UPNP/NAT-PMP support with libminiupnpc (if built with it) -- GitHub issue #64

make-mac.mk

@@ -11,7 +11,7 @@ LIBS=
 ARCH_FLAGS=-arch x86_64
 
 include objects.mk
-OBJS+=osdep/OSXEthernetTap.o 
+OBJS+=osdep/OSXEthernetTap.o
 
 # Disable codesign since open source users will not have ZeroTier's certs
 CODESIGN=echo
@@ -21,7 +21,8 @@ CODESIGN_INSTALLER_CERT=
 
 # For internal use only -- signs everything with ZeroTier's developer cert
 ifeq ($(ZT_OFFICIAL_RELEASE),1)
-	DEFS+=-DZT_OFFICIAL_RELEASE -DZT_AUTO_UPDATE 
+	DEFS+=-DZT_OFFICIAL_RELEASE -DZT_AUTO_UPDATE
+	ZT_USE_MINIUPNPC=1
 	CODESIGN=codesign
 	PRODUCTSIGN=productsign
 	CODESIGN_APP_CERT="Developer ID Application: ZeroTier Networks LLC (8ZD9JUCZ4V)"
@@ -29,19 +30,25 @@ ifeq ($(ZT_OFFICIAL_RELEASE),1)
 endif
 
 ifeq ($(ZT_AUTO_UPDATE),1)
-	DEFS+=-DZT_AUTO_UPDATE 
+	DEFS+=-DZT_AUTO_UPDATE
+endif
+
+ifeq ($(ZT_USE_MINIUPNPC),1)
+	DEFS+=-DZT_USE_MINIUPNPC
+	LIBS+=/usr/local/lib/libminiupnpc.a
+	OBJS+=osdep/UPNPClient.o
 endif
 
 # Build with ZT_ENABLE_NETWORK_CONTROLLER=1 to build with the Sqlite network controller
 ifeq ($(ZT_ENABLE_NETWORK_CONTROLLER),1)
-	DEFS+=-DZT_ENABLE_NETWORK_CONTROLLER 
+	DEFS+=-DZT_ENABLE_NETWORK_CONTROLLER
 	LIBS+=-L/usr/local/lib -lsqlite3
-	OBJS+=controller/SqliteNetworkController.o 
+	OBJS+=controller/SqliteNetworkController.o
 endif
 
 # Debug mode -- dump trace output, build binary with -g
 ifeq ($(ZT_DEBUG),1)
-	DEFS+=-DZT_TRACE 
+	DEFS+=-DZT_TRACE
 	CFLAGS+=-Wall -g -pthread $(INCLUDES) $(DEFS)
 	STRIP=echo
 	# The following line enables optimization for the crypto code, since

osdep/UPNPClient.cpp

@@ -0,0 +1,192 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2015  ZeroTier, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifdef ZT_USE_MINIUPNPC
+
+// Uncomment to dump debug messages
+//#define ZT_UPNP_TRACE 1
+
+// Uncomment to build a main() for ad-hoc testing
+//#define ZT_UPNP_TEST 1
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../node/Utils.hpp"
+#include "UPNPClient.hpp"
+
+#include <miniupnpc/miniupnpc.h>
+#include <miniupnpc/upnpcommands.h>
+
+namespace ZeroTier {
+
+class UPNPClientImpl
+{
+public:
+	UPNPClientImpl(int localUdpPortToMap) :
+		run(true),
+		localPort(localUdpPortToMap)
+	{
+	}
+
+	void threadMain()
+		throw()
+	{
+		char lanaddr[4096];
+		char externalip[4096]; // no range checking? so make these buffers larger than any UDP packet a uPnP server could send us as a precaution :P
+		char inport[16];
+		char outport[16];
+		struct UPNPUrls urls;
+		struct IGDdatas data;
+
+#ifdef ZT_UPNP_TRACE
+		fprintf(stderr,"UPNPClient: started for UDP port %d"ZT_EOL_S,localPort);
+#endif
+
+		unsigned int tryPortStart = 0;
+		Utils::getSecureRandom(&tryPortStart,sizeof(tryPortStart));
+		tryPortStart = (tryPortStart % (65535 - 1025)) + 1025;
+
+		while (run) {
+			{
+				int upnpError = 0;
+				UPNPDev *devlist = upnpDiscover(2000,(const char *)0,(const char *)0,0,0,&upnpError);
+				if (devlist) {
+#ifdef ZT_UPNP_TRACE
+					{
+						UPNPDev *dev = devlist;
+						while (dev) {
+							fprintf(stderr,"UPNPClient: found device at URL '%s': %s"ZT_EOL_S,dev->descURL,dev->st);
+							dev = dev->pNext;
+						}
+					}
+#endif
+
+					memset(lanaddr,0,sizeof(lanaddr));
+					memset(externalip,0,sizeof(externalip));
+					memset(&urls,0,sizeof(urls));
+					memset(&data,0,sizeof(data));
+					Utils::snprintf(inport,sizeof(inport),"%d",localPort);
+
+					if ((UPNP_GetValidIGD(devlist,&urls,&data,lanaddr,sizeof(lanaddr)))&&(lanaddr[0])) {
+#ifdef ZT_UPNP_TRACE
+						fprintf(stderr,"UPNPClient: my LAN IP address: %s"ZT_EOL_S,lanaddr);
+#endif
+						if ((UPNP_GetExternalIPAddress(urls.controlURL,data.first.servicetype,externalip) == UPNPCOMMAND_SUCCESS)&&(externalip[0])) {
+#ifdef ZT_UPNP_TRACE
+							fprintf(stderr,"UPNPClient: my external IP address: %s"ZT_EOL_S,externalip);
+#endif
+
+							for(int tries=0;tries<64;++tries) {
+								int tryPort = (int)tryPortStart + tries;
+								if (tryPort >= 65535)
+									tryPort = (tryPort - 65535) + 1025;
+								Utils::snprintf(outport,sizeof(outport),"%u",tryPort);
+
+								int mapResult = 0;
+								if ((mapResult = UPNP_AddPortMapping(urls.controlURL,data.first.servicetype,outport,inport,lanaddr,"ZeroTier","UDP",(const char *)0,ZT_UPNP_LEASE_DURATION)) == UPNPCOMMAND_SUCCESS) {
+	#ifdef ZT_UPNP_TRACE
+									fprintf(stderr,"UPNPClient: reserved external port: %s"ZT_EOL_S,outport);
+	#endif
+									{
+										Mutex::Lock sl(surface_l);
+										surface.clear();
+										InetAddress tmp(externalip);
+										tmp.setPort(tryPort);
+										surface.push_back(tmp);
+									}
+									break;
+								} else {
+	#ifdef ZT_UPNP_TRACE
+									fprintf(stderr,"UPNPClient: UPNP_AddAnyPortMapping(%s) failed: %d"ZT_EOL_S,outport,mapResult);
+	#endif
+									Thread::sleep(1000);
+								}
+							}
+						} else {
+#ifdef ZT_UPNP_TRACE
+							fprintf(stderr,"UPNPClient: UPNP_GetExternalIPAddress failed"ZT_EOL_S);
+#endif
+						}
+					} else {
+#ifdef ZT_UPNP_TRACE
+						fprintf(stderr,"UPNPClient: UPNP_GetValidIGD failed"ZT_EOL_S);
+#endif
+					}
+
+					freeUPNPDevlist(devlist);
+				} else {
+#ifdef ZT_UPNP_TRACE
+					fprintf(stderr,"UPNPClient: upnpDiscover error code: %d"ZT_EOL_S,upnpError);
+#endif
+				}
+			}
+
+#ifdef ZT_UPNP_TRACE
+			fprintf(stderr,"UPNPClient: rescanning in %d ms"ZT_EOL_S,ZT_UPNP_CLIENT_REFRESH_DELAY);
+#endif
+			Thread::sleep(ZT_UPNP_CLIENT_REFRESH_DELAY);
+		}
+		delete this;
+	}
+
+	volatile bool run;
+	int localPort;
+	Mutex surface_l;
+	std::vector<InetAddress> surface;
+};
+
+UPNPClient::UPNPClient(int localUdpPortToMap)
+{
+	_impl = new UPNPClientImpl(localUdpPortToMap);
+	Thread::start(_impl);
+}
+
+UPNPClient::~UPNPClient()
+{
+	_impl->run = false;
+}
+
+std::vector<InetAddress> UPNPClient::get() const
+{
+	Mutex::Lock _l(_impl->surface_l);
+	return _impl->surface;
+}
+
+} // namespace ZeroTier
+
+#ifdef ZT_UPNP_TEST
+int main(int argc,char **argv)
+{
+	ZeroTier::UPNPClient *client = new ZeroTier::UPNPClient(12345);
+	ZeroTier::Thread::sleep(0xffffffff); // wait forever
+	return 0;
+}
+#endif
+
+#endif // ZT_USE_MINIUPNPC

osdep/UPNPClient.hpp

@@ -0,0 +1,84 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2015  ZeroTier, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_UPNPCLIENT_HPP
+#define ZT_UPNPCLIENT_HPP
+
+#ifdef ZT_USE_MINIUPNPC
+
+#include <vector>
+
+#include "../node/Constants.hpp"
+#include "../node/InetAddress.hpp"
+#include "../node/Mutex.hpp"
+#include "Thread.hpp"
+
+/**
+ * How frequently should we refresh our UPNP/NAT-PnP/whatever state?
+ */
+#define ZT_UPNP_CLIENT_REFRESH_DELAY 600000
+
+/**
+ * UPNP lease duration in seconds (as string)
+ */
+#define ZT_UPNP_LEASE_DURATION "3600"
+
+namespace ZeroTier {
+
+class UPNPClientImpl;
+
+/**
+ * UPnP/NAT-PnP daemon thread
+ */
+class UPNPClient
+{
+	friend class UPNPClientImpl;
+
+public:
+	/**
+	 * Create and start UPNP client service
+	 *
+	 * @param localUdpPortToMap Port we want visible to the outside world
+	 */
+	UPNPClient(int localUdpPortToMap);
+
+	~UPNPClient();
+
+	/**
+	 * @return All current external mappings for our port
+	 */
+	std::vector<InetAddress> get() const;
+
+private:
+	UPNPClientImpl *_impl;
+};
+
+} // namespace ZeroTier
+
+#endif // ZT_USE_MINIUPNPC
+
+#endif

service/OneService.cpp

@@ -54,6 +54,7 @@
 #include "../osdep/OSUtils.hpp"
 #include "../osdep/Http.hpp"
 #include "../osdep/BackgroundResolver.hpp"
+#include "../osdep/UPNPClient.hpp"
 
 #include "OneService.hpp"
 #include "ControlPlane.hpp"
@@ -415,6 +416,9 @@ public:
 		_tcpFallbackTunnel((TcpConnection *)0),
 		_termReason(ONE_STILL_RUNNING),
 		_port(port),
+#ifdef ZT_USE_MINIUPNPC
+		_upnpClient((int)port),
+#endif
 		_run(true)
 	{
 		struct sockaddr_in in4;
@@ -511,7 +515,7 @@ public:
 			_lastRestart = clockShouldBe;
 			uint64_t lastTapMulticastGroupCheck = 0;
 			uint64_t lastTcpFallbackResolve = 0;
-			uint64_t lastLocalInterfaceAddressCheck = 0;
+			uint64_t lastLocalInterfaceAddressCheck = (OSUtils::now() - ZT1_LOCAL_INTERFACE_CHECK_INTERVAL) + 15000; // do this in 15s to give UPnP time to configure and other things time to settle
 #ifdef ZT_AUTO_UPDATE
 			uint64_t lastSoftwareUpdateCheck = 0;
 #endif // ZT_AUTO_UPDATE
@@ -576,9 +580,18 @@ public:
 							ztDevices.push_back(t->second->deviceName());
 					}
 
+					_node->clearLocalInterfaceAddresses();
+
+#ifdef ZT_USE_MINIUPNPC
+					std::vector<InetAddress> upnpAddresses(_upnpClient.get());
+					for(std::vector<InetAddress>::const_iterator ext(upnpAddresses.begin());ext!=upnpAddresses.end();++ext) {
+						printf("Adding UPNP address: %s\n",ext->toString().c_str());
+						_node->addLocalInterfaceAddress(reinterpret_cast<const struct sockaddr_storage *>(&(*ext)),0,ZT1_LOCAL_INTERFACE_ADDRESS_TRUST_NORMAL);
+					}
+#endif
+
 					struct ifaddrs *ifatbl = (struct ifaddrs *)0;
 					if ((getifaddrs(&ifatbl) == 0)&&(ifatbl)) {
-						_node->clearLocalInterfaceAddresses();
 						struct ifaddrs *ifa = ifatbl;
 						while (ifa) {
 							if ((ifa->ifa_name)&&(ifa->ifa_addr)) {
@@ -1242,6 +1255,10 @@ private:
 
 	unsigned int _port;
 
+#ifdef ZT_USE_MINIUPNPC
+	UPNPClient _upnpClient;
+#endif
+
 	bool _run;
 	Mutex _run_m;
 };