github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-08-20 21:33:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Netconf docs, add clock field to status, simplify netconf a bit by eliminating caching for now. We will re-add if it is needed.

Browse source
This commit is contained in:
Adam Ierymenko 2015-05-15 15:20:12 -07:00
commit e269846f84
5 changed files with 259 additions and 81 deletions
Download patch file Download diff file Expand all files Collapse all files

89
controller/SqliteNetworkController.cpp
View file

@ -64,9 +64,6 @@
// API version reported via JSON control plane
#define ZT_NETCONF_CONTROLLER_API_VERSION 1
// Maximum age in ms for a cached netconf before we regenerate anyway (one hour)
#define ZT_CACHED_NETCONF_MAX_AGE (60 * 60 * 1000)
namespace ZeroTier {
namespace {
@ -96,11 +93,6 @@ static std::string _jsonEscape(const std::string &s) { return _jsonEscape(s.c_st
struct MemberRecord {
int64_t rowid;
char nodeId[16];
int cachedNetconfBytes;
const void *cachedNetconf;
uint64_t cachedNetconfRevision;
uint64_t cachedNetconfTimestamp;
uint64_t clientReportedRevision;
bool authorized;
bool activeBridge;
};
@ -156,13 +148,12 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
if (
(sqlite3_prepare_v2(_db,"SELECT name,private,enableBroadcast,allowPassiveBridging,v4AssignMode,v6AssignMode,multicastLimit,creationTime,revision FROM Network WHERE id = ?",-1,&_sGetNetworkById,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT rowid,cachedNetconf,cachedNetconfRevision,cachedNetconfTimestamp,clientReportedRevision,authorized,activeBridge FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sGetMember,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"INSERT INTO Member (networkId,nodeId,cachedNetconfRevision,clientReportedRevision,authorized,activeBridge) VALUES (?,?,0,0,?,0)",-1,&_sCreateMember,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT rowid,authorized,activeBridge FROM Member WHERE networkId = ? AND nodeId = ?",-1,&_sGetMember,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"INSERT INTO Member (networkId,nodeId,authorized,activeBridge) VALUES (?,?,?,0)",-1,&_sCreateMember,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT identity FROM Node WHERE id = ?",-1,&_sGetNodeIdentity,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"INSERT INTO Node (id,identity,lastAt,lastSeen,firstSeen) VALUES (?,?,?,?,?)",-1,&_sCreateNode,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"UPDATE Node SET lastAt = ?,lastSeen = ? WHERE id = ?",-1,&_sUpdateNode,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"UPDATE Node SET lastSeen = ? WHERE id = ?",-1,&_sUpdateNode2,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"UPDATE Member SET clientReportedRevision = ? WHERE rowid = ?",-1,&_sUpdateMemberClientReportedRevision,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT etherType FROM Rule WHERE networkId = ? AND \"action\" = 'accept'",-1,&_sGetEtherTypesFromRuleTable,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT mgMac,mgAdi,preload,maxBalance,accrual FROM MulticastRate WHERE networkId = ?",-1,&_sGetMulticastRates,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT nodeId FROM Member WHERE networkId = ? AND activeBridge > 0 AND authorized > 0",-1,&_sGetActiveBridges,(const char **)0) != SQLITE_OK)
@ -170,10 +161,9 @@ SqliteNetworkController::SqliteNetworkController(const char *dbPath) :
||(sqlite3_prepare_v2(_db,"SELECT ipNetwork,ipNetmaskBits FROM IpAssignmentPool WHERE networkId = ? AND ipVersion = ?",-1,&_sGetIpAssignmentPools,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT 1 FROM IpAssignment WHERE networkId = ? AND ip = ? AND ipVersion = ?",-1,&_sCheckIfIpIsAllocated,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"INSERT INTO IpAssignment (networkId,nodeId,ip,ipNetmaskBits,ipVersion) VALUES (?,?,?,?,?)",-1,&_sAllocateIp,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"UPDATE Member SET cachedNetconf = ?,cachedNetconfRevision = ? WHERE rowid = ?",-1,&_sCacheNetconf,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT nodeId,phyAddress FROM Relay WHERE networkId = ? ORDER BY nodeId ASC",-1,&_sGetRelays,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT id FROM Network ORDER BY id ASC",-1,&_sListNetworks,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT m.authorized,m.activeBridge,n.id,n.lastAt,n.lastSeen,n.firstSeen FROM Member AS m,Node AS n WHERE m.networkId = ? AND n.id = m.nodeId ORDER BY n.id ASC",-1,&_sListNetworkMembers,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT n.id FROM Member AS m,Node AS n WHERE m.networkId = ? AND n.id = m.nodeId ORDER BY n.id ASC",-1,&_sListNetworkMembers,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT m.authorized,m.activeBridge,n.identity,n.lastAt,n.lastSeen,n.firstSeen FROM Member AS m,Node AS n WHERE m.networkId = ? AND m.nodeId = ?",-1,&_sGetMember2,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT ipNetwork,ipNetmaskBits,ipVersion FROM IpAssignmentPool WHERE networkId = ? ORDER BY ipNetwork ASC",-1,&_sGetIpAssignmentPools2,(const char **)0) != SQLITE_OK)
||(sqlite3_prepare_v2(_db,"SELECT ruleId,nodeId,vlanId,vlanPcp,etherType,macSource,macDest,ipSource,ipDest,ipTos,ipProtocol,ipSourcePort,ipDestPort,\"action\" FROM Rule WHERE networkId = ? ORDER BY ruleId ASC",-1,&_sListRules,(const char **)0) != SQLITE_OK)
@ -205,7 +195,6 @@ SqliteNetworkController::~SqliteNetworkController()
sqlite3_finalize(_sCreateNode);
sqlite3_finalize(_sUpdateNode);
sqlite3_finalize(_sUpdateNode2);
sqlite3_finalize(_sUpdateMemberClientReportedRevision);
sqlite3_finalize(_sGetEtherTypesFromRuleTable);
sqlite3_finalize(_sGetMulticastRates);
sqlite3_finalize(_sGetActiveBridges);
@ -213,7 +202,6 @@ SqliteNetworkController::~SqliteNetworkController()
sqlite3_finalize(_sGetIpAssignmentPools);
sqlite3_finalize(_sCheckIfIpIsAllocated);
sqlite3_finalize(_sAllocateIp);
sqlite3_finalize(_sCacheNetconf);
sqlite3_finalize(_sGetRelays);
sqlite3_finalize(_sListNetworks);
sqlite3_finalize(_sListNetworkMembers);
@ -332,21 +320,13 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
if (sqlite3_step(_sGetMember) == SQLITE_ROW) {
foundMember = true;
member.rowid = (int64_t)sqlite3_column_int64(_sGetMember,0);
member.cachedNetconfBytes = sqlite3_column_bytes(_sGetMember,1);
member.cachedNetconf = sqlite3_column_blob(_sGetMember,1);
member.cachedNetconfRevision = (uint64_t)sqlite3_column_int64(_sGetMember,2);
member.cachedNetconfTimestamp = (uint64_t)sqlite3_column_int64(_sGetMember,3);
member.clientReportedRevision = (uint64_t)sqlite3_column_int64(_sGetMember,4);
member.authorized = (sqlite3_column_int(_sGetMember,5) > 0);
member.activeBridge = (sqlite3_column_int(_sGetMember,6) > 0);
member.authorized = (sqlite3_column_int(_sGetMember,1) > 0);
member.activeBridge = (sqlite3_column_int(_sGetMember,2) > 0);
}
// Create Member record for unknown nodes, auto-authorizing if network is public
if (!foundMember) {
member.cachedNetconfBytes = 0;
member.cachedNetconfRevision = 0;
member.clientReportedRevision = 0;
member.authorized = (network.isPrivate ? false : true);
member.activeBridge = false;
sqlite3_reset(_sCreateMember);
@ -364,32 +344,15 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
if (!member.authorized)
return NetworkController::NETCONF_QUERY_ACCESS_DENIED;
// Update client's currently reported haveRevision in Member record
if (member.rowid > 0) {
sqlite3_reset(_sUpdateMemberClientReportedRevision);
sqlite3_bind_int64(_sUpdateMemberClientReportedRevision,1,(sqlite3_int64)haveRevision);
sqlite3_bind_int64(_sUpdateMemberClientReportedRevision,2,member.rowid);
sqlite3_step(_sUpdateMemberClientReportedRevision);
}
// If netconf is unchanged from client reported revision, just tell client they're up to date
if ((haveRevision > 0)&&(haveRevision == network.revision))
return NetworkController::NETCONF_QUERY_OK_BUT_NOT_NEWER;
// Generate or retrieve cached netconf
// Create and sign netconf
netconf.clear();
if ( (member.cachedNetconfBytes > 0)&&
(member.cachedNetconfRevision == network.revision)&&
((OSUtils::now() - member.cachedNetconfTimestamp) < ZT_CACHED_NETCONF_MAX_AGE) ) {
// Use cached copy
std::string tmp((const char *)member.cachedNetconf,member.cachedNetconfBytes);
netconf.fromString(tmp);
} else {
// Create and sign a new netconf, and save in database to re-use in the future
{
char tss[24],rs[24];
Utils::snprintf(tss,sizeof(tss),"%.16llx",(unsigned long long)OSUtils::now());
Utils::snprintf(rs,sizeof(rs),"%.16llx",(unsigned long long)network.revision);
@ -574,16 +537,6 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
netconf["error"] = "unable to sign netconf dictionary";
return NETCONF_QUERY_INTERNAL_SERVER_ERROR;
}
// Save serialized netconf for future re-use
std::string netconfSerialized(netconf.toString());
if (netconfSerialized.length() < 4096) { // sanity check
sqlite3_reset(_sCacheNetconf);
sqlite3_bind_blob(_sCacheNetconf,1,(const void *)netconfSerialized.data(),netconfSerialized.length(),SQLITE_STATIC);
sqlite3_bind_int64(_sCacheNetconf,2,(sqlite3_int64)network.revision);
sqlite3_bind_int64(_sCacheNetconf,3,member.rowid);
sqlite3_step(_sCacheNetconf);
}
}
return NetworkController::NETCONF_QUERY_OK;
@ -622,7 +575,8 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpGET(
if (sqlite3_step(_sGetMember2) == SQLITE_ROW) {
Utils::snprintf(json,sizeof(json),
"{\n"
"\taddress: \"%s\"\n"
"\tnwid: \"%s\",\n"
"\taddress: \"%s\",\n"
"\tauthorized: %s,\n"
"\tactiveBridge: %s,\n"
"\tlastAt: \"%s\",\n"
@ -630,6 +584,7 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpGET(
"\tfirstSeen: %llu,\n"
"\tidentity: \"%s\",\n"
"\tipAssignments: [",
nwids,
addrs,
(sqlite3_column_int(_sGetMember2,0) > 0) ? "true" : "false",
(sqlite3_column_int(_sGetMember2,1) > 0) ? "true" : "false",
@ -674,7 +629,7 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpGET(
"\tmulticastLimit: %d,\n"
"\tcreationTime: %llu,\n",
"\trevision: %llu,\n"
"\tmembers: [",
"\amembers: [",
nwids,
_jsonEscape((const char *)sqlite3_column_text(_sGetNetworkById,0)).c_str(),
(sqlite3_column_int(_sGetNetworkById,1) > 0) ? "true" : "false",
@ -691,23 +646,11 @@ unsigned int SqliteNetworkController::handleControlPlaneHttpGET(
sqlite3_bind_text(_sListNetworkMembers,1,nwids,16,SQLITE_STATIC);
bool firstMember = true;
while (sqlite3_step(_sListNetworkMembers) == SQLITE_ROW) {
Utils::snprintf(json,sizeof(json),
"%s{\n"
"\t\taddress: \"%s\",\n"
"\t\tauthorized: %s,\n"
"\t\tactiveBridge: %s,\n"
"\t\tlastAt: \"%s\",\n"
"\t\tlastSeen: %llu,\n"
"\t\tfirstSeen: %llu\n"
"\t}",
firstMember ? "\n\t" : ",",
(const char *)sqlite3_column_text(_sListNetworkMembers,2),
(sqlite3_column_int(_sListNetworkMembers,0) > 0) ? "true" : "false",
(sqlite3_column_int(_sListNetworkMembers,1) > 0) ? "true" : "false",
_jsonEscape((const char *)sqlite3_column_text(_sListNetworkMembers,3)).c_str(),
(unsigned long long)sqlite3_column_int64(_sListNetworkMembers,4),
(unsigned long long)sqlite3_column_int64(_sListNetworkMembers,5));
responseBody.append(json);
if (!firstMember)
responseBody.push_back(',');
responseBody.push_back('"');
responseBody.append((const char *)sqlite3_column_text(_sListNetworkMembers,0));
responseBody.push_back('"');
firstMember = false;
}
responseBody.append("],\n\trelays: [");

2
controller/SqliteNetworkController.hpp
View file

@ -94,7 +94,6 @@ private:
sqlite3_stmt *_sCreateNode;
sqlite3_stmt *_sUpdateNode;
sqlite3_stmt *_sUpdateNode2;
sqlite3_stmt *_sUpdateMemberClientReportedRevision;
sqlite3_stmt *_sGetEtherTypesFromRuleTable;
sqlite3_stmt *_sGetMulticastRates;
sqlite3_stmt *_sGetActiveBridges;
@ -102,7 +101,6 @@ private:
sqlite3_stmt *_sGetIpAssignmentPools;
sqlite3_stmt *_sCheckIfIpIsAllocated;
sqlite3_stmt *_sAllocateIp;
sqlite3_stmt *_sCacheNetconf;
sqlite3_stmt *_sGetRelays;
sqlite3_stmt *_sListNetworks;
sqlite3_stmt *_sListNetworkMembers;

4
controller/schema.sql
View file

@ -29,10 +29,6 @@ CREATE INDEX IpAssignmentPool_networkId ON IpAssignmentPool (networkId);
CREATE TABLE Member (
networkId char(16) NOT NULL,
nodeId char(10) NOT NULL,
cachedNetconf blob(4096),
cachedNetconfRevision integer NOT NULL DEFAULT(0),
cachedNetconfTimestamp integer NOT NULL DEFAULT(0),
clientReportedRevision integer NOT NULL DEFAULT(0),
authorized integer NOT NULL DEFAULT(0),
activeBridge integer NOT NULL DEFAULT(0)
);