normalize path to lowercase on windows. remove backup config. add ipc…

…-discriminator idea
openziti · Oct 9, 2024 · 695533c · 695533c
1 parent 88c6e20
commit 695533c
Show file tree

Hide file tree

Showing 11 changed files with 271 additions and 198 deletions.
diff --git a/programs/ziti-edge-tunnel/config-utils.c b/programs/ziti-edge-tunnel/config-utils.c
@@ -22,13 +22,19 @@
 #include <unistd.h>
 #endif
 
-const char* app_data = "APPDATA";
+#if _WIN32
+#define realpath(rel, abs) _fullpath(abs, rel, FILENAME_MAX)
+#endif
+
 static char* identifier_path = NULL;
 
-char* get_system_config_path() {
+char* get_system_config_path(const char* base_dir) {
+    char actual_base_path[PATH_MAX];
+    realpath(base_dir, actual_base_path);
+
     char* config_path = malloc(FILENAME_MAX * sizeof(char));
 #if _WIN32
-    snprintf(config_path, FILENAME_MAX, "%s\\NetFoundry", getenv(app_data));
+    snprintf(config_path, FILENAME_MAX, "%s%cNetFoundry", actual_base_path, PATH_SEP);
 #elif __linux__
     snprintf(config_path, FILENAME_MAX, "/var/lib/ziti");
 #else
@@ -47,24 +53,3 @@ void set_identifier_path(char* id_path) {
     }
 }
 
-char* get_config_file_name(char* config_path) {
-    if (config_path != NULL) {
-        char* config_file_name = calloc(FILENAME_MAX, sizeof(char));
-        snprintf(config_file_name, FILENAME_MAX, "%s/config.json", config_path);
-        return config_file_name;
-    } else {
-        return "config.json";
-    }
-
-}
-
-char* get_backup_config_file_name(char* config_path) {
-    if (config_path != NULL) {
-        char* bkp_config_file_name = calloc(FILENAME_MAX, sizeof(char));
-        snprintf(bkp_config_file_name, FILENAME_MAX, "%s/config.json.backup", config_path);
-        return bkp_config_file_name;
-    } else {
-        return "config.json.backup";
-    }
-}
-
diff --git a/programs/ziti-edge-tunnel/include/config-utils.h b/programs/ziti-edge-tunnel/include/config-utils.h
@@ -16,11 +16,10 @@
 
 #ifndef ZITI_TUNNEL_SDK_C_CONFIG_UTILS_H
 #define ZITI_TUNNEL_SDK_C_CONFIG_UTILS_H
+#define DEFAULT_STATE_FILE_NAME "config.json"
 
-char* get_system_config_path();
+char* get_system_config_path(const char* base_path);
 void set_identifier_path(char* id_dir);
 char* get_identifier_path();
-char* get_config_file_name(char* config_path);
-char* get_backup_config_file_name(char* config_path);
 
 #endif //ZITI_TUNNEL_SDK_C_CONFIG_UTILS_H
diff --git a/programs/ziti-edge-tunnel/include/identity-utils.h b/programs/ziti-edge-tunnel/include/identity-utils.h
@@ -82,6 +82,7 @@ int get_api_page_size();
 
 tunnel_identity_array get_tunnel_identities_for_metrics();
 
+void normalize_identifier(char *str);
 
 #ifdef __cplusplus
 }

diff --git a/programs/ziti-edge-tunnel/include/instance-config.h b/programs/ziti-edge-tunnel/include/instance-config.h
@@ -16,10 +16,13 @@
 
 #ifndef ZITI_TUNNEL_SDK_C_INSTANCE_CONFIG_H
 #define ZITI_TUNNEL_SDK_C_INSTANCE_CONFIG_H
+#include <uv.h>
+#include <stdbool.h>
 
 bool load_tunnel_status_from_file(uv_loop_t *ziti_loop);
 bool save_tunnel_status_to_file();
-void initialize_instance_config();
+void initialize_instance_config(const char* config_dir);
 void cleanup_instance_config();
 
+char* get_config_file_name();
 #endif //ZITI_TUNNEL_SDK_C_INSTANCE_CONFIG_H
diff --git a/programs/ziti-edge-tunnel/include/windows/windows-scripts.h b/programs/ziti-edge-tunnel/include/windows/windows-scripts.h
@@ -28,11 +28,13 @@
 
 #include "ziti/model_support.h"
 
-void add_nrpt_rules(uv_loop_t *nrpt_loop, model_map *hostnames, const char* dns_ip);
-void remove_nrpt_rules(uv_loop_t *nrpt_loop, model_map *hostnames);
-void remove_all_nrpt_rules();
 bool is_nrpt_policies_effective(const char* tns_ip);
-void remove_and_add_nrpt_rules(uv_loop_t *nrpt_loop, model_map *hostnames, const char* dns_ip);
+
+void add_nrpt_rules(uv_loop_t *nrpt_loop, model_map *hostnames, const char* dns_ip, const char* discriminator);
+void remove_nrpt_rules(uv_loop_t *nrpt_loop, model_map *hostnames, const char* discriminator);
+void remove_and_add_nrpt_rules(uv_loop_t *nrpt_loop, model_map *hostnames, const char* dns_ip, const char* discriminator);
+void remove_all_nrpt_rules();
+
 void update_interface_metric(uv_loop_t *ziti_loop, wchar_t* tun_name, int metric);
 void update_symlink(uv_loop_t *symlink_loop, char* symlink, char* filename);
 

diff --git a/programs/ziti-edge-tunnel/instance-config.c b/programs/ziti-edge-tunnel/instance-config.c
@@ -14,21 +14,39 @@
  limitations under the License.
  */
 
+#include "instance-config.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <config-utils.h>
 #include <string.h>
 #include "identity-utils.h"
 #include <ziti/ziti_log.h>
 
+#if _WIN32
+#define realpath(rel, abs) _fullpath(abs, rel, MAX_PATH)
+#endif
+
 // to store the whole tunnel status data
 #define MIN_BUFFER_LEN 512
 
 static uv_sem_t sem;
 static unsigned int sem_value = 1;
 static int sem_initialized = -1;
 
-void initialize_instance_config() {
+static char* base_dir = NULL;
+
+///
+/// \param config_dir represents the location of the configuration to be used
+void initialize_instance_config(const char* config_dir) {
+    if (!config_dir) {
+        //indicates this was started with -i (not -I). Operations should not do anything in this case
+        return;
+    }
+
+    char actual_config_dir[PATH_MAX];
+    realpath(config_dir, actual_config_dir);
+
+    base_dir = strdup(actual_config_dir); //save the location of the config dir
     sem_initialized = uv_sem_init(&sem, sem_value);
     if (sem_initialized < 0) {
         ZITI_LOG(WARN, "Could not initialize lock for the config, config file may not be updated");
@@ -66,74 +84,56 @@ bool load_config_from_file(char* config_file_name) {
 }
 
 bool load_tunnel_status_from_file(uv_loop_t* ziti_loop) {
-    char* config_path = get_system_config_path();
-
     uv_fs_t fs;
-    int check = uv_fs_mkdir(ziti_loop, &fs, config_path, 0755, NULL);
+    int check = uv_fs_mkdir(ziti_loop, &fs, base_dir, 0755, NULL);
     if (check == 0) {
-        ZITI_LOG(TRACE, "config path is created at %s", config_path);
+        ZITI_LOG(TRACE, "config path is created at %s", base_dir);
     } else if (check == UV_EEXIST) {
-        ZITI_LOG(TRACE, "config path exists at %s", config_path);
+        ZITI_LOG(TRACE, "config path exists at %s", base_dir);
     } else {
-        ZITI_LOG(ERROR, "error creating %s: %s", config_path, uv_strerror(check));
+        ZITI_LOG(ERROR, "error creating %s: %s", base_dir, uv_strerror(check));
         return false;
     }
     bool loaded = false;
 
-    char* config_file_name = get_config_file_name(config_path);
-    char* bkp_config_file_name = get_backup_config_file_name(config_path);
+    char* config_file_name = get_config_file_name();
     ZITI_LOG(INFO,"Loading config file from %s", config_file_name);
 
     // try to load tunnel status from config file
     loaded = load_config_from_file(config_file_name);
 
-    // try to load tunnel status from backup config file
-    if (!loaded) {
-        loaded = load_config_from_file(bkp_config_file_name);
-    }
-
     // not able to load the tunnel status from both the config and backup files
     if (!loaded) {
         ZITI_LOG(WARN, "Config files %s and the backup file cannot be read or they do not exist, will create a new config file or the old one will be overwritten", config_file_name);
     }
 
     free(config_file_name);
-    free(bkp_config_file_name);
-    free(config_path);
     return loaded;
 }
 
 bool save_tunnel_status_to_file() {
+    if(!base_dir) {
+        // no base_dir indicates using -i not -I
+        ZITI_LOG(DEBUG, "skipping save_tunnel_status_to_file. base_dir is NULL, running with -i");
+        return true;
+    }
     size_t json_len;
     char* tunnel_status = get_tunnel_config(&json_len);
     bool saved = false;
 
     if (json_len > 0) {
-        char* config_path = get_system_config_path();
-
-        char* config_file_name = get_config_file_name(config_path);
-        char* bkp_config_file_name = get_backup_config_file_name(config_path);
+        char* config_path = get_system_config_path(base_dir);
+        char* config_file_name = get_config_file_name();
 
         if (sem_initialized == 0) {
             uv_sem_wait(&sem);
         } else {
             ZITI_LOG(ZITI_WTF, "Could not save the config file [%s] due to semaphore lock not initialized error.", config_file_name);
             free(config_file_name);
-            free(bkp_config_file_name);
             free(config_path);
             free(tunnel_status);
             return saved;
         }
-        //copy config to backup file
-        int rem = remove(bkp_config_file_name);
-        if (rem == 0) {
-            ZITI_LOG(DEBUG, "Deleted backup config file %s", bkp_config_file_name);
-        }
-        if (rename(config_file_name, bkp_config_file_name) == 0) {
-            ZITI_LOG(DEBUG, "Copied config file to backup config file %s", bkp_config_file_name);
-        } else {
-            ZITI_LOG(ERROR, "Could not copy config file [%s] to backup config file, the config might not exists at the moment", config_file_name);
-        }
 
         // write tunnel status to the config file
         FILE* config = fopen(config_file_name, "w");
@@ -152,14 +152,11 @@ bool save_tunnel_status_to_file() {
             }
             saved = true;
             fclose(config);
-            ZITI_LOG(DEBUG, "Saved current tunnel status into Config file %s", config_file_name);
+            ZITI_LOG(INFO, "Saved current tunnel status into Config file %s", config_file_name);
         }
         uv_sem_post(&sem);
-
-        ZITI_LOG(TRACE, "Cleaning up resources used for the backup of tunnel config file %s", config_file_name);
 
         free(config_file_name);
-        free(bkp_config_file_name);
         free(config_path);
     }
     free(tunnel_status);
@@ -176,4 +173,14 @@ void cleanup_instance_config() {
     } else {
         ZITI_LOG(ZITI_WTF, "Could not clean instance config. The semaphore is not initialized.");
     }
+}
+
+char* get_config_file_name() {
+    if (base_dir != NULL) {
+        char* config_file_name = calloc(FILENAME_MAX, sizeof(char));
+        snprintf(config_file_name, FILENAME_MAX, "%s%cconfig.json", base_dir, PATH_SEP);
+        return config_file_name;
+    } else {
+        return "config.json";
+    }
 }
diff --git a/programs/ziti-edge-tunnel/instance.c b/programs/ziti-edge-tunnel/instance.c
@@ -52,7 +52,9 @@ tunnel_identity *create_or_get_tunnel_identity(const char* identifier, const cha
         return id;
     } else {
         tunnel_identity *tnl_id = calloc(1, sizeof(struct tunnel_identity_s));
-        tnl_id->Identifier = strdup(identifier);
+        char* dup_identifier = strdup(identifier);
+        normalize_identifier(dup_identifier);
+        tnl_id->Identifier = dup_identifier;
         if (filename != NULL) {
             char* extension = strstr(filename, ".json");
 
@@ -557,9 +559,10 @@ void normalize_identifier(char *str) {
         if (*str == find) {
             *str = replace;
         }
+        *str = (char)tolower((unsigned char)*str); // Convert to lowercase
     }
 #else
-    return; // nothing to normalize at this time
+    // nothing to normalize at this time
 #endif
     remove_duplicate_path_separators(init_pos, PATH_SEP);
 }
@@ -581,7 +584,14 @@ void set_identifier_from_identities() {
         if (tnl_id->Identifier != NULL) {
             // set this field to false during initialization
             normalize_identifier((char*)tnl_id->Identifier);
-            model_map_set(&tnl_identity_map, tnl_id->Identifier, tnl_id);
+            // verify the identity file is still there before adding to the map
+
+            struct stat buffer;
+            if (stat(tnl_id->Identifier, &buffer) == 0) {
+                model_map_set(&tnl_identity_map, tnl_id->Identifier, tnl_id);
+            } else {
+                ZITI_LOG(WARN, "identity was in config, but file no longer exists. identifier=%s", tnl_id->Identifier);
+            }
         }
         //on startup - set mfa needed to false to correctly reflect tunnel status. After the identity is loaded these
         //are set to true __if necessary__