -#include "osdep/Thread.hpp" - #include "node/Bond.hpp" - +#include "node/Buffer.hpp" +#include "node/CertificateOfMembership.hpp" +#include "node/Identity.hpp" +#include "node/NetworkController.hpp" +#include "node/Utils.hpp" +#include "node/World.hpp" +#include "osdep/Http.hpp" +#include "osdep/OSUtils.hpp" +#include "osdep/Thread.hpp" #include "service/OneService.hpp" +#include "version.h" +#include +#include #include +#include +#include +#include #ifdef __APPLE__ -#include #include -#include -#include +#include #include +#include +#include #endif #define ZT_PID_PATH "zerotier-one.pid" using namespace ZeroTier; -static OneService *volatile zt1Service = (OneService *)0; +static OneService* volatile zt1Service = (OneService*)0; -#define PROGRAM_NAME "ZeroTier One" +#define PROGRAM_NAME "ZeroTier One" #define COPYRIGHT_NOTICE "Copyright (c) 2020 ZeroTier, Inc." -#define LICENSE_GRANT "Licensed under the ZeroTier BSL 1.1 (see LICENSE.txt)" +#define LICENSE_GRANT "Licensed under the ZeroTier BSL 1.1 (see LICENSE.txt)" /****************************************************************************/ /* zerotier-cli personality */ @@ -118,52 +114,53 @@ static OneService *volatile zt1Service = (OneService *)0; // This is getting deprecated soon in favor of the stuff in cli/ -static void cliPrintHelp(const char *pn,FILE *out) +static void cliPrintHelp(const char* pn, FILE* out) { - fprintf(out, + fprintf( + out, "%s version %d.%d.%d build %d (platform %d arch %d)" ZT_EOL_S, PROGRAM_NAME, - ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION, ZEROTIER_ONE_VERSION_BUILD, - ZT_BUILD_PLATFORM, ZT_BUILD_ARCHITECTURE); - fprintf(out, - COPYRIGHT_NOTICE ZT_EOL_S - LICENSE_GRANT ZT_EOL_S); - fprintf(out,"Usage: %s [-switches] []" ZT_EOL_S"" ZT_EOL_S,pn); - fprintf(out,"Available switches:" ZT_EOL_S); - fprintf(out," -h - Display this help" ZT_EOL_S); - fprintf(out," -v - Show version" ZT_EOL_S); - fprintf(out," -j - Display full raw JSON output" ZT_EOL_S); - fprintf(out," -D - ZeroTier home path for parameter auto-detect" ZT_EOL_S); - fprintf(out," -p - HTTP port (default: auto)" ZT_EOL_S); - fprintf(out," -T - Authentication token (default: auto)" ZT_EOL_S); - fprintf(out,ZT_EOL_S"Available commands:" ZT_EOL_S); - fprintf(out," info - Display status info" ZT_EOL_S); - fprintf(out," listpeers - List all peers" ZT_EOL_S); - fprintf(out," peers - List all peers (prettier)" ZT_EOL_S); - fprintf(out," listnetworks - List all networks" ZT_EOL_S); - fprintf(out," join - Join a network" ZT_EOL_S); - fprintf(out," leave - Leave a network" ZT_EOL_S); - fprintf(out," set - Set a network setting" ZT_EOL_S); - fprintf(out," get - Get a network setting" ZT_EOL_S); - fprintf(out," listmoons - List moons (federated root sets)" ZT_EOL_S); - fprintf(out," orbit - Join a moon via any member root" ZT_EOL_S); - fprintf(out," deorbit - Leave a moon" ZT_EOL_S); - fprintf(out," dump - Debug settings dump for support" ZT_EOL_S); - fprintf(out,ZT_EOL_S"Available settings:" ZT_EOL_S); - fprintf(out," Settings to use with [get/set] may include property names from " ZT_EOL_S); - fprintf(out," the JSON output of \"zerotier-cli -j listnetworks\". Additionally, " ZT_EOL_S); - fprintf(out," (ip, ip4, ip6, ip6plane, and ip6prefix can be used). For instance:" ZT_EOL_S); - fprintf(out," zerotier-cli get ip6plane will return the 6PLANE address" ZT_EOL_S); - fprintf(out," assigned to this node." ZT_EOL_S); + ZEROTIER_ONE_VERSION_MAJOR, + ZEROTIER_ONE_VERSION_MINOR, + ZEROTIER_ONE_VERSION_REVISION, + ZEROTIER_ONE_VERSION_BUILD, + ZT_BUILD_PLATFORM, + ZT_BUILD_ARCHITECTURE); + fprintf(out, COPYRIGHT_NOTICE ZT_EOL_S LICENSE_GRANT ZT_EOL_S); + fprintf(out, "Usage: %s [-switches] []" ZT_EOL_S "" ZT_EOL_S, pn); + fprintf(out, "Available switches:" ZT_EOL_S); + fprintf(out, " -h - Display this help" ZT_EOL_S); + fprintf(out, " -v - Show version" ZT_EOL_S); + fprintf(out, " -j - Display full raw JSON output" ZT_EOL_S); + fprintf(out, " -D - ZeroTier home path for parameter auto-detect" ZT_EOL_S); + fprintf(out, " -p - HTTP port (default: auto)" ZT_EOL_S); + fprintf(out, " -T - Authentication token (default: auto)" ZT_EOL_S); + fprintf(out, ZT_EOL_S "Available commands:" ZT_EOL_S); + fprintf(out, " info - Display status info" ZT_EOL_S); + fprintf(out, " listpeers - List all peers" ZT_EOL_S); + fprintf(out, " peers - List all peers (prettier)" ZT_EOL_S); + fprintf(out, " listnetworks - List all networks" ZT_EOL_S); + fprintf(out, " join - Join a network" ZT_EOL_S); + fprintf(out, " leave - Leave a network" ZT_EOL_S); + fprintf(out, " set - Set a network setting" ZT_EOL_S); + fprintf(out, " get - Get a network setting" ZT_EOL_S); + fprintf(out, " dump - Debug settings dump for support" ZT_EOL_S); + fprintf(out, ZT_EOL_S "Available settings:" ZT_EOL_S); + fprintf(out, " Settings to use with [get/set] may include property names from " ZT_EOL_S); + fprintf(out, " the JSON output of \"zerotier-cli -j listnetworks\". Additionally, " ZT_EOL_S); + fprintf(out, " (ip, ip4, ip6, ip6plane, and ip6prefix can be used). For instance:" ZT_EOL_S); + fprintf(out, " zerotier-cli get ip6plane will return the 6PLANE address" ZT_EOL_S); + fprintf(out, " assigned to this node." ZT_EOL_S); } -static std::string cliFixJsonCRs(const std::string &s) +static std::string cliFixJsonCRs(const std::string& s) { std::string r; - for(std::string::const_iterator c(s.begin());c!=s.end();++c) { + for (std::string::const_iterator c(s.begin()); c != s.end(); ++c) { if (*c == '\n') r.append(ZT_EOL_S); - else r.push_back(*c); + else + r.push_back(*c); } return r; } @@ -171,27 +168,26 @@ static std::string cliFixJsonCRs(const std::string &s) #ifdef __WINDOWS__ static int cli(int argc, _TCHAR* argv[]) #else -static int cli(int argc,char **argv) +static int cli(int argc, char** argv) #endif { unsigned int port = 0; - std::string homeDir,command,arg1,arg2,arg3,arg4,authToken; + std::string homeDir, command, arg1, arg2, arg3, arg4, authToken; std::string ip("127.0.0.1"); bool json = false; - for(int i=1;i 0xffff)||(port == 0)) { - cliPrintHelp(argv[0],stdout); + if ((port > 0xffff) || (port == 0)) { + cliPrintHelp(argv[0], stdout); return 1; } break; @@ -208,8 +204,9 @@ static int cli(int argc,char **argv) case 'D': if (argv[i][2]) { homeDir = argv[i] + 2; - } else { - cliPrintHelp(argv[0],stdout); + } + else { + cliPrintHelp(argv[0], stdout); return 1; } break; @@ -217,8 +214,9 @@ static int cli(int argc,char **argv) case 'H': if (argv[i][2]) { ip = argv[i] + 2; - } else { - cliPrintHelp(argv[0],stdout); + } + else { + cliPrintHelp(argv[0], stdout); return 1; } break; @@ -226,72 +224,75 @@ static int cli(int argc,char **argv) case 'T': if (argv[i][2]) { authToken = argv[i] + 2; - } else { - cliPrintHelp(argv[0],stdout); + } + else { + cliPrintHelp(argv[0], stdout); return 1; } break; case 'v': if (argv[i][2]) { - cliPrintHelp(argv[0],stdout); + cliPrintHelp(argv[0], stdout); return 1; } - printf("%d.%d.%d" ZT_EOL_S,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION); + printf("%d.%d.%d" ZT_EOL_S, ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION); return 0; case 'h': case '?': default: - cliPrintHelp(argv[0],stdout); + cliPrintHelp(argv[0], stdout); return 0; } - } else { + } + else { if (arg1.length()) arg2 = argv[i]; else if (command.length()) arg1 = argv[i]; - else command = argv[i]; + else + command = argv[i]; } } - if (!homeDir.length()) + if (! homeDir.length()) homeDir = OneService::platformDefaultHomePath(); // TODO: cleanup this logic - if ((!port)||(!authToken.length())) { - if (!homeDir.length()) { - fprintf(stderr,"%s: missing port or authentication token and no home directory specified to auto-detect" ZT_EOL_S,argv[0]); + if ((! port) || (! authToken.length())) { + if (! homeDir.length()) { + fprintf(stderr, "%s: missing port or authentication token and no home directory specified to auto-detect" ZT_EOL_S, argv[0]); return 2; } - if (!port) { + if (! port) { std::string portStr; - OSUtils::readFile((homeDir + ZT_PATH_SEPARATOR_S + "zerotier-one.port").c_str(),portStr); + OSUtils::readFile((homeDir + ZT_PATH_SEPARATOR_S + "zerotier-one.port").c_str(), portStr); port = Utils::strToUInt(portStr.c_str()); - if ((port == 0)||(port > 0xffff)) { - fprintf(stderr,"%s: missing port and zerotier-one.port not found in %s" ZT_EOL_S,argv[0],homeDir.c_str()); + if ((port == 0) || (port > 0xffff)) { + fprintf(stderr, "%s: missing port and zerotier-one.port not found in %s" ZT_EOL_S, argv[0], homeDir.c_str()); return 2; } } - if (!authToken.length()) { - OSUtils::readFile((homeDir + ZT_PATH_SEPARATOR_S + "authtoken.secret").c_str(),authToken); + if (! authToken.length()) { + OSUtils::readFile((homeDir + ZT_PATH_SEPARATOR_S + "authtoken.secret").c_str(), authToken); #ifdef __UNIX_LIKE__ - if (!authToken.length()) { - const char *hd = getenv("HOME"); + if (! authToken.length()) { + const char* hd = getenv("HOME"); if (hd) { char p[4096]; #ifdef __APPLE__ - OSUtils::ztsnprintf(p,sizeof(p),"%s/Library/Application Support/ZeroTier/One/authtoken.secret",hd); + OSUtils::ztsnprintf(p, sizeof(p), "%s/Library/Application Support/ZeroTier/One/authtoken.secret", hd); #else - OSUtils::ztsnprintf(p,sizeof(p),"%s/.zeroTierOneAuthToken",hd); + OSUtils::ztsnprintf(p, sizeof(p), "%s/.zeroTierOneAuthToken", hd); #endif - OSUtils::readFile(p,authToken); + OSUtils::readFile(p, authToken); } } #endif - if (!authToken.length()) { - fprintf(stderr,"%s: authtoken.secret not found or readable in %s (try again as root)" ZT_EOL_S,argv[0],homeDir.c_str()); + if (! authToken.length()) { + fprintf(stderr, "%s: authtoken.secret not found or readable in %s (try again as root)" ZT_EOL_S, argv[0], homeDir.c_str()); return 2; } } @@ -300,34 +301,29 @@ static int cli(int argc,char **argv) InetAddress addr; { char addrtmp[256]; - OSUtils::ztsnprintf(addrtmp,sizeof(addrtmp),"%s/%u",ip.c_str(),port); + OSUtils::ztsnprintf(addrtmp, sizeof(addrtmp), "%s/%u", ip.c_str(), port); addr = InetAddress(addrtmp); } - std::map requestHeaders; - std::map responseHeaders; + std::map requestHeaders; + std::map responseHeaders; std::string responseBody; requestHeaders["X-ZT1-Auth"] = authToken; - if ((command.length() > 0)&&(command[0] == '/')) { - unsigned int scode = Http::GET( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - command.c_str(), - requestHeaders, - responseHeaders, - responseBody); + if ((command.length() > 0) && (command[0] == '/')) { + unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, command.c_str(), requestHeaders, responseHeaders, responseBody); if (scode == 200) { printf("%s", cliFixJsonCRs(responseBody).c_str()); return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if ((command == "info")||(command == "status")) { - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/status",requestHeaders,responseHeaders,responseBody); + } + else if ((command == "info") || (command == "status")) { + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/status", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); @@ -337,32 +333,34 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { if (json) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); - } else { + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); + } + else { if (j.is_object()) { - printf("200 info %s %s %s" ZT_EOL_S, - OSUtils::jsonString(j["address"],"-").c_str(), - OSUtils::jsonString(j["version"],"-").c_str(), - ((j["tcpFallbackActive"]) ? "TUNNELED" : ((j["online"]) ? "ONLINE" : "OFFLINE"))); + printf("200 info %s %s %s" ZT_EOL_S, OSUtils::jsonString(j["address"], "-").c_str(), OSUtils::jsonString(j["version"], "-").c_str(), ((j["tcpFallbackActive"]) ? "TUNNELED" : ((j["online"]) ? "ONLINE" : "OFFLINE"))); } } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "listpeers") { - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/peer",requestHeaders,responseHeaders,responseBody); + } + else if (command == "listpeers") { + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/peer", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); @@ -372,66 +370,68 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { if (json) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); - } else { + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); + } + else { printf("200 listpeers " ZT_EOL_S); if (j.is_array()) { - for(unsigned long k=0;k= 0) { - OSUtils::ztsnprintf(ver,sizeof(ver),"%lld.%lld.%lld",vmaj,vmin,vrev); - } else { + OSUtils::ztsnprintf(ver, sizeof(ver), "%lld.%lld.%lld", vmaj, vmin, vrev); + } + else { ver[0] = '-'; ver[1] = (char)0; } - printf("200 listpeers %s %s %d %s %s" ZT_EOL_S, - OSUtils::jsonString(p["address"],"-").c_str(), - bestPath.c_str(), - (int)OSUtils::jsonInt(p["latency"],0), - ver, - OSUtils::jsonString(p["role"],"-").c_str()); + printf("200 listpeers %s %s %d %s %s" ZT_EOL_S, OSUtils::jsonString(p["address"], "-").c_str(), bestPath.c_str(), (int)OSUtils::jsonInt(p["latency"], 0), ver, OSUtils::jsonString(p["role"], "-").c_str()); } } } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "peers") { - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/peer",requestHeaders,responseHeaders,responseBody); + } + else if (command == "peers") { + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/peer", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); @@ -441,38 +441,41 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { if (json) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); - } else { + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); + } + else { bool anyTunneled = false; printf("200 peers\n " ZT_EOL_S); if (j.is_array()) { - for(unsigned long k=0;k= 0) { - OSUtils::ztsnprintf(ver,sizeof(ver),"%lld.%lld.%lld",vmaj,vmin,vrev); - } else { + OSUtils::ztsnprintf(ver, sizeof(ver), "%lld.%lld.%lld", vmaj, vmin, vrev); + } + else { ver[0] = '-'; ver[1] = (char)0; } - printf("%s %-6s %-6s %5d %s" ZT_EOL_S, - OSUtils::jsonString(p["address"],"-").c_str(), - ver, - OSUtils::jsonString(p["role"],"-").c_str(), - (int)OSUtils::jsonInt(p["latency"],0), - bestPath.c_str()); + printf("%s %-6s %-6s %5d %s" ZT_EOL_S, OSUtils::jsonString(p["address"], "-").c_str(), ver, OSUtils::jsonString(p["role"], "-").c_str(), (int)OSUtils::jsonInt(p["latency"], 0), bestPath.c_str()); } } if (anyTunneled) { @@ -509,11 +508,13 @@ static int cli(int argc,char **argv) } } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "bond") { + } + else if (command == "bond") { /* zerotier-cli bond */ if (arg1.empty()) { printf("(bond) command is missing required arguments" ZT_EOL_S); @@ -521,7 +522,7 @@ static int cli(int argc,char **argv) } /* zerotier-cli bond list */ if (arg1 == "list") { - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/peer",requestHeaders,responseHeaders,responseBody); + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/peer", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); return 1; @@ -529,22 +530,25 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { if (json) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); - } else { + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); + } + else { bool bFoundBond = false; printf(" " ZT_EOL_S); if (j.is_array()) { - for(unsigned long k=0;k= ZT_BOND_POLICY_NONE && bondingPolicyCode <= ZT_BOND_POLICY_BALANCE_AWARE) { policyStr = Bond::getPolicyStrByCode(bondingPolicyCode); } - printf("%10s %32s %d/%d" ZT_EOL_S, - OSUtils::jsonString(p ["address"],"-").c_str(), - policyStr.c_str(), - numAliveLinks, - numTotalLinks); + printf("%10s %32s %d/%d" ZT_EOL_S, OSUtils::jsonString(p["address"], "-").c_str(), policyStr.c_str(), numAliveLinks, numTotalLinks); } } } - if (!bFoundBond) { + if (! bFoundBond) { printf(" NONE\t\t\t\tNONE\t NONE NONE" ZT_EOL_S); } } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } } @@ -581,20 +582,12 @@ static int cli(int argc,char **argv) arg3 = argv[6]; arg4 = argv[7]; } - unsigned int scode = Http::POST( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/bond/") + arg1 + "/" + arg2 + "/" + arg3 + "/" + arg4).c_str(), - requestHeaders, - "{}", - 2, - responseHeaders, - responseBody); + unsigned int scode = Http::POST(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/bond/") + arg1 + "/" + arg2 + "/" + arg3 + "/" + arg4).c_str(), requestHeaders, "{}", 2, responseHeaders, responseBody); if (scode == 200) { printf("200 setmtu OK" ZT_EOL_S); return 0; - } else { + } + else { printf("%d Failed to set MTU: %s" ZT_EOL_S, scode, responseBody.c_str()); return 1; } @@ -604,37 +597,25 @@ static int cli(int argc,char **argv) if (arg2 == "rotate") { /* zerotier-cli bond rotate */ requestHeaders["Content-Type"] = "application/json"; requestHeaders["Content-Length"] = "2"; - unsigned int scode = Http::POST( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/bond/") + arg2 + "/" + arg1).c_str(), - requestHeaders, - "{}", - 2, - responseHeaders, - responseBody); + unsigned int scode = Http::POST(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/bond/") + arg2 + "/" + arg1).c_str(), requestHeaders, "{}", 2, responseHeaders, responseBody); if (scode == 200) { if (json) { - printf("%s",cliFixJsonCRs(responseBody).c_str()); - } else { + printf("%s", cliFixJsonCRs(responseBody).c_str()); + } + else { printf("200 rotate OK" ZT_EOL_S); } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } return 0; } if (arg2 == "show") { - //fprintf(stderr, "zerotier-cli bond show\n"); - const unsigned int scode = Http::GET( - 1024 * 1024 * 16,60000, - (const struct sockaddr *)&addr,(std::string("/bond/") + arg2 + "/" + arg1).c_str(), - requestHeaders, - responseHeaders, - responseBody); + // fprintf(stderr, "zerotier-cli bond show\n"); + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/bond/") + arg2 + "/" + arg1).c_str(), requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); return 1; @@ -642,53 +623,59 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { if (json) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); - } else { - int numAliveLinks = OSUtils::jsonInt(j["numAliveLinks"],0); - int numTotalLinks = OSUtils::jsonInt(j["numTotalLinks"],0); + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); + } + else { + int numAliveLinks = OSUtils::jsonInt(j["numAliveLinks"], 0); + int numTotalLinks = OSUtils::jsonInt(j["numTotalLinks"], 0); printf("Peer : %s\n", arg1.c_str()); - printf("Bond : %s\n", OSUtils::jsonString(j["bondingPolicyStr"],"-").c_str()); - printf("Link Select Method : %d\n", (int)OSUtils::jsonInt(j["linkSelectMethod"],0)); + printf("Bond : %s\n", OSUtils::jsonString(j["bondingPolicyStr"], "-").c_str()); + printf("Link Select Method : %d\n", (int)OSUtils::jsonInt(j["linkSelectMethod"], 0)); printf("Links : %d/%d\n", numAliveLinks, numTotalLinks); - printf("Failover Interval (ms) : %d\n", (int)OSUtils::jsonInt(j["failoverInterval"],0)); - printf("Up Delay (ms) : %d\n", (int)OSUtils::jsonInt(j["upDelay"],0)); - printf("Down Delay (ms) : %d\n", (int)OSUtils::jsonInt(j["downDelay"],0)); - printf("Packets Per Link : %d\n", (int)OSUtils::jsonInt(j["packetsPerLink"],0)); - nlohmann::json &p = j["paths"]; + printf("Failover Interval (ms) : %d\n", (int)OSUtils::jsonInt(j["failoverInterval"], 0)); + printf("Up Delay (ms) : %d\n", (int)OSUtils::jsonInt(j["upDelay"], 0)); + printf("Down Delay (ms) : %d\n", (int)OSUtils::jsonInt(j["downDelay"], 0)); + printf("Packets Per Link : %d\n", (int)OSUtils::jsonInt(j["packetsPerLink"], 0)); + nlohmann::json& p = j["paths"]; if (p.is_array()) { printf("\nidx" - " interface" - " " - "path socket local port\n"); - for(int i=0; i<120; i++) { printf("-"); } + " interface" + " " + "path socket local port\n"); + for (int i = 0; i < 120; i++) { + printf("-"); + } printf("\n"); - for (int i=0; i " ZT_EOL_S); if (j.is_array()) { - for(unsigned long k=0;k= ZT_BOND_POLICY_NONE && bondingPolicyCode <= ZT_BOND_POLICY_BALANCE_AWARE) { policyStr = Bond::getPolicyStrByCode(bondingPolicyCode); } - printf("%10s %32s %d/%d" ZT_EOL_S, - OSUtils::jsonString(p["address"],"-").c_str(), - policyStr.c_str(), - numAliveLinks, - numTotalLinks); + printf("%10s %32s %d/%d" ZT_EOL_S, OSUtils::jsonString(p["address"], "-").c_str(), policyStr.c_str(), numAliveLinks, numTotalLinks); } } } - if (!bFoundBond) { + if (! bFoundBond) { printf(" NONE\t\t\t\tNONE\t NONE NONE" ZT_EOL_S); } } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "listnetworks") { - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/network",requestHeaders,responseHeaders,responseBody); + } + else if (command == "listnetworks") { + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/network", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); @@ -780,49 +770,56 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { if (json) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); - } else { + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); + } + else { printf("200 listnetworks " ZT_EOL_S); if (j.is_array()) { - for(unsigned long i=0;i 0) aa.push_back(','); + if (aa.length() > 0) + aa.push_back(','); aa.append(addr.get()); } } } - if (aa.length() == 0) aa = "-"; - const std::string status = OSUtils::jsonString(n["status"],"-"); - printf("200 listnetworks %s %s %s %s %s %s %s" ZT_EOL_S, - OSUtils::jsonString(n["nwid"],"-").c_str(), - OSUtils::jsonString(n["name"],"-").c_str(), - OSUtils::jsonString(n["mac"],"-").c_str(), + if (aa.length() == 0) + aa = "-"; + const std::string status = OSUtils::jsonString(n["status"], "-"); + printf( + "200 listnetworks %s %s %s %s %s %s %s" ZT_EOL_S, + OSUtils::jsonString(n["nwid"], "-").c_str(), + OSUtils::jsonString(n["name"], "-").c_str(), + OSUtils::jsonString(n["mac"], "-").c_str(), status.c_str(), - OSUtils::jsonString(n["type"],"-").c_str(), - OSUtils::jsonString(n["portDeviceName"],"-").c_str(), + OSUtils::jsonString(n["type"], "-").c_str(), + OSUtils::jsonString(n["portDeviceName"], "-").c_str(), aa.c_str()); if (OSUtils::jsonBool(n["ssoEnabled"], false)) { uint64_t authenticationExpiryTime = n["authenticationExpiryTime"]; if (status == "AUTHENTICATION_REQUIRED") { printf(" AUTH EXPIRED, URL: %s" ZT_EOL_S, OSUtils::jsonString(n["authenticationURL"], "(null)").c_str()); - } else if (status == "OK") { + } + else if (status == "OK") { int64_t expiresIn = ((int64_t)authenticationExpiryTime - OSUtils::now()) / 1000LL; if (expiresIn >= 0) { printf(" AUTH OK, expires in: %lld seconds" ZT_EOL_S, expiresIn); @@ -834,64 +831,56 @@ static int cli(int argc,char **argv) } } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "join") { + } + else if (command == "join") { if (arg1.length() != 16) { printf("invalid network id" ZT_EOL_S); return 2; } requestHeaders["Content-Type"] = "application/json"; requestHeaders["Content-Length"] = "2"; - unsigned int scode = Http::POST( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/network/") + arg1).c_str(), - requestHeaders, - "{}", - 2, - responseHeaders, - responseBody); + unsigned int scode = Http::POST(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/network/") + arg1).c_str(), requestHeaders, "{}", 2, responseHeaders, responseBody); if (scode == 200) { if (json) { - printf("%s",cliFixJsonCRs(responseBody).c_str()); - } else { + printf("%s", cliFixJsonCRs(responseBody).c_str()); + } + else { printf("200 join OK" ZT_EOL_S); } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "leave") { + } + else if (command == "leave") { if (arg1.length() != 16) { printf("invalid network id" ZT_EOL_S); return 2; } - unsigned int scode = Http::DEL( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/network/") + arg1).c_str(), - requestHeaders, - responseHeaders, - responseBody); + unsigned int scode = Http::DEL(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/network/") + arg1).c_str(), requestHeaders, responseHeaders, responseBody); if (scode == 200) { if (json) { - printf("%s",cliFixJsonCRs(responseBody).c_str()); - } else { + printf("%s", cliFixJsonCRs(responseBody).c_str()); + } + else { printf("200 leave OK" ZT_EOL_S); } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "listmoons") { - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/moon",requestHeaders,responseHeaders,responseBody); + } + else if (command == "listmoons") { + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/moon", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); @@ -901,121 +890,106 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } if (scode == 200) { - printf("%s" ZT_EOL_S,OSUtils::jsonDump(j).c_str()); + printf("%s" ZT_EOL_S, OSUtils::jsonDump(j).c_str()); return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "orbit") { + } + else if (command == "orbit") { const uint64_t worldId = Utils::hexStrToU64(arg1.c_str()); const uint64_t seed = Utils::hexStrToU64(arg2.c_str()); - if ((worldId)&&(seed)) { + if ((worldId) && (seed)) { char jsons[1024]; - OSUtils::ztsnprintf(jsons,sizeof(jsons),"{\"seed\":\"%s\"}",arg2.c_str()); + OSUtils::ztsnprintf(jsons, sizeof(jsons), "{\"seed\":\"%s\"}", arg2.c_str()); char cl[128]; - OSUtils::ztsnprintf(cl,sizeof(cl),"%u",(unsigned int)strlen(jsons)); + OSUtils::ztsnprintf(cl, sizeof(cl), "%u", (unsigned int)strlen(jsons)); requestHeaders["Content-Type"] = "application/json"; requestHeaders["Content-Length"] = cl; - unsigned int scode = Http::POST( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/moon/") + arg1).c_str(), - requestHeaders, - jsons, - (unsigned long)strlen(jsons), - responseHeaders, - responseBody); + unsigned int scode = Http::POST(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/moon/") + arg1).c_str(), requestHeaders, jsons, (unsigned long)strlen(jsons), responseHeaders, responseBody); if (scode == 200) { printf("200 orbit OK" ZT_EOL_S); return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } } - } else if (command == "deorbit") { - unsigned int scode = Http::DEL( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/moon/") + arg1).c_str(), - requestHeaders, - responseHeaders, - responseBody); + } + else if (command == "deorbit") { + unsigned int scode = Http::DEL(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/moon/") + arg1).c_str(), requestHeaders, responseHeaders, responseBody); if (scode == 200) { if (json) { - printf("%s",cliFixJsonCRs(responseBody).c_str()); - } else { + printf("%s", cliFixJsonCRs(responseBody).c_str()); + } + else { printf("200 deorbit OK" ZT_EOL_S); } return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "set") { + } + else if (command == "set") { if (arg1.length() != 16) { - fprintf(stderr,"invalid format: must be a 16-digit (network) ID\n"); + fprintf(stderr, "invalid format: must be a 16-digit (network) ID\n"); return 2; } - if (!arg2.length()) { - fprintf(stderr,"invalid format: include a property name to set\n"); + if (! arg2.length()) { + fprintf(stderr, "invalid format: include a property name to set\n"); return 2; } std::size_t eqidx = arg2.find('='); if (eqidx != std::string::npos) { - if ((arg2.substr(0,eqidx) == "allowManaged")||(arg2.substr(0,eqidx) == "allowGlobal")||(arg2.substr(0,eqidx) == "allowDefault")||(arg2.substr(0,eqidx) == "allowDNS")) { + if ((arg2.substr(0, eqidx) == "allowManaged") || (arg2.substr(0, eqidx) == "allowGlobal") || (arg2.substr(0, eqidx) == "allowDefault") || (arg2.substr(0, eqidx) == "allowDNS")) { char jsons[1024]; - OSUtils::ztsnprintf(jsons,sizeof(jsons),"{\"%s\":%s}", - arg2.substr(0,eqidx).c_str(), - (((arg2.substr(eqidx,2) == "=t")||(arg2.substr(eqidx,2) == "=1")) ? "true" : "false")); + OSUtils::ztsnprintf(jsons, sizeof(jsons), "{\"%s\":%s}", arg2.substr(0, eqidx).c_str(), (((arg2.substr(eqidx, 2) == "=t") || (arg2.substr(eqidx, 2) == "=1")) ? "true" : "false")); char cl[128]; - OSUtils::ztsnprintf(cl,sizeof(cl),"%u",(unsigned int)strlen(jsons)); + OSUtils::ztsnprintf(cl, sizeof(cl), "%u", (unsigned int)strlen(jsons)); requestHeaders["Content-Type"] = "application/json"; requestHeaders["Content-Length"] = cl; - unsigned int scode = Http::POST( - 1024 * 1024 * 16, - 60000, - (const struct sockaddr *)&addr, - (std::string("/network/") + arg1).c_str(), - requestHeaders, - jsons, - (unsigned long)strlen(jsons), - responseHeaders, - responseBody); + unsigned int scode = Http::POST(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, (std::string("/network/") + arg1).c_str(), requestHeaders, jsons, (unsigned long)strlen(jsons), responseHeaders, responseBody); if (scode == 200) { - printf("%s",cliFixJsonCRs(responseBody).c_str()); + printf("%s", cliFixJsonCRs(responseBody).c_str()); return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } } - } else { - cliPrintHelp(argv[0],stderr); + } + else { + cliPrintHelp(argv[0], stderr); return 2; } - } else if (command == "get") { + } + else if (command == "get") { if (arg1.length() != 16) { - fprintf(stderr,"invalid format: must be a 16-digit (network) ID\n"); + fprintf(stderr, "invalid format: must be a 16-digit (network) ID\n"); return 2; } - if (!arg2.length()) { - fprintf(stderr,"invalid format: include a property name to get\n"); + if (! arg2.length()) { + fprintf(stderr, "invalid format: include a property name to get\n"); return 2; } - const unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/network",requestHeaders,responseHeaders,responseBody); + const unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/network", requestHeaders, responseHeaders, responseBody); if (scode == 0) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); return 1; @@ -1023,83 +997,87 @@ static int cli(int argc,char **argv) nlohmann::json j; try { j = OSUtils::jsonParse(responseBody); - } catch (std::exception &exc) { - printf("%u %s invalid JSON response (%s)" ZT_EOL_S,scode,command.c_str(),exc.what()); + } + catch (std::exception& exc) { + printf("%u %s invalid JSON response (%s)" ZT_EOL_S, scode, command.c_str(), exc.what()); return 1; - } catch ( ... ) { - printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S,scode,command.c_str()); + } + catch (...) { + printf("%u %s invalid JSON response (unknown exception)" ZT_EOL_S, scode, command.c_str()); return 1; } bool bNetworkFound = false; if (j.is_array()) { - for(unsigned long i=0;i().find('.') != std::string::npos) - || ((arg2.find("ip6") == 0) && addr.get().find(":") != std::string::npos) - || (arg2 == "ip") - ) { + for (int k = 0; k < std::min(ZT_MAX_ZT_ASSIGNED_ADDRESSES, (int)assignedAddresses.size()); ++k) { + nlohmann::json& addr = assignedAddresses[k]; + if ((arg2 == "ip4" && addr.get().find('.') != std::string::npos) || ((arg2.find("ip6") == 0) && addr.get().find(":") != std::string::npos) || (arg2 == "ip")) { matchingIdxs[addressCountOfType++] = k; } } - for (int k=0; k().find("fc") == 0) { - aa.append(addr.get().substr(0,addr.get().find('/'))); - if (k < addressCountOfType-1) aa.append("\n"); + aa.append(addr.get().substr(0, addr.get().find('/'))); + if (k < addressCountOfType - 1) + aa.append("\n"); } } if (arg2 == "ip6prefix") { if (addr.get().find("fc") == 0) { - aa.append(addr.get().substr(0,addr.get().find('/')).substr(0,24)); - if (k < addressCountOfType-1) aa.append("\n"); + aa.append(addr.get().substr(0, addr.get().find('/')).substr(0, 24)); + if (k < addressCountOfType - 1) + aa.append("\n"); } } } else { - aa.append(addr.get().substr(0,addr.get().find('/'))); - if (k < addressCountOfType-1) aa.append("\n"); + aa.append(addr.get().substr(0, addr.get().find('/'))); + if (k < addressCountOfType - 1) + aa.append("\n"); } } } - printf("%s\n",aa.c_str()); + printf("%s\n", aa.c_str()); } } } } - if (!bNetworkFound) { - fprintf(stderr,"unknown network ID, check that you are a member of the network\n"); + if (! bNetworkFound) { + fprintf(stderr, "unknown network ID, check that you are a member of the network\n"); } if (scode == 200) { return 0; - } else { - printf("%u %s %s" ZT_EOL_S,scode,command.c_str(),responseBody.c_str()); + } + else { + printf("%u %s %s" ZT_EOL_S, scode, command.c_str(), responseBody.c_str()); return 1; } - } else if (command == "dump") { + } + else if (command == "dump") { std::stringstream dump; dump << "platform: "; #ifdef __APPLE__ @@ -1111,12 +1089,11 @@ static int cli(int argc,char **argv) #else dump << "other unix based OS" << ZT_EOL_S; #endif - dump << "zerotier version: " << ZEROTIER_ONE_VERSION_MAJOR << "." - << ZEROTIER_ONE_VERSION_MINOR << "." << ZEROTIER_ONE_VERSION_REVISION << ZT_EOL_S << ZT_EOL_S; + dump << "zerotier version: " << ZEROTIER_ONE_VERSION_MAJOR << "." << ZEROTIER_ONE_VERSION_MINOR << "." << ZEROTIER_ONE_VERSION_REVISION << ZT_EOL_S << ZT_EOL_S; // grab status dump << "status" << ZT_EOL_S << "------" << ZT_EOL_S; - unsigned int scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/status",requestHeaders,responseHeaders,responseBody); + unsigned int scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/status", requestHeaders, responseHeaders, responseBody); if (scode != 200) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); return 1; @@ -1128,7 +1105,7 @@ static int cli(int argc,char **argv) // grab network list dump << ZT_EOL_S << "networks" << ZT_EOL_S << "--------" << ZT_EOL_S; - scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/network",requestHeaders,responseHeaders,responseBody); + scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/network", requestHeaders, responseHeaders, responseBody); if (scode != 200) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); return 1; @@ -1140,7 +1117,7 @@ static int cli(int argc,char **argv) // list peers dump << ZT_EOL_S << "peers" << ZT_EOL_S << "-----" << ZT_EOL_S; - scode = Http::GET(1024 * 1024 * 16,60000,(const struct sockaddr *)&addr,"/peer",requestHeaders,responseHeaders,responseBody); + scode = Http::GET(1024 * 1024 * 16, 60000, (const struct sockaddr*)&addr, "/peer", requestHeaders, responseHeaders, responseBody); if (scode != 200) { printf("Error connecting to the ZeroTier service: %s\n\nPlease check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1." ZT_EOL_S, responseBody.c_str()); return 1; @@ -1166,13 +1143,13 @@ static int cli(int argc,char **argv) #ifdef __APPLE__ CFArrayRef interfaces = SCNetworkInterfaceCopyAll(); CFIndex size = CFArrayGetCount(interfaces); - for(CFIndex i = 0; i < size; ++i) { + for (CFIndex i = 0; i < size; ++i) { SCNetworkInterfaceRef iface = (SCNetworkInterfaceRef)CFArrayGetValueAtIndex(interfaces, i); dump << "Interface " << i << ZT_EOL_S << "-----------" << ZT_EOL_S; CFStringRef tmp = SCNetworkInterfaceGetBSDName(iface); char stringBuffer[512] = {}; - CFStringGetCString(tmp,stringBuffer, sizeof(stringBuffer), kCFStringEncodingUTF8); + CFStringGetCString(tmp, stringBuffer, sizeof(stringBuffer), kCFStringEncodingUTF8); dump << "Name: " << stringBuffer << ZT_EOL_S; std::string ifName(stringBuffer); int mtuCur, mtuMin, mtuMax; @@ -1187,17 +1164,19 @@ static int cli(int argc,char **argv) dump << "Addresses:" << ZT_EOL_S; struct ifaddrs *ifap, *ifa; - void *addr; + void* addr; getifaddrs(&ifap); for (ifa = ifap; ifa; ifa = ifa->ifa_next) { if (strcmp(ifName.c_str(), ifa->ifa_name) == 0) { if (ifa->ifa_addr->sa_family == AF_INET) { - struct sockaddr_in *ipv4 = (struct sockaddr_in*)ifa->ifa_addr; + struct sockaddr_in* ipv4 = (struct sockaddr_in*)ifa->ifa_addr; addr = &ipv4->sin_addr; - } else if (ifa->ifa_addr->sa_family == AF_INET6) { - struct sockaddr_in6 *ipv6 = (struct sockaddr_in6*)ifa->ifa_addr; + } + else if (ifa->ifa_addr->sa_family == AF_INET6) { + struct sockaddr_in6* ipv6 = (struct sockaddr_in6*)ifa->ifa_addr; addr = &ipv6->sin6_addr; - } else { + } + else { continue; } inet_ntop(ifa->ifa_addr->sa_family, addr, stringBuffer, sizeof(stringBuffer)); @@ -1208,15 +1187,13 @@ static int cli(int argc,char **argv) dump << ZT_EOL_S; } - FSRef fsref; UInt8 path[PATH_MAX]; - if (FSFindFolder(kUserDomain, kDesktopFolderType, kDontCreateFolder, &fsref) == noErr && - FSRefMakePath(&fsref, path, sizeof(path)) == noErr) { - - } else if (getenv("SUDO_USER")) { + if (FSFindFolder(kUserDomain, kDesktopFolderType, kDontCreateFolder, &fsref) == noErr && FSRefMakePath(&fsref, path, sizeof(path)) == noErr) {} + else if (getenv("SUDO_USER")) { sprintf((char*)path, "/Users/%s/Desktop", getenv("SUDO_USER")); - } else { + } + else { fprintf(stdout, "%s", dump.str().c_str()); return 0; } @@ -1224,7 +1201,7 @@ static int cli(int argc,char **argv) sprintf((char*)path, "%s%szerotier_dump.txt", (char*)path, ZT_PATH_SEPARATOR_S); fprintf(stdout, "Writing dump to: %s\n", path); - int fd = open((char*)path, O_CREAT|O_RDWR,0664); + int fd = open((char*)path, O_CREAT | O_RDWR, 0664); if (fd == -1) { fprintf(stderr, "Error creating file.\n"); return 1; @@ -1258,7 +1235,9 @@ static int cli(int argc,char **argv) dump << "MTU: " << curAddr->Mtu << ZT_EOL_S; dump << "MAC: "; char macBuffer[64] = {}; - sprintf(macBuffer, "%02x:%02x:%02x:%02x:%02x:%02x", + sprintf( + macBuffer, + "%02x:%02x:%02x:%02x:%02x:%02x", curAddr->PhysicalAddress[0], curAddr->PhysicalAddress[1], curAddr->PhysicalAddress[2], @@ -1275,13 +1254,7 @@ static int cli(int argc,char **argv) char buf[128] = {}; DWORD bufLen = 128; LPSOCKADDR a = pUnicast->Address.lpSockaddr; - WSAAddressToStringA( - pUnicast->Address.lpSockaddr, - pUnicast->Address.iSockaddrLength, - NULL, - buf, - &bufLen - ); + WSAAddressToStringA(pUnicast->Address.lpSockaddr, pUnicast->Address.iSockaddrLength, NULL, buf, &bufLen); dump << buf << ZT_EOL_S; pUnicast = pUnicast->Next; } @@ -1300,27 +1273,13 @@ static int cli(int argc,char **argv) if (SHGetFolderPathA(NULL, CSIDL_DESKTOP, NULL, 0, path) == S_OK) { sprintf(path, "%s%szerotier_dump.txt", path, ZT_PATH_SEPARATOR_S); fprintf(stdout, "Writing dump to: %s\n", path); - HANDLE file = CreateFileA( - path, - GENERIC_WRITE, - 0, - NULL, - CREATE_ALWAYS, - FILE_ATTRIBUTE_NORMAL, - NULL - ); + HANDLE file = CreateFileA(path, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if (file == INVALID_HANDLE_VALUE) { fprintf(stdout, "%s", dump.str().c_str()); return 0; } - BOOL err = WriteFile( - file, - dump.str().c_str(), - dump.str().size(), - NULL, - NULL - ); + BOOL err = WriteFile(file, dump.str().c_str(), dump.str().size(), NULL, NULL); if (err = FALSE) { fprintf(stderr, "Error writing file"); return 1; @@ -1342,13 +1301,13 @@ static int cli(int argc,char **argv) ifc.ifc_buf = buf; ioctl(sock, SIOCGIFCONF, &ifc); - struct ifreq *it = ifc.ifc_req; - const struct ifreq * const end = it + (ifc.ifc_len / sizeof(struct ifreq)); + struct ifreq* it = ifc.ifc_req; + const struct ifreq* const end = it + (ifc.ifc_len / sizeof(struct ifreq)); int count = 0; - for(; it != end; ++it) { + for (; it != end; ++it) { strcpy(ifr.ifr_name, it->ifr_name); - if(ioctl(sock, SIOCGIFFLAGS, &ifr) == 0) { - if (!(ifr.ifr_flags & IFF_LOOPBACK)) { // skip loopback + if (ioctl(sock, SIOCGIFFLAGS, &ifr) == 0) { + if (! (ifr.ifr_flags & IFF_LOOPBACK)) { // skip loopback dump << "Interface " << count++ << ZT_EOL_S << "-----------" << ZT_EOL_S; dump << "Name: " << ifr.ifr_name << ZT_EOL_S; if (ioctl(sock, SIOCGIFMTU, &ifr) == 0) { @@ -1358,29 +1317,25 @@ static int cli(int argc,char **argv) unsigned char mac_addr[6]; memcpy(mac_addr, ifr.ifr_hwaddr.sa_data, 6); char macStr[18]; - sprintf(macStr, "%02x:%02x:%02x:%02x:%02x:%02x", - mac_addr[0], - mac_addr[1], - mac_addr[2], - mac_addr[3], - mac_addr[4], - mac_addr[5]); + sprintf(macStr, "%02x:%02x:%02x:%02x:%02x:%02x", mac_addr[0], mac_addr[1], mac_addr[2], mac_addr[3], mac_addr[4], mac_addr[5]); dump << "MAC: " << macStr << ZT_EOL_S; } dump << "Addresses: " << ZT_EOL_S; struct ifaddrs *ifap, *ifa; - void *addr; + void* addr; getifaddrs(&ifap); - for(ifa = ifap; ifa; ifa = ifa->ifa_next) { - if(strcmp(ifr.ifr_name, ifa->ifa_name) == 0 && ifa->ifa_addr != NULL) { - if(ifa->ifa_addr->sa_family == AF_INET) { - struct sockaddr_in *ipv4 = (struct sockaddr_in*)ifa->ifa_addr; + for (ifa = ifap; ifa; ifa = ifa->ifa_next) { + if (strcmp(ifr.ifr_name, ifa->ifa_name) == 0 && ifa->ifa_addr != NULL) { + if (ifa->ifa_addr->sa_family == AF_INET) { + struct sockaddr_in* ipv4 = (struct sockaddr_in*)ifa->ifa_addr; addr = &ipv4->sin_addr; - } else if (ifa->ifa_addr->sa_family == AF_INET6) { - struct sockaddr_in6 *ipv6 = (struct sockaddr_in6*)ifa->ifa_addr; + } + else if (ifa->ifa_addr->sa_family == AF_INET6) { + struct sockaddr_in6* ipv6 = (struct sockaddr_in6*)ifa->ifa_addr; addr = &ipv6->sin6_addr; - } else { + } + else { continue; } inet_ntop(ifa->ifa_addr->sa_family, addr, stringBuffer, sizeof(stringBuffer)); @@ -1395,7 +1350,7 @@ static int cli(int argc,char **argv) getcwd(cwd, sizeof(cwd)); sprintf(cwd, "%s%szerotier_dump.txt", cwd, ZT_PATH_SEPARATOR_S); fprintf(stdout, "Writing dump to: %s\n", cwd); - int fd = open(cwd, O_CREAT|O_RDWR,0664); + int fd = open(cwd, O_CREAT | O_RDWR, 0664); if (fd == -1) { fprintf(stderr, "Error creating file.\n"); return 1; @@ -1403,13 +1358,13 @@ static int cli(int argc,char **argv) write(fd, dump.str().c_str(), dump.str().size()); close(fd); #else - fprintf(stderr, "%s", dump.str().c_str()); + fprintf(stderr, "%s", dump.str().c_str()); #endif // fprintf(stderr, "%s\n", dump.str().c_str()); - - } else { - cliPrintHelp(argv[0],stderr); + } + else { + cliPrintHelp(argv[0], stderr); return 0; } @@ -1420,34 +1375,30 @@ static int cli(int argc,char **argv) /* zerotier-idtool personality */ /****************************************************************************/ -static void idtoolPrintHelp(FILE *out,const char *pn) +static void idtoolPrintHelp(FILE* out, const char* pn) { - fprintf(out, - "%s version %d.%d.%d" ZT_EOL_S, - PROGRAM_NAME, - ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION); - fprintf(out, - COPYRIGHT_NOTICE ZT_EOL_S - LICENSE_GRANT ZT_EOL_S); - fprintf(out,"Usage: %s []" ZT_EOL_S"" ZT_EOL_S"Commands:" ZT_EOL_S,pn); - fprintf(out," generate [] [] []" ZT_EOL_S); - fprintf(out," validate " ZT_EOL_S); - fprintf(out," getpublic " ZT_EOL_S); - fprintf(out," sign " ZT_EOL_S); - fprintf(out," verify " ZT_EOL_S); - fprintf(out," initmoon " ZT_EOL_S); - fprintf(out," genmoon " ZT_EOL_S); + fprintf(out, "%s version %d.%d.%d" ZT_EOL_S, PROGRAM_NAME, ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION); + fprintf(out, COPYRIGHT_NOTICE ZT_EOL_S LICENSE_GRANT ZT_EOL_S); + fprintf(out, "Usage: %s []" ZT_EOL_S "" ZT_EOL_S "Commands:" ZT_EOL_S, pn); + fprintf(out, " generate [] [] []" ZT_EOL_S); + fprintf(out, " validate " ZT_EOL_S); + fprintf(out, " getpublic " ZT_EOL_S); + fprintf(out, " sign " ZT_EOL_S); + fprintf(out, " verify " ZT_EOL_S); + fprintf(out, " initmoon " ZT_EOL_S); + fprintf(out, " genmoon " ZT_EOL_S); } -static Identity getIdFromArg(char *arg) +static Identity getIdFromArg(char* arg) { Identity id; - if ((strlen(arg) > 32)&&(arg[10] == ':')) { // identity is a literal on the command line + if ((strlen(arg) > 32) && (arg[10] == ':')) { // identity is a literal on the command line if (id.fromString(arg)) return id; - } else { // identity is to be read from a file + } + else { // identity is to be read from a file std::string idser; - if (OSUtils::readFile(arg,idser)) { + if (OSUtils::readFile(arg, idser)) { if (id.fromString(idser.c_str())) return id; } @@ -1458,15 +1409,15 @@ static Identity getIdFromArg(char *arg) #ifdef __WINDOWS__ static int idtool(int argc, _TCHAR* argv[]) #else -static int idtool(int argc,char **argv) +static int idtool(int argc, char** argv) #endif { if (argc < 2) { - idtoolPrintHelp(stdout,argv[0]); + idtoolPrintHelp(stdout, argv[0]); return 1; } - if (!strcmp(argv[1],"generate")) { + if (! strcmp(argv[1], "generate")) { uint64_t vanity = 0; int vanityBits = 0; if (argc >= 5) { @@ -1477,132 +1428,150 @@ static int idtool(int argc,char **argv) } Identity id; - for(;;) { + for (;;) { id.generate(); if ((id.address().toInt() >> (40 - vanityBits)) == vanity) { if (vanityBits > 0) { - fprintf(stderr,"vanity address: found %.10llx !\n",(unsigned long long)id.address().toInt()); + fprintf(stderr, "vanity address: found %.10llx !\n", (unsigned long long)id.address().toInt()); } break; - } else { - fprintf(stderr,"vanity address: tried %.10llx looking for first %d bits of %.10llx\n",(unsigned long long)id.address().toInt(),vanityBits,(unsigned long long)(vanity << (40 - vanityBits))); + } + else { + fprintf(stderr, "vanity address: tried %.10llx looking for first %d bits of %.10llx\n", (unsigned long long)id.address().toInt(), vanityBits, (unsigned long long)(vanity << (40 - vanityBits))); } } char idtmp[1024]; - std::string idser = id.toString(true,idtmp); + std::string idser = id.toString(true, idtmp); if (argc >= 3) { - if (!OSUtils::writeFile(argv[2],idser)) { - fprintf(stderr,"Error writing to %s" ZT_EOL_S,argv[2]); + if (! OSUtils::writeFile(argv[2], idser)) { + fprintf(stderr, "Error writing to %s" ZT_EOL_S, argv[2]); return 1; - } else printf("%s written" ZT_EOL_S,argv[2]); - if (argc >= 4) { - idser = id.toString(false,idtmp); - if (!OSUtils::writeFile(argv[3],idser)) { - fprintf(stderr,"Error writing to %s" ZT_EOL_S,argv[3]); - return 1; - } else printf("%s written" ZT_EOL_S,argv[3]); } - } else printf("%s",idser.c_str()); - } else if (!strcmp(argv[1],"validate")) { + else + printf("%s written" ZT_EOL_S, argv[2]); + if (argc >= 4) { + idser = id.toString(false, idtmp); + if (! OSUtils::writeFile(argv[3], idser)) { + fprintf(stderr, "Error writing to %s" ZT_EOL_S, argv[3]); + return 1; + } + else + printf("%s written" ZT_EOL_S, argv[3]); + } + } + else + printf("%s", idser.c_str()); + } + else if (! strcmp(argv[1], "validate")) { if (argc < 3) { - idtoolPrintHelp(stdout,argv[0]); + idtoolPrintHelp(stdout, argv[0]); return 1; } Identity id = getIdFromArg(argv[2]); - if (!id) { - fprintf(stderr,"Identity argument invalid or file unreadable: %s" ZT_EOL_S,argv[2]); + if (! id) { + fprintf(stderr, "Identity argument invalid or file unreadable: %s" ZT_EOL_S, argv[2]); return 1; } - if (!id.locallyValidate()) { - fprintf(stderr,"%s FAILED validation." ZT_EOL_S,argv[2]); + if (! id.locallyValidate()) { + fprintf(stderr, "%s FAILED validation." ZT_EOL_S, argv[2]); return 1; - } else printf("%s is a valid identity" ZT_EOL_S,argv[2]); - } else if (!strcmp(argv[1],"getpublic")) { + } + else + printf("%s is a valid identity" ZT_EOL_S, argv[2]); + } + else if (! strcmp(argv[1], "getpublic")) { if (argc < 3) { - idtoolPrintHelp(stdout,argv[0]); + idtoolPrintHelp(stdout, argv[0]); return 1; } Identity id = getIdFromArg(argv[2]); - if (!id) { - fprintf(stderr,"Identity argument invalid or file unreadable: %s" ZT_EOL_S,argv[2]); + if (! id) { + fprintf(stderr, "Identity argument invalid or file unreadable: %s" ZT_EOL_S, argv[2]); return 1; } char idtmp[1024]; - printf("%s",id.toString(false,idtmp)); - } else if (!strcmp(argv[1],"sign")) { + printf("%s", id.toString(false, idtmp)); + } + else if (! strcmp(argv[1], "sign")) { if (argc < 4) { - idtoolPrintHelp(stdout,argv[0]); + idtoolPrintHelp(stdout, argv[0]); return 1; } Identity id = getIdFromArg(argv[2]); - if (!id) { - fprintf(stderr,"Identity argument invalid or file unreadable: %s" ZT_EOL_S,argv[2]); + if (! id) { + fprintf(stderr, "Identity argument invalid or file unreadable: %s" ZT_EOL_S, argv[2]); return 1; } - if (!id.hasPrivate()) { - fprintf(stderr,"%s does not contain a private key (must use private to sign)" ZT_EOL_S,argv[2]); + if (! id.hasPrivate()) { + fprintf(stderr, "%s does not contain a private key (must use private to sign)" ZT_EOL_S, argv[2]); return 1; } std::string inf; - if (!OSUtils::readFile(argv[3],inf)) { - fprintf(stderr,"%s is not readable" ZT_EOL_S,argv[3]); + if (! OSUtils::readFile(argv[3], inf)) { + fprintf(stderr, "%s is not readable" ZT_EOL_S, argv[3]); return 1; } - ECC::Signature signature = id.sign(inf.data(),(unsigned int)inf.length()); + ECC::Signature signature = id.sign(inf.data(), (unsigned int)inf.length()); char hexbuf[1024]; - printf("%s",Utils::hex(signature.data,ZT_ECC_SIGNATURE_LEN,hexbuf)); - } else if (!strcmp(argv[1],"verify")) { + printf("%s", Utils::hex(signature.data, ZT_ECC_SIGNATURE_LEN, hexbuf)); + } + else if (! strcmp(argv[1], "verify")) { if (argc < 5) { - idtoolPrintHelp(stdout,argv[0]); + idtoolPrintHelp(stdout, argv[0]); return 1; } Identity id = getIdFromArg(argv[2]); - if (!id) { - fprintf(stderr,"Identity argument invalid or file unreadable: %s" ZT_EOL_S,argv[2]); + if (! id) { + fprintf(stderr, "Identity argument invalid or file unreadable: %s" ZT_EOL_S, argv[2]); return 1; } std::string inf; - if (!OSUtils::readFile(argv[3],inf)) { - fprintf(stderr,"%s is not readable" ZT_EOL_S,argv[3]); + if (! OSUtils::readFile(argv[3], inf)) { + fprintf(stderr, "%s is not readable" ZT_EOL_S, argv[3]); return 1; } char buf[4096]; - std::string signature(buf,Utils::unhex(argv[4],buf,(unsigned int)sizeof(buf))); - if ((signature.length() > ZT_ADDRESS_LENGTH)&&(id.verify(inf.data(),(unsigned int)inf.length(),signature.data(),(unsigned int)signature.length()))) { - printf("%s signature valid" ZT_EOL_S,argv[3]); - } else { + std::string signature(buf, Utils::unhex(argv[4], buf, (unsigned int)sizeof(buf))); + if ((signature.length() > ZT_ADDRESS_LENGTH) && (id.verify(inf.data(), (unsigned int)inf.length(), signature.data(), (unsigned int)signature.length()))) { + printf("%s signature valid" ZT_EOL_S, argv[3]); + } + else { signature.clear(); - if (OSUtils::readFile(argv[4],signature)) { - signature.assign(buf,Utils::unhex(signature.c_str(),buf,(unsigned int)sizeof(buf))); - if ((signature.length() > ZT_ADDRESS_LENGTH)&&(id.verify(inf.data(),(unsigned int)inf.length(),signature.data(),(unsigned int)signature.length()))) { - printf("%s signature valid" ZT_EOL_S,argv[3]); - } else { - fprintf(stderr,"%s signature check FAILED" ZT_EOL_S,argv[3]); + if (OSUtils::readFile(argv[4], signature)) { + signature.assign(buf, Utils::unhex(signature.c_str(), buf, (unsigned int)sizeof(buf))); + if ((signature.length() > ZT_ADDRESS_LENGTH) && (id.verify(inf.data(), (unsigned int)inf.length(), signature.data(), (unsigned int)signature.length()))) { + printf("%s signature valid" ZT_EOL_S, argv[3]); + } + else { + fprintf(stderr, "%s signature check FAILED" ZT_EOL_S, argv[3]); return 1; } - } else { - fprintf(stderr,"%s signature check FAILED" ZT_EOL_S,argv[3]); + } + else { + fprintf(stderr, "%s signature check FAILED" ZT_EOL_S, argv[3]); return 1; } } - } else if (!strcmp(argv[1],"initmoon")) { + } + else if (! strcmp(argv[1], "initmoon")) { if (argc < 3) { - idtoolPrintHelp(stdout,argv[0]); - } else { + idtoolPrintHelp(stdout, argv[0]); + } + else { const Identity id = getIdFromArg(argv[2]); - if (!id) { - fprintf(stderr,"%s is not a valid identity" ZT_EOL_S,argv[2]); + if (! id) { + fprintf(stderr, "%s is not a valid identity" ZT_EOL_S, argv[2]); return 1; } @@ -1612,80 +1581,85 @@ static int idtool(int argc,char **argv) nlohmann::json mj; mj["objtype"] = "world"; mj["worldType"] = "moon"; - mj["updatesMustBeSignedBy"] = mj["signingKey"] = Utils::hex(kp.pub.data,ZT_ECC_PUBLIC_KEY_SET_LEN,idtmp); - mj["signingKey_SECRET"] = Utils::hex(kp.priv.data,ZT_ECC_PRIVATE_KEY_SET_LEN,idtmp); + mj["updatesMustBeSignedBy"] = mj["signingKey"] = Utils::hex(kp.pub.data, ZT_ECC_PUBLIC_KEY_SET_LEN, idtmp); + mj["signingKey_SECRET"] = Utils::hex(kp.priv.data, ZT_ECC_PRIVATE_KEY_SET_LEN, idtmp); mj["id"] = id.address().toString(idtmp); nlohmann::json seedj; - seedj["identity"] = id.toString(false,idtmp); + seedj["identity"] = id.toString(false, idtmp); seedj["stableEndpoints"] = nlohmann::json::array(); (mj["roots"] = nlohmann::json::array()).push_back(seedj); std::string mjd(OSUtils::jsonDump(mj)); - printf("%s" ZT_EOL_S,mjd.c_str()); + printf("%s" ZT_EOL_S, mjd.c_str()); } - } else if (!strcmp(argv[1],"genmoon")) { + } + else if (! strcmp(argv[1], "genmoon")) { if (argc < 3) { - idtoolPrintHelp(stdout,argv[0]); - } else { + idtoolPrintHelp(stdout, argv[0]); + } + else { std::string buf; - if (!OSUtils::readFile(argv[2],buf)) { - fprintf(stderr,"cannot read %s" ZT_EOL_S,argv[2]); + if (! OSUtils::readFile(argv[2], buf)) { + fprintf(stderr, "cannot read %s" ZT_EOL_S, argv[2]); return 1; } nlohmann::json mj(OSUtils::jsonParse(buf)); - const uint64_t id = Utils::hexStrToU64(OSUtils::jsonString(mj["id"],"0").c_str()); - if (!id) { - fprintf(stderr,"ID in %s is invalid" ZT_EOL_S,argv[2]); + const uint64_t id = Utils::hexStrToU64(OSUtils::jsonString(mj["id"], "0").c_str()); + if (! id) { + fprintf(stderr, "ID in %s is invalid" ZT_EOL_S, argv[2]); return 1; } World::Type t; if (mj["worldType"] == "moon") { t = World::TYPE_MOON; - } else if (mj["worldType"] == "planet") { + } + else if (mj["worldType"] == "planet") { t = World::TYPE_PLANET; - } else { - fprintf(stderr,"invalid worldType" ZT_EOL_S); + } + else { + fprintf(stderr, "invalid worldType" ZT_EOL_S); return 1; } ECC::Pair signingKey; ECC::Public updatesMustBeSignedBy; - Utils::unhex(OSUtils::jsonString(mj["signingKey"],"").c_str(),signingKey.pub.data,ZT_ECC_PUBLIC_KEY_SET_LEN); - Utils::unhex(OSUtils::jsonString(mj["signingKey_SECRET"],"").c_str(),signingKey.priv.data,ZT_ECC_PRIVATE_KEY_SET_LEN); - Utils::unhex(OSUtils::jsonString(mj["updatesMustBeSignedBy"],"").c_str(),updatesMustBeSignedBy.data,ZT_ECC_PUBLIC_KEY_SET_LEN); + Utils::unhex(OSUtils::jsonString(mj["signingKey"], "").c_str(), signingKey.pub.data, ZT_ECC_PUBLIC_KEY_SET_LEN); + Utils::unhex(OSUtils::jsonString(mj["signingKey_SECRET"], "").c_str(), signingKey.priv.data, ZT_ECC_PRIVATE_KEY_SET_LEN); + Utils::unhex(OSUtils::jsonString(mj["updatesMustBeSignedBy"], "").c_str(), updatesMustBeSignedBy.data, ZT_ECC_PUBLIC_KEY_SET_LEN); std::vector roots; - nlohmann::json &rootsj = mj["roots"]; + nlohmann::json& rootsj = mj["roots"]; if (rootsj.is_array()) { - for(unsigned long i=0;i<(unsigned long)rootsj.size();++i) { - nlohmann::json &r = rootsj[i]; + for (unsigned long i = 0; i < (unsigned long)rootsj.size(); ++i) { + nlohmann::json& r = rootsj[i]; if (r.is_object()) { roots.push_back(World::Root()); - roots.back().identity = Identity(OSUtils::jsonString(r["identity"],"").c_str()); - nlohmann::json &stableEndpointsj = r["stableEndpoints"]; + roots.back().identity = Identity(OSUtils::jsonString(r["identity"], "").c_str()); + nlohmann::json& stableEndpointsj = r["stableEndpoints"]; if (stableEndpointsj.is_array()) { - for(unsigned long k=0;k<(unsigned long)stableEndpointsj.size();++k) - roots.back().stableEndpoints.push_back(InetAddress(OSUtils::jsonString(stableEndpointsj[k],"").c_str())); - std::sort(roots.back().stableEndpoints.begin(),roots.back().stableEndpoints.end()); + for (unsigned long k = 0; k < (unsigned long)stableEndpointsj.size(); ++k) + roots.back().stableEndpoints.push_back(InetAddress(OSUtils::jsonString(stableEndpointsj[k], "").c_str())); + std::sort(roots.back().stableEndpoints.begin(), roots.back().stableEndpoints.end()); } } } } - std::sort(roots.begin(),roots.end()); + std::sort(roots.begin(), roots.end()); const int64_t now = OSUtils::now(); - World w(World::make(t,id,now,updatesMustBeSignedBy,roots,signingKey)); + World w(World::make(t, id, now, updatesMustBeSignedBy, roots, signingKey)); Buffer wbuf; w.serialize(wbuf); char fn[128]; - OSUtils::ztsnprintf(fn,sizeof(fn),"%.16llx.moon",w.id()); - OSUtils::writeFile(fn,wbuf.data(),wbuf.size()); - printf("wrote %s (signed world with timestamp %llu)" ZT_EOL_S,fn,(unsigned long long)now); + OSUtils::ztsnprintf(fn, sizeof(fn), "%.16llx.moon", w.id()); + OSUtils::writeFile(fn, wbuf.data(), wbuf.size()); + printf("wrote %s (signed world with timestamp %llu)" ZT_EOL_S, fn, (unsigned long long)now); } - } else { - idtoolPrintHelp(stdout,argv[0]); + } + else { + idtoolPrintHelp(stdout, argv[0]); return 1; } @@ -1706,24 +1680,25 @@ static void _sighandlerReallyQuit(int sig) } static void _sighandlerQuit(int sig) { - alarm(5); // force exit after 5s - OneService *s = zt1Service; + alarm(5); // force exit after 5s + OneService* s = zt1Service; if (s) s->terminate(); - else exit(0); + else + exit(0); } #endif // Drop privileges on Linux, if supported by libc etc. and "zerotier-one" user exists on system -#if defined(__LINUX__) && !defined(ZT_NO_CAPABILITIES) +#if defined(__LINUX__) && ! defined(ZT_NO_CAPABILITIES) #ifndef PR_CAP_AMBIENT -#define PR_CAP_AMBIENT 47 -#define PR_CAP_AMBIENT_IS_SET 1 -#define PR_CAP_AMBIENT_RAISE 2 -#define PR_CAP_AMBIENT_LOWER 3 +#define PR_CAP_AMBIENT 47 +#define PR_CAP_AMBIENT_IS_SET 1 +#define PR_CAP_AMBIENT_RAISE 2 +#define PR_CAP_AMBIENT_LOWER 3 #define PR_CAP_AMBIENT_CLEAR_ALL 4 #endif -#define ZT_LINUX_USER "zerotier-one" +#define ZT_LINUX_USER "zerotier-one" #define ZT_HAVE_DROP_PRIVILEGES 1 namespace { @@ -1738,78 +1713,81 @@ struct cap_data_struct { __u32 permitted; __u32 inheritable; }; -static inline int _zt_capset(cap_header_struct* hdrp, cap_data_struct* datap) { return syscall(SYS_capset, hdrp, datap); } +static inline int _zt_capset(cap_header_struct* hdrp, cap_data_struct* datap) +{ + return syscall(SYS_capset, hdrp, datap); +} -static void _notDropping(const char *procName,const std::string &homeDir) +static void _notDropping(const char* procName, const std::string& homeDir) { struct stat buf; - if (lstat(homeDir.c_str(),&buf) < 0) { + if (lstat(homeDir.c_str(), &buf) < 0) { if (buf.st_uid != 0 || buf.st_gid != 0) { - fprintf(stderr, "%s: FATAL: failed to drop privileges and can't run as root since privileges were previously dropped (home directory not owned by root)" ZT_EOL_S,procName); + fprintf(stderr, "%s: FATAL: failed to drop privileges and can't run as root since privileges were previously dropped (home directory not owned by root)" ZT_EOL_S, procName); exit(1); } } - fprintf(stderr, "%s: WARNING: failed to drop privileges (kernel may not support required prctl features), running as root" ZT_EOL_S,procName); + fprintf(stderr, "%s: WARNING: failed to drop privileges (kernel may not support required prctl features), running as root" ZT_EOL_S, procName); } static int _setCapabilities(int flags) { - cap_header_struct capheader = {_LINUX_CAPABILITY_VERSION_1, 0}; + cap_header_struct capheader = { _LINUX_CAPABILITY_VERSION_1, 0 }; cap_data_struct capdata; capdata.inheritable = capdata.permitted = capdata.effective = flags; return _zt_capset(&capheader, &capdata); } -static void _recursiveChown(const char *path,uid_t uid,gid_t gid) +static void _recursiveChown(const char* path, uid_t uid, gid_t gid) { struct dirent de; - struct dirent *dptr; - lchown(path,uid,gid); - DIR *d = opendir(path); - if (!d) + struct dirent* dptr; + lchown(path, uid, gid); + DIR* d = opendir(path); + if (! d) return; - dptr = (struct dirent *)0; - for(;;) { - if (readdir_r(d,&de,&dptr) != 0) + dptr = (struct dirent*)0; + for (;;) { + if (readdir_r(d, &de, &dptr) != 0) break; - if (!dptr) + if (! dptr) break; - if ((strcmp(dptr->d_name,".") != 0)&&(strcmp(dptr->d_name,"..") != 0)&&(strlen(dptr->d_name) > 0)) { + if ((strcmp(dptr->d_name, ".") != 0) && (strcmp(dptr->d_name, "..") != 0) && (strlen(dptr->d_name) > 0)) { std::string p(path); p.push_back(ZT_PATH_SEPARATOR); p.append(dptr->d_name); - _recursiveChown(p.c_str(),uid,gid); // will just fail and return on regular files + _recursiveChown(p.c_str(), uid, gid); // will just fail and return on regular files } } closedir(d); } -static void dropPrivileges(const char *procName,const std::string &homeDir) +static void dropPrivileges(const char* procName, const std::string& homeDir) { if (getuid() != 0) return; // dropPrivileges switches to zerotier-one user while retaining CAP_NET_ADMIN // and CAP_NET_RAW capabilities. - struct passwd *targetUser = getpwnam(ZT_LINUX_USER); - if (!targetUser) + struct passwd* targetUser = getpwnam(ZT_LINUX_USER); + if (! targetUser) return; if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_NET_RAW, 0, 0) < 0) { // Kernel has no support for ambient capabilities. - _notDropping(procName,homeDir); + _notDropping(procName, homeDir); return; } if (prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS | SECBIT_NOROOT) < 0) { - _notDropping(procName,homeDir); + _notDropping(procName, homeDir); return; } // Change ownership of our home directory if everything looks good (does nothing if already chown'd) - _recursiveChown(homeDir.c_str(),targetUser->pw_uid,targetUser->pw_gid); + _recursiveChown(homeDir.c_str(), targetUser->pw_uid, targetUser->pw_gid); if (_setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID) | (1 << CAP_SETGID) | (1 << CAP_NET_BIND_SERVICE)) < 0) { - _notDropping(procName,homeDir); + _notDropping(procName, homeDir); return; } @@ -1818,7 +1796,7 @@ static void dropPrivileges(const char *procName,const std::string &homeDir) // Disable ptracing. Otherwise there is a small window when previous // compromised ZeroTier process could ptrace us, when we still have CAP_SETUID. // (this is mitigated anyway on most distros by ptrace_scope=1) - fprintf(stderr,"%s: FATAL: prctl(PR_SET_DUMPABLE) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + fprintf(stderr, "%s: FATAL: prctl(PR_SET_DUMPABLE) failed while attempting to relinquish root permissions" ZT_EOL_S, procName); exit(1); } @@ -1833,27 +1811,27 @@ static void dropPrivileges(const char *procName,const std::string &homeDir) } if (_setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_NET_BIND_SERVICE)) < 0) { - fprintf(stderr,"%s: FATAL: unable to drop capabilities after relinquishing root" ZT_EOL_S,procName); + fprintf(stderr, "%s: FATAL: unable to drop capabilities after relinquishing root" ZT_EOL_S, procName); exit(1); } if (prctl(PR_SET_DUMPABLE, oldDumpable) < 0) { - fprintf(stderr,"%s: FATAL: prctl(PR_SET_DUMPABLE) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + fprintf(stderr, "%s: FATAL: prctl(PR_SET_DUMPABLE) failed while attempting to relinquish root permissions" ZT_EOL_S, procName); exit(1); } if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, CAP_NET_ADMIN, 0, 0) < 0) { - fprintf(stderr,"%s: FATAL: prctl(PR_CAP_AMBIENT,PR_CAP_AMBIENT_RAISE,CAP_NET_ADMIN) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + fprintf(stderr, "%s: FATAL: prctl(PR_CAP_AMBIENT,PR_CAP_AMBIENT_RAISE,CAP_NET_ADMIN) failed while attempting to relinquish root permissions" ZT_EOL_S, procName); exit(1); } if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, CAP_NET_RAW, 0, 0) < 0) { - fprintf(stderr,"%s: FATAL: prctl(PR_CAP_AMBIENT,PR_CAP_AMBIENT_RAISE,CAP_NET_RAW) failed while attempting to relinquish root permissions" ZT_EOL_S,procName); + fprintf(stderr, "%s: FATAL: prctl(PR_CAP_AMBIENT,PR_CAP_AMBIENT_RAISE,CAP_NET_RAW) failed while attempting to relinquish root permissions" ZT_EOL_S, procName); exit(1); } } -} // anonymous namespace -#endif // __LINUX__ +} // anonymous namespace +#endif // __LINUX__ /****************************************************************************/ /* Windows helper functions and signal handlers */ @@ -1863,12 +1841,12 @@ static void dropPrivileges(const char *procName,const std::string &homeDir) // Console signal handler routine to allow CTRL+C to work, mostly for testing static BOOL WINAPI _winConsoleCtrlHandler(DWORD dwCtrlType) { - switch(dwCtrlType) { + switch (dwCtrlType) { case CTRL_C_EVENT: case CTRL_BREAK_EVENT: case CTRL_CLOSE_EVENT: case CTRL_SHUTDOWN_EVENT: - OneService *s = zt1Service; + OneService* s = zt1Service; if (s) s->terminate(); return TRUE; @@ -1880,34 +1858,64 @@ static BOOL WINAPI _winConsoleCtrlHandler(DWORD dwCtrlType) static void _winPokeAHole() { char myPath[MAX_PATH]; - DWORD ps = GetModuleFileNameA(NULL,myPath,sizeof(myPath)); - if ((ps > 0)&&(ps < (DWORD)sizeof(myPath))) { + DWORD ps = GetModuleFileNameA(NULL, myPath, sizeof(myPath)); + if ((ps > 0) && (ps < (DWORD)sizeof(myPath))) { STARTUPINFOA startupInfo; PROCESS_INFORMATION processInfo; startupInfo.cb = sizeof(startupInfo); - memset(&startupInfo,0,sizeof(STARTUPINFOA)); - memset(&processInfo,0,sizeof(PROCESS_INFORMATION)); - if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall delete rule name=\"ZeroTier One\" program=\"") + myPath + "\"").c_str(),NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&startupInfo,&processInfo)) { - WaitForSingleObject(processInfo.hProcess,INFINITE); + memset(&startupInfo, 0, sizeof(STARTUPINFOA)); + memset(&processInfo, 0, sizeof(PROCESS_INFORMATION)); + if (CreateProcessA( + NULL, + (LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall delete rule name=\"ZeroTier One\" program=\"") + myPath + "\"").c_str(), + NULL, + NULL, + FALSE, + CREATE_NO_WINDOW, + NULL, + NULL, + &startupInfo, + &processInfo)) { + WaitForSingleObject(processInfo.hProcess, INFINITE); CloseHandle(processInfo.hProcess); CloseHandle(processInfo.hThread); } startupInfo.cb = sizeof(startupInfo); - memset(&startupInfo,0,sizeof(STARTUPINFOA)); - memset(&processInfo,0,sizeof(PROCESS_INFORMATION)); - if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=in action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&startupInfo,&processInfo)) { - WaitForSingleObject(processInfo.hProcess,INFINITE); + memset(&startupInfo, 0, sizeof(STARTUPINFOA)); + memset(&processInfo, 0, sizeof(PROCESS_INFORMATION)); + if (CreateProcessA( + NULL, + (LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=in action=allow program=\"") + myPath + "\" enable=yes").c_str(), + NULL, + NULL, + FALSE, + CREATE_NO_WINDOW, + NULL, + NULL, + &startupInfo, + &processInfo)) { + WaitForSingleObject(processInfo.hProcess, INFINITE); CloseHandle(processInfo.hProcess); CloseHandle(processInfo.hThread); } startupInfo.cb = sizeof(startupInfo); - memset(&startupInfo,0,sizeof(STARTUPINFOA)); - memset(&processInfo,0,sizeof(PROCESS_INFORMATION)); - if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=out action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&startupInfo,&processInfo)) { - WaitForSingleObject(processInfo.hProcess,INFINITE); + memset(&startupInfo, 0, sizeof(STARTUPINFOA)); + memset(&processInfo, 0, sizeof(PROCESS_INFORMATION)); + if (CreateProcessA( + NULL, + (LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=out action=allow program=\"") + myPath + "\" enable=yes").c_str(), + NULL, + NULL, + FALSE, + CREATE_NO_WINDOW, + NULL, + NULL, + &startupInfo, + &processInfo)) { + WaitForSingleObject(processInfo.hProcess, INFINITE); CloseHandle(processInfo.hProcess); CloseHandle(processInfo.hThread); } @@ -1917,236 +1925,234 @@ static void _winPokeAHole() // Returns true if this is running as the local administrator static BOOL IsCurrentUserLocalAdministrator(void) { - BOOL fReturn = FALSE; - DWORD dwStatus; - DWORD dwAccessMask; - DWORD dwAccessDesired; - DWORD dwACLSize; - DWORD dwStructureSize = sizeof(PRIVILEGE_SET); - PACL pACL = NULL; - PSID psidAdmin = NULL; + BOOL fReturn = FALSE; + DWORD dwStatus; + DWORD dwAccessMask; + DWORD dwAccessDesired; + DWORD dwACLSize; + DWORD dwStructureSize = sizeof(PRIVILEGE_SET); + PACL pACL = NULL; + PSID psidAdmin = NULL; - HANDLE hToken = NULL; + HANDLE hToken = NULL; HANDLE hImpersonationToken = NULL; - PRIVILEGE_SET ps; + PRIVILEGE_SET ps; GENERIC_MAPPING GenericMapping; - PSECURITY_DESCRIPTOR psdAdmin = NULL; + PSECURITY_DESCRIPTOR psdAdmin = NULL; SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY; - const DWORD ACCESS_READ = 1; + const DWORD ACCESS_READ = 1; const DWORD ACCESS_WRITE = 2; - __try - { - if (!OpenThreadToken(GetCurrentThread(), TOKEN_DUPLICATE|TOKEN_QUERY,TRUE,&hToken)) - { + __try { + if (! OpenThreadToken(GetCurrentThread(), TOKEN_DUPLICATE | TOKEN_QUERY, TRUE, &hToken)) { if (GetLastError() != ERROR_NO_TOKEN) __leave; - if (!OpenProcessToken(GetCurrentProcess(),TOKEN_DUPLICATE|TOKEN_QUERY, &hToken)) + if (! OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE | TOKEN_QUERY, &hToken)) __leave; } - if (!DuplicateToken (hToken, SecurityImpersonation,&hImpersonationToken)) + if (! DuplicateToken(hToken, SecurityImpersonation, &hImpersonationToken)) __leave; - if (!AllocateAndInitializeSid(&SystemSidAuthority, 2, - SECURITY_BUILTIN_DOMAIN_RID, - DOMAIN_ALIAS_RID_ADMINS, - 0, 0, 0, 0, 0, 0, &psidAdmin)) + if (! AllocateAndInitializeSid(&SystemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &psidAdmin)) __leave; psdAdmin = LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); if (psdAdmin == NULL) __leave; - if (!InitializeSecurityDescriptor(psdAdmin,SECURITY_DESCRIPTOR_REVISION)) + if (! InitializeSecurityDescriptor(psdAdmin, SECURITY_DESCRIPTOR_REVISION)) __leave; dwACLSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(psidAdmin) - sizeof(DWORD); pACL = (PACL)LocalAlloc(LPTR, dwACLSize); if (pACL == NULL) __leave; - if (!InitializeAcl(pACL, dwACLSize, ACL_REVISION2)) + if (! InitializeAcl(pACL, dwACLSize, ACL_REVISION2)) __leave; - dwAccessMask= ACCESS_READ | ACCESS_WRITE; - if (!AddAccessAllowedAce(pACL, ACL_REVISION2, dwAccessMask, psidAdmin)) + dwAccessMask = ACCESS_READ | ACCESS_WRITE; + if (! AddAccessAllowedAce(pACL, ACL_REVISION2, dwAccessMask, psidAdmin)) __leave; - if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, pACL, FALSE)) + if (! SetSecurityDescriptorDacl(psdAdmin, TRUE, pACL, FALSE)) __leave; SetSecurityDescriptorGroup(psdAdmin, psidAdmin, FALSE); SetSecurityDescriptorOwner(psdAdmin, psidAdmin, FALSE); - if (!IsValidSecurityDescriptor(psdAdmin)) + if (! IsValidSecurityDescriptor(psdAdmin)) __leave; dwAccessDesired = ACCESS_READ; - GenericMapping.GenericRead = ACCESS_READ; - GenericMapping.GenericWrite = ACCESS_WRITE; + GenericMapping.GenericRead = ACCESS_READ; + GenericMapping.GenericWrite = ACCESS_WRITE; GenericMapping.GenericExecute = 0; - GenericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE; + GenericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE; - if (!AccessCheck(psdAdmin, hImpersonationToken, dwAccessDesired, - &GenericMapping, &ps, &dwStructureSize, &dwStatus, - &fReturn)) - { + if (! AccessCheck(psdAdmin, hImpersonationToken, dwAccessDesired, &GenericMapping, &ps, &dwStructureSize, &dwStatus, &fReturn)) { fReturn = FALSE; __leave; } } - __finally - { + __finally { // Clean up. - if (pACL) LocalFree(pACL); - if (psdAdmin) LocalFree(psdAdmin); - if (psidAdmin) FreeSid(psidAdmin); - if (hImpersonationToken) CloseHandle (hImpersonationToken); - if (hToken) CloseHandle (hToken); + if (pACL) + LocalFree(pACL); + if (psdAdmin) + LocalFree(psdAdmin); + if (psidAdmin) + FreeSid(psidAdmin); + if (hImpersonationToken) + CloseHandle(hImpersonationToken); + if (hToken) + CloseHandle(hToken); } return fReturn; } -#endif // __WINDOWS__ +#endif // __WINDOWS__ /****************************************************************************/ /* main() and friends */ /****************************************************************************/ -static void printHelp(const char *cn,FILE *out) +static void printHelp(const char* cn, FILE* out) { - fprintf(out, - "%s version %d.%d.%d" ZT_EOL_S, - PROGRAM_NAME, - ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION); - fprintf(out, - COPYRIGHT_NOTICE ZT_EOL_S - LICENSE_GRANT ZT_EOL_S); - fprintf(out,"Usage: %s [-switches] [home directory]" ZT_EOL_S"" ZT_EOL_S,cn); - fprintf(out,"Available switches:" ZT_EOL_S); - fprintf(out," -h - Display this help" ZT_EOL_S); - fprintf(out," -v - Show version" ZT_EOL_S); - fprintf(out," -U - Skip privilege check and do not attempt to drop privileges" ZT_EOL_S); - fprintf(out," -p - Port for UDP and TCP/HTTP (default: 9993, 0 for random)" ZT_EOL_S); + fprintf(out, "%s version %d.%d.%d" ZT_EOL_S, PROGRAM_NAME, ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION); + fprintf(out, COPYRIGHT_NOTICE ZT_EOL_S LICENSE_GRANT ZT_EOL_S); + fprintf(out, "Usage: %s [-switches] [home directory]" ZT_EOL_S "" ZT_EOL_S, cn); + fprintf(out, "Available switches:" ZT_EOL_S); + fprintf(out, " -h - Display this help" ZT_EOL_S); + fprintf(out, " -v - Show version" ZT_EOL_S); + fprintf(out, " -U - Skip privilege check and do not attempt to drop privileges" ZT_EOL_S); + fprintf(out, " -p - Port for UDP and TCP/HTTP (default: 9993, 0 for random)" ZT_EOL_S); #ifdef __UNIX_LIKE__ - fprintf(out," -d - Fork and run as daemon (Unix-ish OSes)" ZT_EOL_S); -#endif // __UNIX_LIKE__ + fprintf(out, " -d - Fork and run as daemon (Unix-ish OSes)" ZT_EOL_S); +#endif // __UNIX_LIKE__ #ifdef __WINDOWS__ - fprintf(out," -C - Run from command line instead of as service (Windows)" ZT_EOL_S); - fprintf(out," -I - Install Windows service (Windows)" ZT_EOL_S); - fprintf(out," -R - Uninstall Windows service (Windows)" ZT_EOL_S); - fprintf(out," -D - Remove all instances of Windows tap device (Windows)" ZT_EOL_S); -#endif // __WINDOWS__ + fprintf(out, " -C - Run from command line instead of as service (Windows)" ZT_EOL_S); + fprintf(out, " -I - Install Windows service (Windows)" ZT_EOL_S); + fprintf(out, " -R - Uninstall Windows service (Windows)" ZT_EOL_S); + fprintf(out, " -D - Remove all instances of Windows tap device (Windows)" ZT_EOL_S); +#endif // __WINDOWS__ - fprintf(out," -i - Generate and manage identities (zerotier-idtool)" ZT_EOL_S); - fprintf(out," -q - Query API (zerotier-cli)" ZT_EOL_S); + fprintf(out, " -i - Generate and manage identities (zerotier-idtool)" ZT_EOL_S); + fprintf(out, " -q - Query API (zerotier-cli)" ZT_EOL_S); } -class _OneServiceRunner -{ -public: - _OneServiceRunner(const char *pn,const std::string &hd,unsigned int p) : progname(pn),returnValue(0),port(p),homeDir(hd) {} - void threadMain() - throw() +class _OneServiceRunner { + public: + _OneServiceRunner(const char* pn, const std::string& hd, unsigned int p) : progname(pn), returnValue(0), port(p), homeDir(hd) + { + } + void threadMain() throw() { try { - for(;;) { - zt1Service = OneService::newInstance(homeDir.c_str(),port); - switch(zt1Service->run()) { - case OneService::ONE_STILL_RUNNING: // shouldn't happen, run() won't return until done + for (;;) { + zt1Service = OneService::newInstance(homeDir.c_str(), port); + switch (zt1Service->run()) { + case OneService::ONE_STILL_RUNNING: // shouldn't happen, run() won't return until done case OneService::ONE_NORMAL_TERMINATION: break; case OneService::ONE_UNRECOVERABLE_ERROR: - fprintf(stderr,"%s: fatal error: %s" ZT_EOL_S,progname,zt1Service->fatalErrorMessage().c_str()); + fprintf(stderr, "%s: fatal error: %s" ZT_EOL_S, progname, zt1Service->fatalErrorMessage().c_str()); returnValue = 1; break; case OneService::ONE_IDENTITY_COLLISION: { delete zt1Service; - zt1Service = (OneService *)0; + zt1Service = (OneService*)0; std::string oldid; - OSUtils::readFile((homeDir + ZT_PATH_SEPARATOR_S + "identity.secret").c_str(),oldid); + OSUtils::readFile((homeDir + ZT_PATH_SEPARATOR_S + "identity.secret").c_str(), oldid); if (oldid.length()) { - OSUtils::writeFile((homeDir + ZT_PATH_SEPARATOR_S + "identity.secret.saved_after_collision").c_str(),oldid); + OSUtils::writeFile((homeDir + ZT_PATH_SEPARATOR_S + "identity.secret.saved_after_collision").c_str(), oldid); OSUtils::rm((homeDir + ZT_PATH_SEPARATOR_S + "identity.secret").c_str()); OSUtils::rm((homeDir + ZT_PATH_SEPARATOR_S + "identity.public").c_str()); } - } continue; // restart! + } + continue; // restart! } - break; // terminate loop -- normally we don't keep restarting + break; // terminate loop -- normally we don't keep restarting } delete zt1Service; - zt1Service = (OneService *)0; - } catch ( ... ) { - fprintf(stderr,"%s: unexpected exception starting main OneService instance" ZT_EOL_S,progname); + zt1Service = (OneService*)0; + } + catch (...) { + fprintf(stderr, "%s: unexpected exception starting main OneService instance" ZT_EOL_S, progname); returnValue = 1; } } - const char *progname; + const char* progname; unsigned int returnValue; unsigned int port; - const std::string &homeDir; + const std::string& homeDir; }; #ifdef __WINDOWS__ int __cdecl _tmain(int argc, _TCHAR* argv[]) #else -int main(int argc,char **argv) +int main(int argc, char** argv) #endif { -#if defined(__LINUX__) && ( (!defined(__GLIBC__)) || ((__GLIBC__ >= 2) && (__GLIBC_MINOR__ >= 18)) ) +#if defined(__LINUX__) && ((! defined(__GLIBC__)) || ((__GLIBC__ >= 2) && (__GLIBC_MINOR__ >= 18))) // This corrects for systems with abnormally small defaults (musl) and also // shrinks the stack on systems with large defaults to save a bit of memory. pthread_attr_t tattr; pthread_attr_init(&tattr); - pthread_attr_setstacksize(&tattr,1048576); + pthread_attr_setstacksize(&tattr, 1048576); pthread_setattr_default_np(&tattr); pthread_attr_destroy(&tattr); #endif #ifdef __UNIX_LIKE__ - signal(SIGHUP,&_sighandlerHup); - signal(SIGPIPE,SIG_IGN); - signal(SIGIO,SIG_IGN); - signal(SIGUSR1,SIG_IGN); - signal(SIGUSR2,SIG_IGN); - signal(SIGALRM,&_sighandlerReallyQuit); - signal(SIGINT,&_sighandlerQuit); - signal(SIGTERM,&_sighandlerQuit); - signal(SIGQUIT,&_sighandlerQuit); - signal(SIGINT,&_sighandlerQuit); + signal(SIGHUP, &_sighandlerHup); + signal(SIGPIPE, SIG_IGN); + signal(SIGIO, SIG_IGN); + signal(SIGUSR1, SIG_IGN); + signal(SIGUSR2, SIG_IGN); + signal(SIGALRM, &_sighandlerReallyQuit); + signal(SIGINT, &_sighandlerQuit); + signal(SIGTERM, &_sighandlerQuit); + signal(SIGQUIT, &_sighandlerQuit); + signal(SIGINT, &_sighandlerQuit); #ifdef ZT_EXTOSDEP int extosdepFd1 = -1; int extosdepFd2 = -1; - for(int i=1;i mfd) mfd = STDOUT_FILENO; - if (STDERR_FILENO > mfd) mfd = STDERR_FILENO; - for(int f=mfd+1;f<1024;++f) { + if (STDOUT_FILENO > mfd) + mfd = STDOUT_FILENO; + if (STDERR_FILENO > mfd) + mfd = STDERR_FILENO; + for (int f = mfd + 1; f < 1024; ++f) { #ifdef ZT_EXTOSDEP - if (f == extosdepFd1 || f == extosdepFd2) continue; -#endif // ZT_EXTOSDEP + if (f == extosdepFd1 || f == extosdepFd2) + continue; +#endif // ZT_EXTOSDEP ::close(f); } } bool runAsDaemon = false; -#endif // __UNIX_LIKE__ +#endif // __UNIX_LIKE__ #ifdef __WINDOWS__ { WSADATA wsaData; - WSAStartup(MAKEWORD(2,2),&wsaData); + WSAStartup(MAKEWORD(2, 2), &wsaData); } #ifdef ZT_WIN_RUN_IN_CONSOLE @@ -2154,130 +2160,137 @@ int main(int argc,char **argv) #else bool winRunFromCommandLine = false; #endif -#endif // __WINDOWS__ +#endif // __WINDOWS__ - if ((strstr(argv[0],"zerotier-idtool"))||(strstr(argv[0],"ZEROTIER-IDTOOL"))) - return idtool(argc,argv); - if ((strstr(argv[0],"zerotier-cli"))||(strstr(argv[0],"ZEROTIER-CLI"))) - return cli(argc,argv); + if ((strstr(argv[0], "zerotier-idtool")) || (strstr(argv[0], "ZEROTIER-IDTOOL"))) + return idtool(argc, argv); + if ((strstr(argv[0], "zerotier-cli")) || (strstr(argv[0], "ZEROTIER-CLI"))) + return cli(argc, argv); std::string homeDir; unsigned int port = ZT_DEFAULT_PORT; bool skipRootCheck = false; - for(int i=1;i 0xffff) { - printHelp(argv[0],stdout); + printHelp(argv[0], stdout); return 1; } break; #ifdef __UNIX_LIKE__ - case 'd': // Run in background as daemon + case 'd': // Run in background as daemon runAsDaemon = true; break; -#endif // __UNIX_LIKE__ +#endif // __UNIX_LIKE__ case 'U': skipRootCheck = true; break; - case 'v': // Display version - printf("%d.%d.%d" ZT_EOL_S,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION); + case 'v': // Display version + printf("%d.%d.%d" ZT_EOL_S, ZEROTIER_ONE_VERSION_MAJOR, ZEROTIER_ONE_VERSION_MINOR, ZEROTIER_ONE_VERSION_REVISION); return 0; - case 'i': // Invoke idtool personality + case 'i': // Invoke idtool personality if (argv[i][2]) { - printHelp(argv[0],stdout); + printHelp(argv[0], stdout); return 0; - } else return idtool(argc-1,argv+1); + } + else + return idtool(argc - 1, argv + 1); - case 'q': // Invoke cli personality + case 'q': // Invoke cli personality if (argv[i][2]) { - printHelp(argv[0],stdout); + printHelp(argv[0], stdout); return 0; - } else return cli(argc,argv); + } + else + return cli(argc, argv); #ifdef __WINDOWS__ - case 'C': // Run from command line instead of as Windows service + case 'C': // Run from command line instead of as Windows service winRunFromCommandLine = true; break; - case 'I': { // Install this binary as a Windows service - if (IsCurrentUserLocalAdministrator() != TRUE) { - fprintf(stderr,"%s: must be run as a local administrator." ZT_EOL_S,argv[0]); - return 1; - } - std::string ret(InstallService(ZT_SERVICE_NAME,ZT_SERVICE_DISPLAY_NAME,ZT_SERVICE_START_TYPE,ZT_SERVICE_DEPENDENCIES,ZT_SERVICE_ACCOUNT,ZT_SERVICE_PASSWORD)); - if (ret.length()) { - fprintf(stderr,"%s: unable to install service: %s" ZT_EOL_S,argv[0],ret.c_str()); - return 3; - } - return 0; - } break; + case 'I': { // Install this binary as a Windows service + if (IsCurrentUserLocalAdministrator() != TRUE) { + fprintf(stderr, "%s: must be run as a local administrator." ZT_EOL_S, argv[0]); + return 1; + } + std::string ret(InstallService(ZT_SERVICE_NAME, ZT_SERVICE_DISPLAY_NAME, ZT_SERVICE_START_TYPE, ZT_SERVICE_DEPENDENCIES, ZT_SERVICE_ACCOUNT, ZT_SERVICE_PASSWORD)); + if (ret.length()) { + fprintf(stderr, "%s: unable to install service: %s" ZT_EOL_S, argv[0], ret.c_str()); + return 3; + } + return 0; + } break; - case 'R': { // Uninstall this binary as Windows service - if (IsCurrentUserLocalAdministrator() != TRUE) { - fprintf(stderr,"%s: must be run as a local administrator." ZT_EOL_S,argv[0]); - return 1; - } - std::string ret(UninstallService(ZT_SERVICE_NAME)); - if (ret.length()) { - fprintf(stderr,"%s: unable to uninstall service: %s" ZT_EOL_S,argv[0],ret.c_str()); - return 3; - } - return 0; - } break; + case 'R': { // Uninstall this binary as Windows service + if (IsCurrentUserLocalAdministrator() != TRUE) { + fprintf(stderr, "%s: must be run as a local administrator." ZT_EOL_S, argv[0]); + return 1; + } + std::string ret(UninstallService(ZT_SERVICE_NAME)); + if (ret.length()) { + fprintf(stderr, "%s: unable to uninstall service: %s" ZT_EOL_S, argv[0], ret.c_str()); + return 3; + } + return 0; + } break; case 'D': { - std::string err = WindowsEthernetTap::destroyAllPersistentTapDevices(); - if (err.length() > 0) { - fprintf(stderr,"%s: unable to uninstall one or more persistent tap devices: %s" ZT_EOL_S,argv[0],err.c_str()); - return 3; - } - return 0; - } break; -#endif // __WINDOWS__ + std::string err = WindowsEthernetTap::destroyAllPersistentTapDevices(); + if (err.length() > 0) { + fprintf(stderr, "%s: unable to uninstall one or more persistent tap devices: %s" ZT_EOL_S, argv[0], err.c_str()); + return 3; + } + return 0; + } break; +#endif // __WINDOWS__ #ifdef ZT_EXTOSDEP - case 'x': break; + case 'x': + break; #endif case 'h': case '?': default: - printHelp(argv[0],stdout); + printHelp(argv[0], stdout); return 0; } - } else { + } + else { if (homeDir.length()) { - printHelp(argv[0],stdout); + printHelp(argv[0], stdout); return 0; - } else { + } + else { homeDir = argv[i]; } } } - if (!homeDir.length()) + if (! homeDir.length()) homeDir = OneService::platformDefaultHomePath(); - if (!homeDir.length()) { - fprintf(stderr,"%s: no home path specified and no platform default available" ZT_EOL_S,argv[0]); + if (! homeDir.length()) { + fprintf(stderr, "%s: no home path specified and no platform default available" ZT_EOL_S, argv[0]); return 1; - } else { - std::vector hpsp(OSUtils::split(homeDir.c_str(),ZT_PATH_SEPARATOR_S,"","")); + } + else { + std::vector hpsp(OSUtils::split(homeDir.c_str(), ZT_PATH_SEPARATOR_S, "", "")); std::string ptmp; if (homeDir[0] == ZT_PATH_SEPARATOR) ptmp.push_back(ZT_PATH_SEPARATOR); - for(std::vector::iterator pi(hpsp.begin());pi!=hpsp.end();++pi) { + for (std::vector::iterator pi(hpsp.begin()); pi != hpsp.end(); ++pi) { if (ptmp.length() > 0) ptmp.push_back(ZT_PATH_SEPARATOR); ptmp.append(*pi); - if ((*pi != ".")&&(*pi != "..")) { - if (!OSUtils::mkdir(ptmp)) + if ((*pi != ".") && (*pi != "..")) { + if (! OSUtils::mkdir(ptmp)) throw std::runtime_error("home path does not exist, and could not create. Please verify local system permissions."); } } @@ -2305,28 +2318,29 @@ int main(int argc,char **argv) } // This can be removed once the new controller code has been around for many versions - if (OSUtils::fileExists((homeDir + ZT_PATH_SEPARATOR_S + "controller.db").c_str(),true)) { - fprintf(stderr,"%s: FATAL: an old controller.db exists in %s -- see instructions in controller/README.md for how to migrate!" ZT_EOL_S,argv[0],homeDir.c_str()); + if (OSUtils::fileExists((homeDir + ZT_PATH_SEPARATOR_S + "controller.db").c_str(), true)) { + fprintf(stderr, "%s: FATAL: an old controller.db exists in %s -- see instructions in controller/README.md for how to migrate!" ZT_EOL_S, argv[0], homeDir.c_str()); return 1; } #ifdef __UNIX_LIKE__ #ifndef ZT_ONE_NO_ROOT_CHECK - if ((!skipRootCheck)&&(getuid() != 0)) { - fprintf(stderr,"%s: must be run as root (uid 0)" ZT_EOL_S,argv[0]); + if ((! skipRootCheck) && (getuid() != 0)) { + fprintf(stderr, "%s: must be run as root (uid 0)" ZT_EOL_S, argv[0]); return 1; } -#endif // !ZT_ONE_NO_ROOT_CHECK +#endif // !ZT_ONE_NO_ROOT_CHECK if (runAsDaemon) { long p = (long)fork(); if (p < 0) { - fprintf(stderr,"%s: could not fork" ZT_EOL_S,argv[0]); + fprintf(stderr, "%s: could not fork" ZT_EOL_S, argv[0]); return 1; - } else if (p > 0) - return 0; // forked - // else p == 0, so we are daemonized + } + else if (p > 0) + return 0; // forked + // else p == 0, so we are daemonized } -#endif // __UNIX_LIKE__ +#endif // __UNIX_LIKE__ #ifdef __WINDOWS__ // Uninstall legacy tap devices. New devices will automatically be installed and configured @@ -2336,44 +2350,47 @@ int main(int argc,char **argv) if (winRunFromCommandLine) { // Running in "interactive" mode (mostly for debugging) if (IsCurrentUserLocalAdministrator() != TRUE) { - if (!skipRootCheck) { - fprintf(stderr,"%s: must be run as a local administrator." ZT_EOL_S,argv[0]); + if (! skipRootCheck) { + fprintf(stderr, "%s: must be run as a local administrator." ZT_EOL_S, argv[0]); return 1; } - } else { + } + else { _winPokeAHole(); } - SetConsoleCtrlHandler(&_winConsoleCtrlHandler,TRUE); + SetConsoleCtrlHandler(&_winConsoleCtrlHandler, TRUE); // continues on to ordinary command line execution code below... - } else { + } + else { // Running from service manager _winPokeAHole(); ZeroTierOneService zt1WindowsService; if (CServiceBase::Run(zt1WindowsService) == TRUE) { return 0; - } else { - fprintf(stderr,"%s: unable to start service (try -h for help)" ZT_EOL_S,argv[0]); + } + else { + fprintf(stderr, "%s: unable to start service (try -h for help)" ZT_EOL_S, argv[0]); return 1; } } -#endif // __WINDOWS__ +#endif // __WINDOWS__ #ifdef __UNIX_LIKE__ #ifdef ZT_HAVE_DROP_PRIVILEGES - if (!skipRootCheck) - dropPrivileges(argv[0],homeDir); + if (! skipRootCheck) + dropPrivileges(argv[0], homeDir); #endif std::string pidPath(homeDir + ZT_PATH_SEPARATOR_S + ZT_PID_PATH); { // Write .pid file to home folder - FILE *pf = fopen(pidPath.c_str(),"w"); + FILE* pf = fopen(pidPath.c_str(), "w"); if (pf) { - fprintf(pf,"%ld",(long)getpid()); + fprintf(pf, "%ld", (long)getpid()); fclose(pf); } } -#endif // __UNIX_LIKE__ +#endif // __UNIX_LIKE__ #ifdef ZT_EXTOSDEP if (extosdepFd1 < 0) { @@ -2384,9 +2401,9 @@ int main(int argc,char **argv) ExtOsdep::init(extosdepFd1, extosdepFd2); #endif - _OneServiceRunner thr(argv[0],homeDir,port); + _OneServiceRunner thr(argv[0], homeDir, port); thr.threadMain(); - //Thread::join(Thread::start(&thr)); + // Thread::join(Thread::start(&thr)); #ifdef __UNIX_LIKE__ OSUtils::rm(pidPath.c_str());