пре 4 година · 6b3a7ec827
--- a/controller/EmbeddedNetworkController.cpp
+++ b/controller/EmbeddedNetworkController.cpp
@@ -696,8 +696,10 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST(
 
				 					DB::initMember(member);
			
 
				 
			
 
				 					try {
			
 
				-						if (b.count("activeBridge")) member["activeBridge"] = OSUtils::jsonBool(b["activeBridge"],false);
			
 
				-						if (b.count("noAutoAssignIps")) member["noAutoAssignIps"] = OSUtils::jsonBool(b["noAutoAssignIps"],false);
			
 
				+						if (b.count("activeBridge")) member["activeBridge"] = OSUtils::jsonBool(b["activeBridge"], false);
			
 
				+						if (b.count("noAutoAssignIps")) member["noAutoAssignIps"] = OSUtils::jsonBool(b["noAutoAssignIps"], false);
			
 
				+						if (b.count("authenticationExpiryTime")) member["authenticationExpiryTime"] = (int64_t)OSUtils::jsonInt(b["authenticationExpiryTime"], -1LL);
			
 
				+						if (b.count("authenticationURL")) member["authenticationURL"] = OSUtils::jsonString(b["authenticationURL"], "");
			
 
				 
			
 
				 						if (b.count("remoteTraceTarget")) {
			
 
				 							const std::string rtt(OSUtils::jsonString(b["remoteTraceTarget"],""));
			
@@ -1404,7 +1406,7 @@ void EmbeddedNetworkController::_request(
 
				 	Utils::scopy(nc->name,sizeof(nc->name),OSUtils::jsonString(network["name"],"").c_str());
			
 
				 	nc->mtu = std::max(std::min((unsigned int)OSUtils::jsonInt(network["mtu"],ZT_DEFAULT_MTU),(unsigned int)ZT_MAX_MTU),(unsigned int)ZT_MIN_MTU);
			
 
				 	nc->multicastLimit = (unsigned int)OSUtils::jsonInt(network["multicastLimit"],32ULL);
			
 
				-	Utils::scopy(nc->authenticationURL, sizeof(nc->authenticationExpiryTime), authenticationURL.c_str());
			
 
				+	Utils::scopy(nc->authenticationURL, sizeof(nc->authenticationURL), authenticationURL.c_str());
			
 
				 	nc->authenticationExpiryTime = authenticationExpiryTime;
			
 
				 
			
 
				 	std::string rtt(OSUtils::jsonString(member["remoteTraceTarget"],""));
			
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -191,6 +191,27 @@ bool IncomingPacket::_doERROR(const RuntimeEnvironment *RR,void *tPtr,const Shar
 
				 			}
			
 
				 		}	break;
			
 
				 
			
 
				+		case Packet::ERROR_NETWORK_AUTHENTICATION_REQUIRED: {
			
 
				+			const SharedPtr<Network> network(RR->node->network(at<uint64_t>(ZT_PROTO_VERB_ERROR_IDX_PAYLOAD)));
			
 
				+			if ((network)&&(network->controller() == peer->address())) {
			
 
				+				int s = (int)size() - (ZT_PROTO_VERB_ERROR_IDX_PAYLOAD + 8);
			
 
				+				if (s > 2) {
			
 
				+					const uint16_t errorDataSize = at<uint16_t>(ZT_PROTO_VERB_ERROR_IDX_PAYLOAD + 8);
			
 
				+					s -= 2;
			
 
				+					if (s >= (int)errorDataSize) {
			
 
				+						Dictionary<1024> authInfo(((const char *)this->data()) + (ZT_PROTO_VERB_ERROR_IDX_PAYLOAD + 10), errorDataSize);
			
 
				+						char authenticationURL[256];
			
 
				+						if (authInfo.get("aU", authenticationURL, sizeof(authenticationURL)) > 0) {
			
 
				+							authenticationURL[sizeof(authenticationURL) - 1] = 0; // ensure always zero terminated
			
 
				+							network->setAuthenticationRequired(authenticationURL);
			
 
				+						} else {
			
 
				+							network->setAuthenticationRequired("");
			
 
				+						}
			
 
				+					}
			
 
				+				}
			
 
				+			}
			
 
				+		}	break;
			
 
				+
			
 
				 		default: break;
			
 
				 	}
			
 
				 
			
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -770,8 +770,10 @@ void Node::ncSendError(uint64_t nwid,uint64_t requestPacketId,const Address &des
 
				 
			
 
				 		outp.append(nwid);
			
 
				 
			
 
				-		if ((errorData)&&(errorDataSize > 0))
			
 
				+		if ((errorData)&&(errorDataSize > 0)&&(errorDataSize <= 0xffff)) {
			
 
				+			outp.append((uint16_t)errorDataSize);
			
 
				 			outp.append(errorData, errorDataSize);
			
 
				+		}
			
 
				 
			
 
				 		RR->sw->send((void *)0,outp,true);
			
 
				 	} // else we can't send an ERROR() in response to nothing, so discard
			
--- a/one.cpp
+++ b/one.cpp
@@ -786,20 +786,21 @@ static int cli(int argc,char **argv)
 
				 								}
			
 
				 							}
			
 
				 							if (aa.length() == 0) aa = "-";
			
 
				+							const std::string status = OSUtils::jsonString(n["status"],"-");
			
 
				 							printf("200 listnetworks %s %s %s %s %s %s %s" ZT_EOL_S,
			
 
				 								OSUtils::jsonString(n["nwid"],"-").c_str(),
			
 
				 								OSUtils::jsonString(n["name"],"-").c_str(),
			
 
				 								OSUtils::jsonString(n["mac"],"-").c_str(),
			
 
				-								OSUtils::jsonString(n["status"],"-").c_str(),
			
 
				+								status.c_str(),
			
 
				 								OSUtils::jsonString(n["type"],"-").c_str(),
			
 
				 								OSUtils::jsonString(n["portDeviceName"],"-").c_str(),
			
 
				 								aa.c_str());
			
 
				 							int64_t authenticationExpiryTime = n["authenticationExpiryTime"];
			
 
				 							if (authenticationExpiryTime >= 0) {
			
 
				-								if (n["status"] == "AUTHENTICATION_REQUIRED") {
			
 
				-									printf("    SSO authentication required, URL: %s" ZT_EOL_S, OSUtils::jsonString(n["authenticationURL"], "(null)").c_str());
			
 
				-								} else {
			
 
				-									printf("    SSO authentication expires in %lld" ZT_EOL_S, (authenticationExpiryTime - OSUtils::now()) / 1000LL);
			
 
				+								if (status == "AUTHENTICATION_REQUIRED") {
			
 
				+									printf("    AUTH EXPIRED, URL: %s" ZT_EOL_S, OSUtils::jsonString(n["authenticationURL"], "(null)").c_str());
			
 
				+								} else if (status == "OK") {
			
 
				+									printf("    AUTH OK, expires in: %lld seconds" ZT_EOL_S, (authenticationExpiryTime - OSUtils::now()) / 1000LL);
			
 
				 								}
			
 
				 							}
			
 
				 						}