Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
Apq
/
ZeroTierOne
peilaus alkaen https://github.com/zerotier/ZeroTierOne.git
1
0
Haarauta 0
Tiedostot Esitykset 0 Wiki
Selaa lähdekoodia

progress

Grant Limberg 3 vuotta sitten
vanhempi
9ef75c0e13
sitoutus
6393a4beec
3 muutettua tiedostoa jossa 87 lisäystä ja 16 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 54 12
      service/OneService.cpp
  2. 30 4
      zeroidc/src/ext.rs
  3. 3 0
      zeroidc/src/lib.rs

+ 54 - 12
service/OneService.cpp
Näytä tiedosto 

@@ -247,19 +247,28 @@ public:
 
 	}
 
 
 	void setConfig(const ZT_VirtualNetworkConfig *nwc) {
 
+		char nwbuf[17] = {};
 
+		const char* nwid = Utils::hex(nwc->nwid, nwbuf);
 
+		fprintf(stderr, "NetworkState::setConfig(%s)\n", nwid);
 
 		memcpy(&_config, nwc, sizeof(ZT_VirtualNetworkConfig));
 
 
 		if (_config.ssoEnabled && _config.ssoVersion == 1) {
 
-			if (_idc == nullptr) {
 
-				assert(_config.issuerURL[0] != nullptr);
 
+			fprintf(stderr, "ssoEnabled for %s\n", nwid);
 
+			if (_idc == nullptr)
 
+			{
 
+				assert(_config.issuerURL != nullptr);
 
 				assert(_config.ssoClientID != nullptr);
 
 				assert(_config.centralAuthURL != nullptr);
 
+				char buf[17] = {};
 
 				_idc = zeroidc::zeroidc_new(
 
+					Utils::hex(_config.nwid, buf),
 
 					_config.issuerURL,
 
 					_config.ssoClientID,
 
 					_config.centralAuthURL,
 
 					_webPort
 
 				);
 
+
 
+				fprintf(stderr, "idc created (%s, %s, %s)\n", _config.issuerURL, _config.ssoClientID, _config.centralAuthURL);
 
 			}
 
 
 			if (_ainfo != nullptr) {
 
@@ -291,6 +300,14 @@ public:
 
 		return _managedRoutes;
 
 	}
 
 
+	const char* getAuthURL() {
 
+		if (_ainfo != nullptr) {
 
+			return zeroidc::zeroidc_get_auth_url(_ainfo);
 
+		}
 
+		fprintf(stderr, "_ainfo is null\n");
 
+		return "";
 
+	}
 
+
 
 private:
 
 	unsigned int _webPort;
 
 	std::shared_ptr<EthernetTap> _tap;
 
@@ -410,10 +427,11 @@ static void _networkToJson(nlohmann::json &nj,NetworkState &ns)
 
 		}
 
 	}
 
 	nj["dns"] = m;
 
-
 
-	nj["authenticationURL"] = ns.config().authenticationURL;
 
-	nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
 
-	nj["ssoEnabled"] = ns.config().ssoEnabled;
 
+	if (ns.config().ssoEnabled) {
 
+		nj["authenticationURL"] = ns.getAuthURL();
 
+		nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
 
+		nj["ssoEnabled"] = ns.config().ssoEnabled;
 
+	}
 
 }
 
 
 static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer)
 
@@ -1519,10 +1537,12 @@ public:
 
 							// Return [array] of all networks
 
 
 							res = nlohmann::json::array();
 
+							
 							for (auto it = _nets.begin(); it != _nets.end(); ++it) {
 
 								NetworkState &ns = it->second;
 
 								nlohmann::json nj;
 
-								_networkToJson(res, ns);
 
+								_networkToJson(nj, ns);
 
+								res.push_back(nj);
 
 							}
 
 
 							scode = 200;
 
@@ -1536,8 +1556,14 @@ public:
 
 								_networkToJson(res, ns);
 
 								scode = 200;
 
 							}
 
-						} else scode = 404;
 
-					} else scode = 500;
 
+						} else {
 
+							fprintf(stderr, "not found\n");
 
+							scode = 404;
 
+						}
 
+					} else {
 
+						fprintf(stderr, "_nets is empty??\n");
 
+						scode = 500;
 
+					}
 
 				} else if (ps[0] == "peer") {
 
 					ZT_PeerList *pl = _node->peers();
 
 					if (pl) {
 
@@ -1602,7 +1628,15 @@ public:
 
 					} else scode = 404;
 
 				}
 
 
-			} else scode = 401; // isAuth == false
 
+			} else if (ps[0] == "sso") {
 
+				// SSO redirect handling
 
+				fprintf(stderr, "sso get\n");
 
+				fprintf(stderr, "path: %s\n", path.c_str());
 
+				fprintf(stderr, "body: %s\n", body.c_str());
 
+				scode = 200;				scode = 200;
 
+			} else {
 
+				scode = 401; // isAuth == false && !sso
 
+			}
 
 		} else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) {
 
  			if (isAuth) {
 
 				if (ps[0] == "bond") {
 
@@ -1743,7 +1777,16 @@ public:
 
 					else scode = 404;
 
 				}
 
 
-			} else scode = 401; // isAuth == false
 
+			} else if (ps[0] == "sso") {
 
+				// sso post handling
 
+				fprintf(stderr, "sso post\n");
 
+				fprintf(stderr, "path: %s\n", path.c_str());
 
+				fprintf(stderr, "body: %s\n", body.c_str());
 
+				scode = 200;
 
+			}
 
+			else {
 
+				scode = 401; // isAuth == false
 
+			}
 
 		} else if (httpMethod == HTTP_DELETE) {
 
 			if (isAuth) {
 
 
@@ -1774,7 +1817,6 @@ public:
 
 						scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
 
 					else scode = 404;
 
 				}
 
-
 
 			} else scode = 401; // isAuth = false
 
 		} else {
 
 			scode = 400;

+ 30 - 4
zeroidc/src/ext.rs
Näytä tiedosto 

@@ -5,11 +5,17 @@ use crate::{AuthInfo, ZeroIDC};
 
 
 #[no_mangle]
 
 pub extern "C" fn zeroidc_new(
 
+    network_id: *const c_char,
 
     issuer: *const c_char,
 
     client_id: *const c_char,
 
     auth_endpoint: *const c_char,
 
     web_listen_port: u16,
 
 ) -> *mut ZeroIDC {
 
+    if network_id.is_null() {
 
+        println!("network_id is null");
 
+        return std::ptr::null_mut();
 
+
 
+    }
 
     if issuer.is_null() {
 
         println!("issuer is null");
 
         return std::ptr::null_mut();
 
@@ -25,12 +31,14 @@ pub extern "C" fn zeroidc_new(
 
         return std::ptr::null_mut();
 
     }
 
 
-    let iss = unsafe { CStr::from_ptr(issuer) };
 
-    let c_id = unsafe { CStr::from_ptr(client_id) };
 
+    let network_id = unsafe {CStr::from_ptr(network_id) };
 
+    let issuer = unsafe { CStr::from_ptr(issuer) };
 
+    let client_id = unsafe { CStr::from_ptr(client_id) };
 
     let auth_endpoint = unsafe { CStr::from_ptr(auth_endpoint) };
 
     match ZeroIDC::new(
 
-        iss.to_str().unwrap(),
 
-        c_id.to_str().unwrap(),
 
+        network_id.to_str().unwrap(),
 
+        issuer.to_str().unwrap(),
 
+        client_id.to_str().unwrap(),
 
         auth_endpoint.to_str().unwrap(),
 
         web_listen_port,
 
     ) {
 
@@ -82,6 +90,24 @@ pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
 
     idc.is_running()
 
 }
 
 
+#[no_mangle]
 
+pub extern "C" fn zeroidc_process_form_post(ptr: *mut ZeroIDC, body: *const c_char) -> bool {
 
+    let idc = unsafe {
 
+        assert!(!ptr.is_null());
 
+        &mut *ptr
 
+    };
 
+
 
+    if body.is_null() {
 
+        println!("body is null");
 
+        return false
 
+    }
 
+
 
+    let body = unsafe { CStr::from_ptr(body) }
 
+        .to_str().unwrap().to_string();
 
+
 
+    false
 
+}
 
+
 
 #[no_mangle]
 
 pub extern "C" fn zeroidc_get_auth_info(
 
     ptr: *mut ZeroIDC,

+ 3 - 0
zeroidc/src/lib.rs
Näytä tiedosto 

@@ -21,6 +21,7 @@ pub struct ZeroIDC {
 
 
 struct Inner {
 
     running: bool,
 
+    network_id: String,
 
     auth_endpoint: String,
 
     oidc_thread: Option<JoinHandle<()>>,
 
     oidc_client: Option<openidconnect::core::CoreClient>,
 
@@ -43,6 +44,7 @@ pub struct AuthInfo {
 
 
 impl ZeroIDC {
 
     fn new(
 
+        network_id: &str,
 
         issuer: &str,
 
         client_id: &str,
 
         auth_ep: &str,
 
@@ -51,6 +53,7 @@ impl ZeroIDC {
 
         let idc = ZeroIDC {
 
             inner: Arc::new(Mutex::new(Inner {
 
                 running: false,
 
+                network_id: network_id.to_string(),
 
                 auth_endpoint: auth_ep.to_string(),
 
                 oidc_thread: None,
 
                 oidc_client: None,