Signing of Capability and Tag objects.

controller/EmbeddedNetworkController.cpp

@@ -548,8 +548,7 @@ NetworkController::ResultCode EmbeddedNetworkController::doNetworkConfigRequest(
 		for(unsigned long i=0;i<rules.size();++i) {
 			if (nc.ruleCount >= ZT_MAX_NETWORK_RULES)
 				break;
-			auto rule = rules[i];
-			if (_parseRule(rule,nc.rules[nc.ruleCount]))
+			if (_parseRule(rules[i],nc.rules[nc.ruleCount]))
 				++nc.ruleCount;
 		}
 	}
@@ -559,18 +558,47 @@ NetworkController::ResultCode EmbeddedNetworkController::doNetworkConfigRequest(
 		for(unsigned long i=0;i<capabilities.size();++i) {
 			auto cap = capabilities[i];
 			if (cap.is_object())
-				capsById[_jI(cap["id"],0ULL)] = cap;
+				capsById[_jI(cap["id"],0ULL) & 0xffffffffULL] = cap;
 		}
 
 		for(unsigned long i=0;i<memberCapabilities.size();++i) {
-			const uint64_t capId = _jI(memberCapabilities[i],0ULL);
+			const uint64_t capId = _jI(memberCapabilities[i],0ULL) & 0xffffffffULL;
 			json &cap = capsById[capId];
 			if ((cap.is_object())&&(cap.size() > 0)) {
+				ZT_VirtualNetworkRule capr[ZT_MAX_CAPABILITY_RULES];
+				unsigned int caprc = 0;
+				auto caprj = cap["rules"];
+				if ((caprj.is_array())&&(caprj.size() > 0)) {
+					for(unsigned long j=0;j<caprj.size();++j) {
+						if (caprc >= ZT_MAX_CAPABILITY_RULES)
+							break;
+						if (_parseRule(caprj[j],capr[caprc]))
+							++caprc;
+					}
+				}
+				nc.capabilities[nc.capabilityCount] = Capability((uint32_t)capId,nwid,now,now + ZT_NETWORK_COM_DEFAULT_REVISION_MAX_DELTA,1,capr,caprc);
+				if (nc.capabilities[nc.capabilityCount].sign(signingId,identity.address()))
+					++nc.capabilityCount;
+				if (nc.capabilityCount >= ZT_MAX_NETWORK_CAPABILITIES)
+					break;
 			}
 		}
 	}
 
 	if (memberTags.is_array()) {
+		std::map< uint32_t,uint32_t > tagsById;
+		for(unsigned long i=0;i<memberTags.size();++i) {
+			auto t = memberTags[i];
+			if ((t.is_array())&&(t.size() == 2))
+				tagsById[(uint32_t)(_jI(t[0],0ULL) & 0xffffffffULL)] = (uint32_t)(_jI(t[1],0ULL) & 0xffffffffULL);
+		}
+		for(std::map< uint32_t,uint32_t >::const_iterator t(tagsById.begin());t!=tagsById.end();++t) {
+			if (nc.tagCount >= ZT_MAX_NETWORK_TAGS)
+				break;
+			nc.tags[nc.tagCount] = Tag(nwid,now,now + ZT_NETWORK_COM_DEFAULT_REVISION_MAX_DELTA,identity.address(),t->first,t->second);
+			if (nc.tags[nc.tagCount].sign(signingId))
+				++nc.tagCount;
+		}
 	}
 
 	if (routes.is_array()) {

node/Capability.hpp

@@ -73,12 +73,11 @@ public:
 	 * @param nwid Network ID
 	 * @param ts Timestamp (at controller)
 	 * @param expiration Expiration relative to network config timestamp
-	 * @param name Capability short name (max strlen == ZT_MAX_CAPABILITY_NAME_LENGTH, overflow ignored)
 	 * @param mccl Maximum custody chain length (1 to create non-transferrable capability)
 	 * @param rules Network flow rules for this capability
 	 * @param ruleCount Number of flow rules
 	 */
-	Capability(uint32_t id,uint64_t nwid,uint64_t ts,uint64_t expiration,const char *name,unsigned int mccl,const ZT_VirtualNetworkRule *rules,unsigned int ruleCount)
+	Capability(uint32_t id,uint64_t nwid,uint64_t ts,uint64_t expiration,unsigned int mccl,const ZT_VirtualNetworkRule *rules,unsigned int ruleCount)
 	{
 		memset(this,0,sizeof(Capability));
 		_nwid = nwid;