cpp-httplib sets IPV6_V6ONLY to false on it's sockets.
On FreeBSD, this makes all ipv4 addresses get get prefixed with ::ffff:
it makes them IPv6 addresses mapped to v4.
This is a partial fix for #2151. The cli will work again.
Something should probably also be adjusted with the httplib.
If you want to, for example, use the `allowManagementFrom` option in
local.conf
you will need to prefix it with "::ffff:", "::ffff:1.2.3.4"
which is a little surprising and inconsistent between BSD and other OSs.
It wasn't ignoring separator characters such as the colon and hyphen.
The rules compiler automatically add a colon to separate bytes, which is
not compatible with how they are parsed.
* Exit if loading an invalid identity from disk
Previously, if an invalid identity was loaded from disk, ZeroTier would
generate a new identity & chug along and generate a brand new identity
as if nothing happened. When running in containers, this introduces the
possibility for key matter loss; especially when running in containers
where the identity files are mounted in the container read only. In
this case, ZT will continue chugging along with a brand new identity
with no possibility of recovering the private key.
ZeroTier should exit upon loading of invalid identity.public/identity.secret #2056
* add validation test for #2056
* internal db metrics
* use shared mutexes for read/write locks
* remove this lock. only used for a metric
* more metrics
* remove exploratory metrics
place controller request benchmarks behind ifdef
* add new metrics for network config request queue size and sso expirations
* move sso expiration to its own thread in the controller
* fix potential undefined behavior when modifying a set
* Rename zt_packet_incoming -> zt_packet
Also consolidate zt_peer_packets into a single metric with tx and rx labels. Same for ztc_tcp_data and ztc_udp_data
* Further collapse tcp & udp into metric labels for zt_data
* Fix zt_data metric description
* zt_peer_packets description fix
* Consolidate incoming/outgoing network packets to a single metric
* zt_incoming_packet_error -> zt_packet_error
* Disable peer metrics for central controllers
Can change in the future if needed, but given the traffic our controllers serve, that's going to be a *lot* of data
* Disable peer metrics for controllers pt 2
* Adding peer metrics
still need to be wired up for use
* per peer packet metrics
* Fix crash from bad instantiation of histogram
* separate alive & dead path counts
* Add peer metric update block
* add peer latency values in doPingAndKeepalive
* prevent deadlock
* peer latency histogram actually works now
* cleanup
* capture counts of packets to specific peers
---------
Co-authored-by: Joseph Henry <joseph.henry@zerotier.com>
Joseph Henry
Adam Ierymenko
travisladuke
Léo El Amri
Brenton Bostick
Grant Limberg