gfwleak/zhangyang-libzt
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test and cosmetic changes

Browse Source
This commit is contained in:
Joseph Henry
2016-07-03 12:01:30 -05:00
parent 02473993c1
commit f661018050
16 changed files with 184 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
autoip.o Normal file
View File

Binary file not shown.

BIN
build/lwip/liblwip.so Executable file
View File

Binary file not shown.

114
build/osx_shared_lib/README.md Normal file
View File

@@ -0,0 +1,114 @@
OSX + ZeroTier SDK
====
Welcome!
Imagine a flat, encrypted, no-configuration LAN for all of the instances of your OSX app.
This short tutorial will show you how to enable ZeroTier functionality for your iOS app with little to no code modification. Check out our [ZeroTier SDK](https://www.zerotier.com/blog) page for more info on how the integration works and [Shim Techniques](https://www.zerotier.com/blog) for a discussion of shims available for your app/technology.
In this example we aim to set up a minimal XCode project which contains all of the components necessary to enable ZeroTier for your app. If you'd rather skip all of these steps and grab the code, look in the [sdk/OSX](https://github.com/zerotier/ZeroTierSDK/tree/dev/sdk/iOS) folder of the source tree. Otherwise, let's get started!
**Step 1: Add ZeroTier source and Netcon-iOS XCode project to yours**
- Place a copy of the ZeroTierOne source in a folder at the same level as your project
- Add `ZeroTierSDK/src/tests/iOS/Netcon-iOS.xcodeproj` to your project
**Step 2: Add ZeroTier binaries to your app**
- Add `ZeroTierSDK.frameworkiOS` to *General->Embedded Binaries*
- Add `libServiceSetup.a` and `ZeroTierSDK.framework` to *Build Phases->Link Binary With Libraries*
**Step 3: Configure your project**
- Add `$(SRCROOT)/../ZeroTierOne/src` to *Build Settings->Header Search Paths* for your project
- Add `-D__IOS__` to *Build Settings->Other C Flags*
- Add `zerotiersdk/tests/iOS/Netcon-iOS/NetconWrapper.cpp` and `zerotiersdk/tests/iOS/Netcon-iOS/NetconWrapper.hpp` to your project:
- Add contents of `ZeroTierOne/netcon/tests/iOS/Netcon-iOS/SDK-iOS-Bridging-Header.h` to your projects bridging header.
*Note: You should have been prompted to create a bridging header for your project, if you haven't make sure you do this and add the native function prototypes manually from the bridging header we provide.*
**Step 4: App Code Modifications**
After you've linked the two projects you need to find a place in your code to set up the ZeroTier service thread:
```
var service_thread : NSThread!
func ztnc_start_service() {
let path = NSSearchPathForDirectoriesInDomains(NSSearchPathDirectory.DocumentDirectory, NSSearchPathDomainMask.UserDomainMask, true)
start_service(path[0])
}
```
...and then start it. If you enabled the proxy service via `-DUSE_SOCKS_PROXY` it will start automatically and be reachable at `0.0.0.0:1337`:
```
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0), {
self.service_thread = NSThread(target:self, selector:"ztnc_start_service", object:nil)
self.service_thread.start()
});
```
**Step 5: Pick an API**
**Step 6: Join a network!**
- Simply call `zt_join_network("XXXXXXXXXXXXXXXX")`
***
## Linking into an application on Mac OSX
Example:
gcc myapp.c -o myapp libztintercept.so
export ZT_NC_NETWORK=/tmp/netcon-test-home/nc_8056c2e21c000001
Start service
./zerotier-netcon-service -d -p8000 /tmp/netcon-test-home
Run application
./myapp
## XCode Desktop App Integration
*NOTE: a sample OSX desktop application with ZeroTier integrated can be found [here](../integrations/Apple/Example_OSX_App)*
**Step 1: Build `ZeroTierSDK_OSX.framework`**
- From the main repo directory, `make osx_app_framework`. This will use the XCode commandline tools to build and copy the framework into `build`.
**Step 2: Add `ZeroTierSDK_OSX.framework` to your project**
**Step 3: Add its path to your *Build Settings -> Framework Search Paths***:
- For example: `$(PROJECT_DIR)/../../../build/OSX_app_framework/Release`
**Step 4: Pick an [API](# API) to use**
**Step 5: Join a network!**
- Simply call `zt_join_network("XXXXXXXXXXXXXXXX")`
***
## API
This integration allows for the following shim combinations:
- `Hook of BSD-like sockets`: Use BSD-like sockets as you normally would.
- `Proxy of NSStream`: Create NSStream. Configure stream for SOCKS5 Proxy. Use stream.
- `Changeling of BSD-like sockets`: Call `start_changeling()` and then use BSD-like sockets as you normally would.
- `Direct Call`: Consult [SDK-iOS-Bridging-Header.h](netcon/iOS/Netcon-iOS/Netcon-iOS-Bridging-Header.h).
If functional interposition isn't available for the API or library you've chosen to use, ZeroTier offers a SOCKS5 proxy server which can allow connectivity to your virtual network as long as your client API supports the SOCKS5 protocol. This proxy service will run alongside the tap service and can be turned on by compiling with the `-DUSE_SOCKS_PROXY` flag in *Build Settings->Other C Flags*. By default, the proxy service is available at `0.0.0.0:1337`.
#### NSStream and SOCKS Proxy
As an example, here's how one would configure a NSStream object to redirect all network activity to the ZeroTier SOCKS proxy server:
```
// BEGIN proxy configuration
let myDict:NSDictionary = [NSStreamSOCKSProxyHostKey : "0.0.0.0",
NSStreamSOCKSProxyPortKey : 1337,
NSStreamSOCKSProxyVersionKey : NSStreamSOCKSProxyVersion5]
inputStream!.setProperty(myDict, forKey: NSStreamSOCKSProxyConfigurationKey)
outputStream!.setProperty(myDict, forKey: NSStreamSOCKSProxyConfigurationKey)
// END proxy configuration
```

BIN
build/osx_shared_lib/libztintercept.so Executable file
View File

Binary file not shown.

1
make-mac.mk
View File

@@ -117,7 +117,6 @@ check:
./check.sh build/android_jni_lib/x86/libZeroTierJNI.so
./check.sh build/android_jni_lib/x86_64/libZeroTierJNI.so
# Tests
TEST_OBJDIR := build/tests
TEST_SOURCES := $(wildcard tests/*.c)

3
src/SDK.h
View File

@@ -39,6 +39,7 @@ extern "C" {
#define INTERCEPT_ENABLED 111
#define INTERCEPT_DISABLED 222
extern void load_symbols();
void zt_init_rpc(char *path, char *nwid);
extern char *api_netpath;
@@ -50,7 +51,7 @@ extern char *api_netpath;
#endif
#if !defined(__ANDROID__)
bool check_intercept_enabled_for_thread();
bool check_intercept_enabled();
extern int (*realbind)(BIND_SIG);
extern int (*realsendmsg)(SENDMSG_SIG);
extern ssize_t (*realsendto)(SENDTO_SIG);

4
src/SDK_Debug.c
View File

@@ -42,7 +42,9 @@
#include <fcntl.h>
#include <sys/syscall.h>
#define DEBUG_LEVEL 4 // Set this to adjust what you'd like to see in the debug traces
// Set during make (e.g. make SDK_DEBUG=2)
#define DEBUG_LEVEL 5
#define MSG_TRANSFER 1 // RX/TX specific statements
#define MSG_ERROR 2 // Errors
#define MSG_INFO 3 // Information which is generally useful to any user

9
src/SDK_EthernetTap.cpp
View File

@@ -226,7 +226,7 @@ std::vector<InetAddress> NetconEthernetTap::ips() const
void NetconEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
{
//dwr(MSG_DEBUG_EXTRA, "RX packet: len = %d\n", len);
dwr(MSG_DEBUG_EXTRA, "RX packet: len = %d\n", len);
struct pbuf *p,*q;
if (!_enabled)
return;
@@ -897,7 +897,7 @@ void NetconEthernetTap::nc_err(void *arg, err_t err)
l->tap->sendReturnValue(fd, -1, ECONNREFUSED);
break;
// FIXME: Below are errors which don't have a standard errno correlate
// TODO: Below are errors which don't have a standard errno correlate
case ERR_RST:
l->tap->sendReturnValue(fd, -1, -1);
@@ -944,7 +944,6 @@ void NetconEthernetTap::handleBind(PhySocket *sock, PhySocket *rpcSock, void **u
dwr(MSG_DEBUG," handleBind(sock=%p,fd=%d,port=%d)\n", (void*)&sock, bind_rpc->sockfd, port);
if(conn) {
if(conn->type == SOCK_DGRAM) {
// FIXME: Review why compliation through JNI+NDK toolchain comaplains about this
#if defined(__ANDROID__)
err = lwipstack->__udp_bind(conn->UDP_pcb, NULL, port);
#else
@@ -1167,7 +1166,7 @@ int NetconEthernetTap::handleConnectProxy(PhySocket *sock, struct sockaddr_in *r
3) Cannot allocate new TCP segment
*/
errno = EAGAIN; // FIXME: Doesn't describe the problem well, but closest match
errno = EAGAIN; // TODO: Doesn't describe the problem well, but closest match
return -1;
}
// We should only return a value if failure happens immediately
@@ -1259,7 +1258,7 @@ void NetconEthernetTap::handleConnect(PhySocket *sock, PhySocket *rpcSock, Conne
3) Cannot allocate new TCP segment
*/
sendReturnValue(rpcSock, -1, EAGAIN); // FIXME: Doesn't describe the problem well, but closest match
sendReturnValue(rpcSock, -1, EAGAIN); // TODO: Doesn't describe the problem well, but closest match
return;
}

34
src/SDK_Intercept.c
View File

@@ -91,7 +91,7 @@ char *api_netpath;
// --------------------- Get Original socket API pointers -----------------------
// ------------------------------------------------------------------------------
void load_symbols()
extern void load_symbols()
{
dwr(MSG_DEBUG_EXTRA,"load_symbols\n");
#if defined(__linux__)
@@ -121,8 +121,8 @@ char *api_netpath;
// ------------------------------------------------------------------------------
// Return whether 'intercept' shim is enabled for this thread
bool check_intercept_enabled_for_thread() {
dwr(MSG_DEBUG_EXTRA, "check_intercept_enabled_for_thread()\n");
bool check_intercept_enabled() {
dwr(MSG_DEBUG_EXTRA, "check_intercept_enabled()\n");
if(!realconnect){
load_symbols();
}
@@ -171,7 +171,7 @@ char *api_netpath;
ssize_t sendto(SENDTO_SIG)
{
dwr(MSG_DEBUG, "sendto(%d, %d)\n", sockfd, len);
//if (!check_intercept_enabled_for_thread())
//if (!check_intercept_enabled())
return realsendto(sockfd, buf, len, flags, addr, addr_len);
return zt_sendto(sockfd, buf, len, flags, addr, addr_len);
}
@@ -186,7 +186,7 @@ char *api_netpath;
ssize_t sendmsg(SENDMSG_SIG)
{
dwr(MSG_DEBUG, "sendmsg()\n");
//if(!check_intercept_enabled_for_thread())
//if(!check_intercept_enabled())
return realsendmsg(socket, message, flags);
zt_sendmsg(socket, message, flags);
}
@@ -202,7 +202,7 @@ char *api_netpath;
ssize_t recvfrom(RECVFROM_SIG)
{
dwr(MSG_DEBUG, "recvfrom(%d)\n", socket);
if(!check_intercept_enabled_for_thread())
if(!check_intercept_enabled())
return realrecvfrom(socket, buffer, length, flags, address, address_len);
return zt_recvfrom(socket, buffer, length, flags, address, address_len);
}
@@ -217,7 +217,7 @@ char *api_netpath;
ssize_t recvmsg(RECVMSG_SIG)
{
dwr(MSG_DEBUG, "recvmsg(%d)\n", socket);
//if(!check_intercept_enabled_for_thread())
//if(!check_intercept_enabled())
return realrecvmsg(socket, message, flags);
return zt_recvmsg(socket, message, flags);
}
@@ -232,7 +232,7 @@ char *api_netpath;
int setsockopt(SETSOCKOPT_SIG)
{
dwr(MSG_DEBUG, "setsockopt(%d)\n", socket);
if (!check_intercept_enabled_for_thread())
if (!check_intercept_enabled())
return realsetsockopt(socket, level, option_name, option_value, option_len);
#if defined(__linux__)
if(level == SOL_IPV6 && option_name == IPV6_V6ONLY)
@@ -256,7 +256,7 @@ char *api_netpath;
int getsockopt(GETSOCKOPT_SIG)
{
dwr(MSG_DEBUG, "getsockopt(%d)\n", sockfd);
if (!check_intercept_enabled_for_thread() || !connected_to_service(sockfd))
if (!check_intercept_enabled() || !connected_to_service(sockfd))
return realgetsockopt(sockfd, level, optname, optval, optlen);
return zt_getsockopt(sockfd, level, optname, optval, optlen);
}
@@ -269,7 +269,7 @@ char *api_netpath;
int socket(SOCKET_SIG)
{
dwr(MSG_DEBUG, "socket()\n");
if (!check_intercept_enabled_for_thread() && socket_type) {
if (!check_intercept_enabled() && socket_type) {
int err = realsocket(socket_family, socket_type, protocol);
if(err < 0) {
perror("socket:\n");
@@ -318,7 +318,7 @@ char *api_netpath;
d[3] = (ip >> 24) & 0xFF;
dwr(MSG_DEBUG,"connect(): %d.%d.%d.%d: %d\n", d[0],d[1],d[2],d[3], ntohs(port));
if(!check_intercept_enabled_for_thread())
if(!check_intercept_enabled())
return realconnect(__fd, __addr, __len);
/* Check that this is a valid fd */
@@ -395,7 +395,7 @@ char *api_netpath;
}
// Otherwise, perform usual intercept logic
if (!check_intercept_enabled_for_thread())
if (!check_intercept_enabled())
return realbind(sockfd, addr, addrlen);
// Check that this is a valid fd
@@ -432,7 +432,7 @@ char *api_netpath;
int accept(ACCEPT_SIG) {
dwr(MSG_DEBUG,"accept(%d):\n", sockfd);
if (!check_intercept_enabled_for_thread())
if (!check_intercept_enabled())
return realaccept(sockfd, addr, addrlen);
/* Check that this is a valid fd */
@@ -487,7 +487,7 @@ char *api_netpath;
int listen(LISTEN_SIG)
{
dwr(MSG_DEBUG,"listen(%d):\n", sockfd);
if (!check_intercept_enabled_for_thread())
if (!check_intercept_enabled())
return reallisten(sockfd, backlog);
int sock_type;
@@ -524,7 +524,7 @@ char *api_netpath;
int close(CLOSE_SIG) {
dwr(MSG_DEBUG, " close(%d)\n", fd);
if(!check_intercept_enabled_for_thread()) {
if(!check_intercept_enabled()) {
return realclose(fd);
}
return zt_close(fd);
@@ -539,7 +539,7 @@ char *api_netpath;
{
dwr(MSG_DEBUG,"getsockname(%d):\n", sockfd);
#if !defined(__IOS__)
if (!check_intercept_enabled_for_thread())
if (!check_intercept_enabled())
return realgetsockname(sockfd, addr, addrlen);
#endif
dwr(MSG_DEBUG,"getsockname(%d)\n", sockfd);
@@ -569,7 +569,7 @@ char *api_netpath;
f=va_arg(ap, uintptr_t);
va_end(ap);
if (!check_intercept_enabled_for_thread())
if (!check_intercept_enabled())
return realsyscall(number,a,b,c,d,e,f);
dwr(MSG_DEBUG,"syscall(%u, ...)\n", number);

6
src/SDK_Sockets.c
View File

@@ -72,9 +72,11 @@
#include "SDK_RPC.h"
#include "Constants.hpp" // For Tap's MTU
void print_addr(struct sockaddr *addr);
// Prototypes
void dwr(int level, const char *fmt, ... );
char *api_netpath = (char *)0;
void load_symbols();
int (*realclose)(CLOSE_SIG);
// ------------------------------------------------------------------------------
// ---------------------------------- zt_init_rpc -------------------------------
@@ -86,7 +88,7 @@ char *api_netpath = (char *)0;
dwr(MSG_DEBUG, "zt_init_rpc\n");
// Just double check we have
if(!realconnect) {
load_symbols();
//load_symbols();
}
if(!api_netpath) {

BIN
src/libztintercept.so Executable file
View File

Binary file not shown.

4
tests/tcp_client.c
View File

@@ -31,12 +31,14 @@ int main(int argc , char *argv[])
}
puts("Connected\n");
char *msg = "welcome to the machine!";
while(1) {
printf("Enter message : ");
scanf("%s" , message);
// TX
if(send(sock , "welcome to the machine!" ,24 , 0) < 0) {
if(send(sock, msg, sizeof(msg), 0) < 0) {
puts("Send failed");
return 1;
}

18
tests/tcp_server.c
View File

@@ -9,18 +9,18 @@
int main(int argc , char *argv[])
{
if(argc < 2) {
printf("usage: tcp_server <port>\n");
return 1;
printf("usage: tcp_server <port>\n");
exit(0);
}
int port = atoi(argv[1]);
int socket_desc , client_sock , c , read_size;
int socket_desc, client_sock, c, read_size, port = atoi(argv[1]);
struct sockaddr_in server , client;
char client_message[2000];
socket_desc = socket(AF_INET , SOCK_STREAM , 0);
if (socket_desc == -1) {
printf("Could not create socket");
exit(0);
}
server.sin_family = AF_INET;
@@ -30,7 +30,7 @@ int main(int argc , char *argv[])
printf("binding on port %d\n", port);
if( bind(socket_desc,(struct sockaddr *)&server , sizeof(server)) < 0) {
perror("bind failed. Error");
return 1;
exit(0);
}
printf("listening\n");
listen(socket_desc , 3);
@@ -38,18 +38,16 @@ int main(int argc , char *argv[])
c = sizeof(struct sockaddr_in);
client_sock = accept(socket_desc, (struct sockaddr *)&client, (socklen_t*)&c);
if (client_sock < 0)
{
if (client_sock < 0) {
perror("accept failed");
return 1;
exit(0);
}
puts("connection accepted\n reading...\n");
// RX
int bytes_read = recv(client_sock , client_message , 2000 , 0);
printf("Read (%d) bytes\n", bytes_read);
for(int i=0; i<bytes_read; i++)
{
for(int i=0; i<bytes_read; i++) {
printf("%c", client_message[i]);
}
return 0;

23
tests/udp_client.c
View File

@@ -10,13 +10,12 @@
int main(int argc, char * argv[])
{
if(argc < 2) {
printf("usage: udp_client <port>\n");
if(argc < 3) {
printf("usage: udp_client <addr> <port>\n");
return 0;
}
int port = atoi(argv[1]);
int sock = -1, int port = atoi(argv[1]);
ssize_t n_sent;
int sock = -1;
struct sockaddr_in server;
char buf[64];
@@ -26,37 +25,35 @@ int main(int argc, char * argv[])
return 1;
}
}
server.sin_addr.s_addr = inet_addr("10.5.5.47");
// Construct address
server.sin_addr.s_addr = inet_addr(argv[1]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
memcpy(buf, "Welcome to the Machine", sizeof("Welcome to the Machine"));
printf("sizeof(buf) = %d\n", sizeof(buf));
// Connect to server
if (connect(sock , (struct sockaddr *)&server , sizeof(server)) < 0) {
printf("api_test: error while connecting.\n");
return 1;
}
// TX
char data[1024];
memset(data, 0, sizeof(data));
char *msg = "Welcome to the Machine"
int count = 0;
while(1) {
count++;
usleep(1000000);
n_sent = send(sock,data,sizeof(data),0);
n_sent = send(sock,msg,sizeof(msg),0);
if (n_sent<0) {
perror("Problem sending data");
return 1;
}
if (n_sent!=sizeof(buf))
if (n_sent!=sizeof(msg))
printf("Sendto sent %d bytes\n",(int)n_sent);
printf("n_sent = %d, count = %d\n", n_sent,count);
}
// RX from server
/*
socklen_t recv_addr_len;
// Clear address info for RX test

55
tests/udp_server.c
View File

@@ -21,71 +21,52 @@ void echo( int sd ) {
while (1) {
usleep(50);
count++;
/* read a datagram from the socket (put result in bufin) */
// read a datagram from the socket (put result in bufin)
n=recvfrom(sd,bufin,MAXBUF,0,(struct sockaddr *)&remote,&len);
/* print out the address of the sender */
printf("Got a datagram from %s port %d\n", inet_ntoa(remote.sin_addr), ntohs(remote.sin_port));
// print out the address of the sender
printf("DGRAM from %s:%d\n", inet_ntoa(remote.sin_addr), ntohs(remote.sin_port));
if (n<0) {
perror("Error receiving data");
} else {
printf("GOT %d BYTES (count = %d)\n",n, count);
/* Got something, just send it back */
//sendto(sd,bufin,n,0,(struct sockaddr *)&remote,len);
// Got something, just send it back
// sendto(sd,bufin,n,0,(struct sockaddr *)&remote,len);
}
}
}
/* server main routine */
int main(int argc, char *argv[]) {
printf("DGRAM = %d\n", SOCK_DGRAM);
printf("STREAM = %d\n", SOCK_STREAM);
/*
if(argc < 2) {
printf("usage: udp_server <port>\n");
exit(0);
}
int port = atoi(argv[1]);
*/
int ld;
int ld, length, int port = atoi(argv[1]);
struct sockaddr_in skaddr;
struct sockaddr_in skaddr2;
struct sockaddr_in skaddr2;
int length;
// create socket
if ((ld = socket( PF_INET, SOCK_DGRAM, 0 )) < 0) {
printf("Problem creating socket\n");
// Create socket
if ((ld = socket( PF_INET, SOCK_DGRAM, 0)) < 0) {
printf("error creating socket\n");
exit(1);
}
// create address
// Create address
skaddr.sin_family = AF_INET;
//skaddr.sin_addr.s_addr = htonl(INADDR_ANY);
skaddr.sin_addr.s_addr = inet_addr("10.5.5.2");
skaddr.sin_port = htons(0);
// bind to address
skaddr.sin_addr.s_addr = htonl(INADDR_ANY);
skaddr.sin_port = htons(port);
// Bind to address
if (bind(ld, (struct sockaddr *) &skaddr, sizeof(skaddr))<0) {
printf("error binding\n");
exit(0);
}
/* find out what port we were assigned and print it out */
// find out what port we were assigned
length = sizeof( skaddr2 );
if (getsockname(ld, (struct sockaddr *) &skaddr2, &length)<0) {
printf("error getsockname\n");
exit(1);
}
// Display address:port to verify it was sent over RPC correctly
int port = ntohs(skaddr2.sin_port);
int ip = skaddr2.sin_addr.s_addr;
unsigned char d[4];
@@ -93,9 +74,9 @@ int main(int argc, char *argv[]) {
d[1] = (ip >> 8) & 0xFF;
d[2] = (ip >> 16) & 0xFF;
d[3] = (ip >> 24) & 0xFF;
printf(" handleBind(): %d.%d.%d.%d : %d -> Assigned: %d\n", d[0],d[1],d[2],d[3], port);
printf("Bound to address: %d.%d.%d.%d : %d\n", d[0],d[1],d[2],d[3], port);
/* echo every datagram */
// RX
echo(ld);
return(0);
}

1
zerotier-idtool Symbolic link
View File

@@ -0,0 +1 @@
zerotier-sdk-service