| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525 | /* * ZeroTier One - Network Virtualization Everywhere * Copyright (C) 2011-2015  ZeroTier, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program.  If not, see <http://www.gnu.org/licenses/>. */#include <stdio.h>#include <stdlib.h>#include <stdint.h>#ifndef _WIN32#include <unistd.h>#include <fcntl.h>#include <sys/time.h>#include <sys/types.h>#include <sys/socket.h>#include <sys/select.h>#endif#include "JSONDB.hpp"#include "EmbeddedNetworkController.hpp"namespace ZeroTier {static const nlohmann::json _EMPTY_JSON(nlohmann::json::object());JSONDB::JSONDB(const std::string &basePath,EmbeddedNetworkController *parent) :	_parent(parent),	_basePath(basePath),	_rawInput(-1),	_rawOutput(-1),	_summaryThreadRun(true),	_dataReady(false){#ifndef __WINDOWS__	if (_basePath == "-") {		// If base path is "-" we run in Central harnessed mode. We read pseudo-http-requests from stdin and write		// them to stdout.		_rawInput = STDIN_FILENO;		_rawOutput = STDOUT_FILENO;		fcntl(_rawInput,F_SETFL,O_NONBLOCK);	} else {#endif		// Default mode of operation is to store files in the filesystem		OSUtils::mkdir(_basePath.c_str());		OSUtils::lockDownFile(_basePath.c_str(),true); // networks might contain auth tokens, etc., so restrict directory permissions#ifndef __WINDOWS__	}#endif	_networks_m.lock(); // locked until data is loaded, etc.	if (_rawInput < 0) {		_load(basePath);		_dataReady = true;		_networks_m.unlock();	} else {		// In harnessed mode we leave the lock locked and wait for our initial DB from Central.		_summaryThread = Thread::start(this);	}}JSONDB::~JSONDB(){	Thread t;	{		Mutex::Lock _l(_summaryThread_m);		_summaryThreadRun = false;		t = _summaryThread;	}	if (t)		Thread::join(t);}bool JSONDB::writeRaw(const std::string &n,const std::string &obj){	if (_rawOutput >= 0) {#ifndef __WINDOWS__		if (obj.length() > 0) {			Mutex::Lock _l(_rawLock);			//fprintf(stderr,"%s\n",obj.c_str());			if ((long)write(_rawOutput,obj.data(),obj.length()) == (long)obj.length()) {				if (write(_rawOutput,"\n",1) == 1)					return true;			}		} else return true;#endif		return false;	} else {		const std::string path(_genPath(n,true));		if (!path.length())			return false;		return OSUtils::writeFile(path.c_str(),obj);	}}bool JSONDB::hasNetwork(const uint64_t networkId) const{	Mutex::Lock _l(_networks_m);	return (_networks.find(networkId) != _networks.end());}bool JSONDB::getNetwork(const uint64_t networkId,nlohmann::json &config) const{	Mutex::Lock _l(_networks_m);	const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));	if (i == _networks.end())		return false;	config = nlohmann::json::from_msgpack(i->second.config);	return true;}bool JSONDB::getNetworkSummaryInfo(const uint64_t networkId,NetworkSummaryInfo &ns) const{	Mutex::Lock _l(_networks_m);	const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));	if (i == _networks.end())		return false;	ns = i->second.summaryInfo;	return true;}int JSONDB::getNetworkAndMember(const uint64_t networkId,const uint64_t nodeId,nlohmann::json &networkConfig,nlohmann::json &memberConfig,NetworkSummaryInfo &ns) const{	Mutex::Lock _l(_networks_m);	const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));	if (i == _networks.end())		return 0;	const std::unordered_map< uint64_t,std::vector<uint8_t> >::const_iterator j(i->second.members.find(nodeId));	if (j == i->second.members.end())		return 1;	networkConfig = nlohmann::json::from_msgpack(i->second.config);	memberConfig = nlohmann::json::from_msgpack(j->second);	ns = i->second.summaryInfo;	return 3;}bool JSONDB::getNetworkMember(const uint64_t networkId,const uint64_t nodeId,nlohmann::json &memberConfig) const{	Mutex::Lock _l(_networks_m);	const std::unordered_map<uint64_t,_NW>::const_iterator i(_networks.find(networkId));	if (i == _networks.end())		return false;	const std::unordered_map< uint64_t,std::vector<uint8_t> >::const_iterator j(i->second.members.find(nodeId));	if (j == i->second.members.end())		return false;	memberConfig = nlohmann::json::from_msgpack(j->second);	return true;}void JSONDB::saveNetwork(const uint64_t networkId,const nlohmann::json &networkConfig){	char n[64];	OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx",(unsigned long long)networkId);	writeRaw(n,OSUtils::jsonDump(networkConfig,-1));	{		Mutex::Lock _l(_networks_m);		_NW &nw = _networks[networkId];		nw.config = nlohmann::json::to_msgpack(networkConfig);	}	_recomputeSummaryInfo(networkId);}void JSONDB::saveNetworkMember(const uint64_t networkId,const uint64_t nodeId,const nlohmann::json &memberConfig){	char n[256];	OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx/member/%.10llx",(unsigned long long)networkId,(unsigned long long)nodeId);	writeRaw(n,OSUtils::jsonDump(memberConfig,-1));	{		Mutex::Lock _l(_networks_m);		std::vector<uint8_t> &m = _networks[networkId].members[nodeId];		m = nlohmann::json::to_msgpack(memberConfig);		_members[nodeId].insert(networkId);	}	_recomputeSummaryInfo(networkId);}nlohmann::json JSONDB::eraseNetwork(const uint64_t networkId){	if (_rawOutput >= 0) {		// In harnessed mode, DB deletes occur in the Central database and we do		// not need to erase files.	} else {		std::vector<uint64_t> memberIds;		{			Mutex::Lock _l(_networks_m);			const std::unordered_map<uint64_t,_NW>::iterator i(_networks.find(networkId));			if (i == _networks.end())				return _EMPTY_JSON;			for(std::unordered_map< uint64_t,std::vector<uint8_t> >::iterator m(i->second.members.begin());m!=i->second.members.end();++m)				memberIds.push_back(m->first);		}		for(std::vector<uint64_t>::iterator m(memberIds.begin());m!=memberIds.end();++m)			eraseNetworkMember(networkId,*m,false);		char n[256];		OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx",(unsigned long long)networkId);		const std::string path(_genPath(n,false));		if (path.length())			OSUtils::rm(path.c_str());	}	// This also erases all members from the memory cache	{		Mutex::Lock _l(_networks_m);		std::unordered_map<uint64_t,_NW>::iterator i(_networks.find(networkId));		if (i == _networks.end())			return _EMPTY_JSON; // sanity check, shouldn't happen		nlohmann::json tmp(nlohmann::json::from_msgpack(i->second.config));		_networks.erase(i);		return tmp;	}}nlohmann::json JSONDB::eraseNetworkMember(const uint64_t networkId,const uint64_t nodeId,bool recomputeSummaryInfo){	if (_rawOutput >= 0) {		// In harnessed mode, DB deletes occur in Central and we do not remove files.	} else {		char n[256];		OSUtils::ztsnprintf(n,sizeof(n),"network/%.16llx/member/%.10llx",(unsigned long long)networkId,(unsigned long long)nodeId);		const std::string path(_genPath(n,false));		if (path.length())			OSUtils::rm(path.c_str());	}	{		Mutex::Lock _l(_networks_m);		_members[nodeId].erase(networkId);		std::unordered_map<uint64_t,_NW>::iterator i(_networks.find(networkId));		if (i == _networks.end())			return _EMPTY_JSON;		std::unordered_map< uint64_t,std::vector<uint8_t> >::iterator j(i->second.members.find(nodeId));		if (j == i->second.members.end())			return _EMPTY_JSON;		nlohmann::json tmp(j->second);		i->second.members.erase(j);		if (recomputeSummaryInfo)			_recomputeSummaryInfo(networkId);		return tmp;	}}void JSONDB::threadMain()	throw(){#ifndef __WINDOWS__	fd_set readfds,nullfds;	char *const readbuf = (_rawInput >= 0) ? (new char[1048576]) : (char *)0;	std::string rawInputBuf;	FD_ZERO(&readfds);	FD_ZERO(&nullfds);	struct timeval tv;#endif	std::vector<uint64_t> todo;	while (_summaryThreadRun) {#ifndef __WINDOWS__		if (_rawInput < 0) {			Thread::sleep(25);		} else {			// In IPC mode we wait but also select() on STDIN to read database updates			FD_SET(_rawInput,&readfds);			tv.tv_sec = 0;			tv.tv_usec = 25000;			select(_rawInput+1,&readfds,&nullfds,&nullfds,&tv);			if (FD_ISSET(_rawInput,&readfds)) {				const long rn = (long)read(_rawInput,readbuf,1048576);				bool gotMessage = false;				for(long i=0;i<rn;++i) {					if ((readbuf[i] != '\n')&&(readbuf[i] != '\r')&&(readbuf[i] != 0)) { // compatible with nodeJS IPC						rawInputBuf.push_back(readbuf[i]);					} else if (rawInputBuf.length() > 0) {						try {							const nlohmann::json obj(OSUtils::jsonParse(rawInputBuf));							gotMessage = true;							if (!_dataReady) {								_dataReady = true;								_networks_m.unlock();							}							if (obj.is_array()) {								for(unsigned long i=0;i<obj.size();++i)									_addOrUpdate(obj[i]);							} else if (obj.is_object()) {								_addOrUpdate(obj);							}						} catch ( ... ) {} // ignore malformed JSON						rawInputBuf.clear();					}				}				if (!gotMessage) // select() again immediately until we get at least one full message					continue;			}		}#else		Thread::sleep(25);#endif		{			Mutex::Lock _l(_summaryThread_m);			if (_summaryThreadToDo.empty())				continue;			else _summaryThreadToDo.swap(todo);		}		if (!_dataReady) { // sanity check			_dataReady = true;			_networks_m.unlock();		}		const int64_t now = OSUtils::now();		try {			Mutex::Lock _l(_networks_m);			for(std::vector<uint64_t>::iterator ii(todo.begin());ii!=todo.end();++ii) {				const uint64_t networkId = *ii;				std::unordered_map<uint64_t,_NW>::iterator n(_networks.find(networkId));				if (n != _networks.end()) {					NetworkSummaryInfo &ns = n->second.summaryInfo;					ns.activeBridges.clear();					ns.allocatedIps.clear();					ns.authorizedMemberCount = 0;					ns.activeMemberCount = 0;					ns.totalMemberCount = 0;					ns.mostRecentDeauthTime = 0;					for(std::unordered_map< uint64_t,std::vector<uint8_t> >::const_iterator m(n->second.members.begin());m!=n->second.members.end();++m) {						try {							nlohmann::json member(nlohmann::json::from_msgpack(m->second));							if (OSUtils::jsonBool(member["authorized"],false)) {								++ns.authorizedMemberCount;								try {									const nlohmann::json &mlog = member["recentLog"];									if ((mlog.is_array())&&(mlog.size() > 0)) {										const nlohmann::json &mlog1 = mlog[0];										if (mlog1.is_object()) {											if ((now - OSUtils::jsonInt(mlog1["ts"],0ULL)) < (ZT_NETWORK_AUTOCONF_DELAY * 2))												++ns.activeMemberCount;										}									}								} catch ( ... ) {}								try {									if (OSUtils::jsonBool(member["activeBridge"],false))										ns.activeBridges.push_back(Address(m->first));								} catch ( ... ) {}								try {									const nlohmann::json &mips = member["ipAssignments"];									if (mips.is_array()) {										for(unsigned long i=0;i<mips.size();++i) {											InetAddress mip(OSUtils::jsonString(mips[i],"").c_str());											if ((mip.ss_family == AF_INET)||(mip.ss_family == AF_INET6))												ns.allocatedIps.push_back(mip);										}									}								} catch ( ... ) {}							} else {								try {									ns.mostRecentDeauthTime = std::max(ns.mostRecentDeauthTime,(int64_t)OSUtils::jsonInt(member["lastDeauthorizedTime"],0LL));								} catch ( ... ) {}							}							++ns.totalMemberCount;						} catch ( ... ) {}					}					std::sort(ns.activeBridges.begin(),ns.activeBridges.end());					std::sort(ns.allocatedIps.begin(),ns.allocatedIps.end());					n->second.summaryInfoLastComputed = now;				}			}		} catch ( ... ) {}		todo.clear();	}	if (!_dataReady) // sanity check		_networks_m.unlock();#ifndef __WINDOWS__	delete [] readbuf;#endif}bool JSONDB::_addOrUpdate(const nlohmann::json &j){	try {		if (j.is_object()) {			std::string id(OSUtils::jsonString(j["id"],"0"));			const std::string objtype(OSUtils::jsonString(j["objtype"],""));			if ((id.length() == 16)&&(objtype == "network")) {				const uint64_t nwid = Utils::hexStrToU64(id.c_str());				if (nwid) {					bool update;					{						Mutex::Lock _l(_networks_m);						_NW &nw = _networks[nwid];						update = !nw.config.empty();						nw.config = nlohmann::json::to_msgpack(j);					}					if (update)						_parent->onNetworkUpdate(nwid);					_recomputeSummaryInfo(nwid);					return true;				}			} else if ((id.length() == 10)&&(objtype == "member")) {				const uint64_t mid = Utils::hexStrToU64(id.c_str());				const uint64_t nwid = Utils::hexStrToU64(OSUtils::jsonString(j["nwid"],"0").c_str());				if ((mid)&&(nwid)) {					bool update = false;					bool deauth = false;					{						Mutex::Lock _l(_networks_m);						std::vector<uint8_t> &m = _networks[nwid].members[mid];						if (!m.empty()) {							update = true;							nlohmann::json oldm(nlohmann::json::from_msgpack(m));							deauth = ((OSUtils::jsonBool(oldm["authorized"],false))&&(!OSUtils::jsonBool(j["authorized"],false)));						}						m = nlohmann::json::to_msgpack(j);						_members[mid].insert(nwid);					}					if (update) {						_parent->onNetworkMemberUpdate(nwid,mid);						if (deauth)							_parent->onNetworkMemberDeauthorize(nwid,mid);					}					_recomputeSummaryInfo(nwid);					return true;				}			} else if (objtype == "_delete") { // pseudo-object-type, only used in Central harnessed mode				const std::string deleteType(OSUtils::jsonString(j["deleteType"],""));				id = OSUtils::jsonString(j["deleteId"],"");				if ((deleteType == "network")&&(id.length() == 16)) {					eraseNetwork(Utils::hexStrToU64(id.c_str()));				} else if ((deleteType == "member")&&(id.length() == 10)) {					const std::string networkId(OSUtils::jsonString(j["deleteNetworkId"],""));					const uint64_t nwid = Utils::hexStrToU64(networkId.c_str());					const uint64_t mid = Utils::hexStrToU64(id.c_str());					if (networkId.length() == 16)						eraseNetworkMember(nwid,mid,true);					_parent->onNetworkMemberDeauthorize(nwid,mid);				}			}		}	} catch ( ... ) {}	return false;}bool JSONDB::_load(const std::string &p){	// This is not used in stdin/stdout mode. Instead data is populated by	// sending it all to stdin.	std::vector<std::string> dl(OSUtils::listDirectory(p.c_str(),true));	for(std::vector<std::string>::const_iterator di(dl.begin());di!=dl.end();++di) {		if ((di->length() > 5)&&(di->substr(di->length() - 5) == ".json")) {			std::string buf;			if (OSUtils::readFile((p + ZT_PATH_SEPARATOR_S + *di).c_str(),buf)) {				try {					_addOrUpdate(OSUtils::jsonParse(buf));				} catch ( ... ) {}			}		} else {			this->_load((p + ZT_PATH_SEPARATOR_S + *di));		}	}	return true;}void JSONDB::_recomputeSummaryInfo(const uint64_t networkId){	Mutex::Lock _l(_summaryThread_m);	if (std::find(_summaryThreadToDo.begin(),_summaryThreadToDo.end(),networkId) == _summaryThreadToDo.end())		_summaryThreadToDo.push_back(networkId);	if (!_summaryThread)		_summaryThread = Thread::start(this);}std::string JSONDB::_genPath(const std::string &n,bool create){	std::vector<std::string> pt(OSUtils::split(n.c_str(),"/","",""));	if (pt.size() == 0)		return std::string();	std::string p(_basePath);	if (create) OSUtils::mkdir(p.c_str());	for(unsigned long i=0,j=(unsigned long)(pt.size()-1);i<j;++i) {		p.push_back(ZT_PATH_SEPARATOR);		p.append(pt[i]);		if (create) OSUtils::mkdir(p.c_str());	}	p.push_back(ZT_PATH_SEPARATOR);	p.append(pt[pt.size()-1]);	p.append(".json");	return p;}} // namespace ZeroTier
 |