From 1aa31e04140f7d937182d7398f6c8893223d8eaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20El=20Amri?= Date: Tue, 14 Nov 2023 21:57:53 +0100 Subject: [PATCH 1/2] Fix how MAC addresses are handled by the rules parser It wasn't ignoring separator characters such as the colon and hyphen. The rules compiler automatically add a colon to separate bytes, which is not compatible with how they are parsed. --- controller/EmbeddedNetworkController.cpp | 4 ++-- node/Utils.hpp | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp index a01b68a9d..898dfa06b 100644 --- a/controller/EmbeddedNetworkController.cpp +++ b/controller/EmbeddedNetworkController.cpp @@ -315,12 +315,12 @@ static bool _parseRule(json &r,ZT_VirtualNetworkRule &rule) return true; } else if (t == "MATCH_MAC_SOURCE") { rule.t |= ZT_NETWORK_RULE_MATCH_MAC_SOURCE; - const std::string mac(OSUtils::jsonString(r["mac"],"0")); + const std::string mac(Utils::cleanMac(OSUtils::jsonString(r["mac"],"0"))); Utils::unhex(mac.c_str(),(unsigned int)mac.length(),rule.v.mac,6); return true; } else if (t == "MATCH_MAC_DEST") { rule.t |= ZT_NETWORK_RULE_MATCH_MAC_DEST; - const std::string mac(OSUtils::jsonString(r["mac"],"0")); + const std::string mac(Utils::cleanMac(OSUtils::jsonString(r["mac"],"0"))); Utils::unhex(mac.c_str(),(unsigned int)mac.length(),rule.v.mac,6); return true; } else if (t == "MATCH_IPV4_SOURCE") { diff --git a/node/Utils.hpp b/node/Utils.hpp index d13674c1f..a4c3ac8ff 100644 --- a/node/Utils.hpp +++ b/node/Utils.hpp @@ -24,6 +24,7 @@ #include #include #include +#include #if defined(__FreeBSD__) #include @@ -849,6 +850,19 @@ class Utils * Hexadecimal characters 0-f */ static const char HEXCHARS[16]; + + /* + * Remove `-` and `:` from a MAC address (in-place). + * + * @param mac The MAC address + */ + static inline void cleanMac(std::string& mac) + { + auto start = mac.begin(); + auto end = mac.end(); + auto new_end = std::remove_if(start, end, [](char c) { return c == 45 || c == 58; }); + mac.erase(new_end, end); + } }; } // namespace ZeroTier From b9d0cf9c894752ecfb74c9f8942eff6b77a90f4a Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Tue, 5 Mar 2024 12:14:12 -0800 Subject: [PATCH 2/2] Don't pass result of void function to string constructor --- controller/EmbeddedNetworkController.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp index 0aa56d59e..98a9fbd94 100644 --- a/controller/EmbeddedNetworkController.cpp +++ b/controller/EmbeddedNetworkController.cpp @@ -315,12 +315,14 @@ static bool _parseRule(json &r,ZT_VirtualNetworkRule &rule) return true; } else if (t == "MATCH_MAC_SOURCE") { rule.t |= ZT_NETWORK_RULE_MATCH_MAC_SOURCE; - const std::string mac(Utils::cleanMac(OSUtils::jsonString(r["mac"],"0"))); + std::string mac(OSUtils::jsonString(r["mac"],"0")); + Utils::cleanMac(mac); Utils::unhex(mac.c_str(),(unsigned int)mac.length(),rule.v.mac,6); return true; } else if (t == "MATCH_MAC_DEST") { rule.t |= ZT_NETWORK_RULE_MATCH_MAC_DEST; - const std::string mac(Utils::cleanMac(OSUtils::jsonString(r["mac"],"0"))); + std::string mac(OSUtils::jsonString(r["mac"],"0")); + Utils::cleanMac(mac); Utils::unhex(mac.c_str(),(unsigned int)mac.length(),rule.v.mac,6); return true; } else if (t == "MATCH_IPV4_SOURCE") {