mirror of
https://github.com/postmannen/ctrl.git
synced 2025-01-20 22:52:13 +00:00
changed name for keys requests
This commit is contained in:
parent
912e2879ff
commit
041d59be22
6 changed files with 99 additions and 99 deletions
|
@ -822,7 +822,7 @@ For storing the keys on the central server two databases are involved.
|
|||
|
||||
1. Steward nodes will request key updates by sending a message to the central server with the **REQGetKeys** method on a timed interval. The hash of the current keys on a node will be put as the payload of the message.
|
||||
2. On the Central server the received hash will be compared with the current hash on the central server. If the hashes are equal nothing will be done, and no reply message will be sent back to the end node.
|
||||
3. If the hashes are not equal a reply message of type **REQPublicKeysToNode** will be sent back to the end node with a copy of the acknowledged public keys database and a hash of those keys.
|
||||
3. If the hashes are not equal a reply message of type **REQKeysDeliverUpdate** will be sent back to the end node with a copy of the acknowledged public keys database and a hash of those keys.
|
||||
4. The end node will then update it's local key database.
|
||||
|
||||
NB: The update process is initiated by the end nodes on a timed interval. No key updates are initiaded from the central server.
|
||||
|
|
|
@ -90,9 +90,9 @@ type Configuration struct {
|
|||
// Make the current node send hello messages to central at given interval in seconds
|
||||
StartPubREQHello int
|
||||
// Publisher for asking central for public keys
|
||||
StartPubREQPublicKeysGet bool
|
||||
StartPubREQKeysRequestUpdate bool
|
||||
// Subscriber for receiving updates of public keys from central
|
||||
StartSubREQPublicKeysToNode bool
|
||||
StartSubREQKeysDeliverUpdate bool
|
||||
// Start the central error logger.
|
||||
StartSubREQErrorLog bool
|
||||
// Subscriber for hello messages
|
||||
|
@ -167,8 +167,8 @@ type ConfigurationFromFile struct {
|
|||
EnableDebug *bool
|
||||
|
||||
StartPubREQHello *int
|
||||
StartPubREQPublicKeysGet *bool
|
||||
StartSubREQPublicKeysToNode *bool
|
||||
StartPubREQKeysRequestUpdate *bool
|
||||
StartSubREQKeysDeliverUpdate *bool
|
||||
StartSubREQErrorLog *bool
|
||||
StartSubREQHello *bool
|
||||
StartSubREQToFileAppend *bool
|
||||
|
@ -231,8 +231,8 @@ func newConfigurationDefaults() Configuration {
|
|||
EnableDebug: false,
|
||||
|
||||
StartPubREQHello: 30,
|
||||
StartPubREQPublicKeysGet: true,
|
||||
StartSubREQPublicKeysToNode: true,
|
||||
StartPubREQKeysRequestUpdate: true,
|
||||
StartSubREQKeysDeliverUpdate: true,
|
||||
StartSubREQErrorLog: false,
|
||||
StartSubREQHello: true,
|
||||
StartSubREQToFileAppend: true,
|
||||
|
@ -432,15 +432,15 @@ func checkConfigValues(cf ConfigurationFromFile) Configuration {
|
|||
} else {
|
||||
conf.StartPubREQHello = *cf.StartPubREQHello
|
||||
}
|
||||
if cf.StartPubREQPublicKeysGet == nil {
|
||||
conf.StartPubREQPublicKeysGet = cd.StartPubREQPublicKeysGet
|
||||
if cf.StartPubREQKeysRequestUpdate == nil {
|
||||
conf.StartPubREQKeysRequestUpdate = cd.StartPubREQKeysRequestUpdate
|
||||
} else {
|
||||
conf.StartPubREQPublicKeysGet = *cf.StartPubREQPublicKeysGet
|
||||
conf.StartPubREQKeysRequestUpdate = *cf.StartPubREQKeysRequestUpdate
|
||||
}
|
||||
if cf.StartSubREQPublicKeysToNode == nil {
|
||||
conf.StartSubREQPublicKeysToNode = cd.StartSubREQPublicKeysToNode
|
||||
if cf.StartSubREQKeysDeliverUpdate == nil {
|
||||
conf.StartSubREQKeysDeliverUpdate = cd.StartSubREQKeysDeliverUpdate
|
||||
} else {
|
||||
conf.StartSubREQPublicKeysToNode = *cf.StartSubREQPublicKeysToNode
|
||||
conf.StartSubREQKeysDeliverUpdate = *cf.StartSubREQKeysDeliverUpdate
|
||||
}
|
||||
if cf.StartSubREQErrorLog == nil {
|
||||
conf.StartSubREQErrorLog = cd.StartSubREQErrorLog
|
||||
|
@ -590,8 +590,8 @@ func (c *Configuration) CheckFlags() error {
|
|||
|
||||
flag.IntVar(&c.StartPubREQHello, "startPubREQHello", fc.StartPubREQHello, "Make the current node send hello messages to central at given interval in seconds")
|
||||
|
||||
flag.BoolVar(&c.StartPubREQPublicKeysGet, "startPubREQPublicKeysGet", fc.StartPubREQPublicKeysGet, "true/false")
|
||||
flag.BoolVar(&c.StartSubREQPublicKeysToNode, "startSubREQPublicKeysToNode", fc.StartSubREQPublicKeysToNode, "true/false")
|
||||
flag.BoolVar(&c.StartPubREQKeysRequestUpdate, "startPubREQKeysRequestUpdate", fc.StartPubREQKeysRequestUpdate, "true/false")
|
||||
flag.BoolVar(&c.StartSubREQKeysDeliverUpdate, "startSubREQKeysDeliverUpdate", fc.StartSubREQKeysDeliverUpdate, "true/false")
|
||||
flag.BoolVar(&c.StartSubREQErrorLog, "startSubREQErrorLog", fc.StartSubREQErrorLog, "true/false")
|
||||
flag.BoolVar(&c.StartSubREQHello, "startSubREQHello", fc.StartSubREQHello, "true/false")
|
||||
flag.BoolVar(&c.StartSubREQToFileAppend, "startSubREQToFileAppend", fc.StartSubREQToFileAppend, "true/false")
|
||||
|
|
40
processes.go
40
processes.go
|
@ -173,13 +173,13 @@ func (p *processes) Start(proc process) {
|
|||
proc.startup.pubREQHello(proc)
|
||||
}
|
||||
|
||||
if proc.configuration.StartPubREQPublicKeysGet {
|
||||
proc.startup.pubREQPublicKeysGet(proc)
|
||||
if proc.configuration.StartPubREQKeysRequestUpdate {
|
||||
proc.startup.pubREQKeysRequestUpdate(proc)
|
||||
}
|
||||
|
||||
if proc.configuration.IsCentralAuth {
|
||||
proc.startup.subREQPublicKeysGet(proc)
|
||||
proc.startup.subREQPublicKeysAllow(proc)
|
||||
proc.startup.subREQKeysRequestUpdate(proc)
|
||||
proc.startup.subREQKeysAllow(proc)
|
||||
proc.startup.subREQAclAddCommand(proc)
|
||||
proc.startup.subREQAclDeleteCommand(proc)
|
||||
proc.startup.subREQAclDeleteSource(proc)
|
||||
|
@ -193,8 +193,8 @@ func (p *processes) Start(proc process) {
|
|||
proc.startup.subREQAclImport(proc)
|
||||
}
|
||||
|
||||
if proc.configuration.StartSubREQPublicKeysToNode {
|
||||
proc.startup.subREQPublicKeysToNode(proc)
|
||||
if proc.configuration.StartSubREQKeysDeliverUpdate {
|
||||
proc.startup.subREQKeysDeliverUpdate(proc)
|
||||
}
|
||||
|
||||
if proc.configuration.StartSubREQHttpGet {
|
||||
|
@ -317,13 +317,13 @@ func (s startup) pubREQHello(p process) {
|
|||
go proc.spawnWorker()
|
||||
}
|
||||
|
||||
// pubREQPublicKeysGet defines the startup of a publisher that will send REQPublicKeysGet
|
||||
// pubREQKeysRequestUpdate defines the startup of a publisher that will send REQREQKeysRequestUpdate
|
||||
// to central server and ask for publics keys, and to get them deliver back with a request
|
||||
// of type pubREQPublicKeysToNode.
|
||||
func (s startup) pubREQPublicKeysGet(p process) {
|
||||
// of type pubREQKeysDeliverUpdate.
|
||||
func (s startup) pubREQKeysRequestUpdate(p process) {
|
||||
log.Printf("Starting PublicKeysGet Publisher: %#v\n", p.node)
|
||||
|
||||
sub := newSubject(REQPublicKeysGet, p.configuration.CentralNodeName)
|
||||
sub := newSubject(REQKeysRequestUpdate, p.configuration.CentralNodeName)
|
||||
proc := newProcess(p.ctx, s.server, sub, processKindPublisher, nil)
|
||||
|
||||
// Define the procFunc to be used for the process.
|
||||
|
@ -336,7 +336,7 @@ func (s startup) pubREQPublicKeysGet(p process) {
|
|||
// and update with new keys back.
|
||||
|
||||
proc.nodeAuth.publicKeys.mu.Lock()
|
||||
fmt.Printf("\n ----> REQPublicKeysGet: sending our current hash: %v\n\n", []byte(proc.nodeAuth.publicKeys.keysAndHash.Hash[:]))
|
||||
fmt.Printf("\n ----> REQKeysRequestUpdate: sending our current hash: %v\n\n", []byte(proc.nodeAuth.publicKeys.keysAndHash.Hash[:]))
|
||||
|
||||
m := Message{
|
||||
FileName: "publickeysget.log",
|
||||
|
@ -344,8 +344,8 @@ func (s startup) pubREQPublicKeysGet(p process) {
|
|||
ToNode: Node(p.configuration.CentralNodeName),
|
||||
FromNode: Node(p.node),
|
||||
Data: []byte(proc.nodeAuth.publicKeys.keysAndHash.Hash[:]),
|
||||
Method: REQPublicKeysGet,
|
||||
ReplyMethod: REQPublicKeysToNode,
|
||||
Method: REQKeysRequestUpdate,
|
||||
ReplyMethod: REQKeysDeliverUpdate,
|
||||
ACKTimeout: proc.configuration.DefaultMessageTimeout,
|
||||
Retries: 1,
|
||||
}
|
||||
|
@ -372,23 +372,23 @@ func (s startup) pubREQPublicKeysGet(p process) {
|
|||
go proc.spawnWorker()
|
||||
}
|
||||
|
||||
func (s startup) subREQPublicKeysGet(p process) {
|
||||
log.Printf("Starting Public keys get subscriber: %#v\n", p.node)
|
||||
sub := newSubject(REQPublicKeysGet, string(p.node))
|
||||
func (s startup) subREQKeysRequestUpdate(p process) {
|
||||
log.Printf("Starting Public keys request update subscriber: %#v\n", p.node)
|
||||
sub := newSubject(REQKeysRequestUpdate, string(p.node))
|
||||
proc := newProcess(p.ctx, s.server, sub, processKindSubscriber, nil)
|
||||
go proc.spawnWorker()
|
||||
}
|
||||
|
||||
func (s startup) subREQPublicKeysAllow(p process) {
|
||||
func (s startup) subREQKeysAllow(p process) {
|
||||
log.Printf("Starting Public keys allow subscriber: %#v\n", p.node)
|
||||
sub := newSubject(REQPublicKeysAllow, string(p.node))
|
||||
sub := newSubject(REQKeysAllow, string(p.node))
|
||||
proc := newProcess(p.ctx, s.server, sub, processKindSubscriber, nil)
|
||||
go proc.spawnWorker()
|
||||
}
|
||||
|
||||
func (s startup) subREQPublicKeysToNode(p process) {
|
||||
func (s startup) subREQKeysDeliverUpdate(p process) {
|
||||
log.Printf("Starting Public keys to Node subscriber: %#v\n", p.node)
|
||||
sub := newSubject(REQPublicKeysToNode, string(p.node))
|
||||
sub := newSubject(REQKeysDeliverUpdate, string(p.node))
|
||||
proc := newProcess(p.ctx, s.server, sub, processKindSubscriber, nil)
|
||||
go proc.spawnWorker()
|
||||
}
|
||||
|
|
18
requests.go
18
requests.go
|
@ -124,12 +124,12 @@ const (
|
|||
|
||||
// REQPublicKey will get the public ed25519 key from a node.
|
||||
REQPublicKey Method = "REQPublicKey"
|
||||
// REQPublicKeysGet will get all the public keys from central.
|
||||
REQPublicKeysGet Method = "REQPublicKeysGet"
|
||||
// REQPublicKeysToNode will put all the public received from central.
|
||||
REQPublicKeysToNode Method = "REQPublicKeysToNode"
|
||||
// REQAuthPublicKeysAllow
|
||||
REQPublicKeysAllow Method = "REQPublicKeysAllow"
|
||||
// REQKeysRequestUpdate will get all the public keys from central.
|
||||
REQKeysRequestUpdate Method = "REQKeysRequestUpdate"
|
||||
// REQKeysDeliverUpdate will deliver the public from central to a node.
|
||||
REQKeysDeliverUpdate Method = "REQKeysDeliverUpdate"
|
||||
// REQKeysAllow
|
||||
REQKeysAllow Method = "REQKeysAllow"
|
||||
|
||||
// REQAclAddCommand
|
||||
REQAclAddCommand = "REQAclAddCommand"
|
||||
|
@ -239,13 +239,13 @@ func (m Method) GetMethodsAvailable() MethodsAvailable {
|
|||
REQPublicKey: methodREQPublicKey{
|
||||
event: EventACK,
|
||||
},
|
||||
REQPublicKeysGet: methodREQPublicKeysGet{
|
||||
REQKeysRequestUpdate: methodREQKeysRequestUpdate{
|
||||
event: EventNACK,
|
||||
},
|
||||
REQPublicKeysToNode: methodREQPublicKeysToNode{
|
||||
REQKeysDeliverUpdate: methodREQKeysDeliverUpdate{
|
||||
event: EventNACK,
|
||||
},
|
||||
REQPublicKeysAllow: methodREQPublicKeysAllow{
|
||||
REQKeysAllow: methodREQKeysAllow{
|
||||
event: EventACK,
|
||||
},
|
||||
REQAclAddCommand: methodREQAclAddCommand{
|
||||
|
|
|
@ -60,16 +60,16 @@ func (m methodREQPublicKey) handler(proc process, message Message, node string)
|
|||
|
||||
// ----
|
||||
|
||||
type methodREQPublicKeysGet struct {
|
||||
type methodREQKeysRequestUpdate struct {
|
||||
event Event
|
||||
}
|
||||
|
||||
func (m methodREQPublicKeysGet) getKind() Event {
|
||||
func (m methodREQKeysRequestUpdate) getKind() Event {
|
||||
return m.event
|
||||
}
|
||||
|
||||
// Handler to get all the public ed25519 keys from a central server.
|
||||
func (m methodREQPublicKeysGet) handler(proc process, message Message, node string) ([]byte, error) {
|
||||
func (m methodREQKeysRequestUpdate) handler(proc process, message Message, node string) ([]byte, error) {
|
||||
// Get a context with the timeout specified in message.MethodTimeout.
|
||||
|
||||
// TODO:
|
||||
|
@ -113,7 +113,7 @@ func (m methodREQPublicKeysGet) handler(proc process, message Message, node stri
|
|||
// it with the current one for the KeyMap, and know if we need to send
|
||||
// and update back to the node who published the request to here.
|
||||
|
||||
fmt.Printf(" <---- methodREQPublicKeysGet: received hash from NODE=%v, HASH=%v\n", message.FromNode, message.Data)
|
||||
fmt.Printf(" <---- methodREQKeysRequestUpdate: received hash from NODE=%v, HASH=%v\n", message.FromNode, message.Data)
|
||||
|
||||
// Check if the received hash is the same as the one currently active,
|
||||
if bytes.Equal(proc.centralAuth.pki.nodesAcked.keysAndHash.Hash[:], message.Data) {
|
||||
|
@ -123,15 +123,15 @@ func (m methodREQPublicKeysGet) handler(proc process, message Message, node stri
|
|||
|
||||
fmt.Printf("\n ------------ NODE AND CENTRAL WERE NOT EQUAL, PREPARING TO SEND NEW VERSION OF KEYS\n\n")
|
||||
|
||||
fmt.Printf(" * methodREQPublicKeysGet: marshalling new keys and hash to send: map=%v, hash=%v\n\n", proc.centralAuth.pki.nodesAcked.keysAndHash.Keys, proc.centralAuth.pki.nodesAcked.keysAndHash.Hash)
|
||||
fmt.Printf(" * methodREQKeysRequestUpdate: marshalling new keys and hash to send: map=%v, hash=%v\n\n", proc.centralAuth.pki.nodesAcked.keysAndHash.Keys, proc.centralAuth.pki.nodesAcked.keysAndHash.Hash)
|
||||
|
||||
b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
||||
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: REQPublicKeysGet, failed to marshal keys map: %v", err)
|
||||
er := fmt.Errorf("error: methodREQKeysRequestUpdate, failed to marshal keys map: %v", err)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
}
|
||||
fmt.Printf("\n ----> methodREQPublicKeysGet: SENDING KEYS TO NODE=%v\n", message.FromNode)
|
||||
fmt.Printf("\n ----> methodREQKeysRequestUpdate: SENDING KEYS TO NODE=%v\n", message.FromNode)
|
||||
newReplyMessage(proc, message, b)
|
||||
}()
|
||||
}
|
||||
|
@ -143,16 +143,16 @@ func (m methodREQPublicKeysGet) handler(proc process, message Message, node stri
|
|||
|
||||
// ----
|
||||
|
||||
type methodREQPublicKeysToNode struct {
|
||||
type methodREQKeysDeliverUpdate struct {
|
||||
event Event
|
||||
}
|
||||
|
||||
func (m methodREQPublicKeysToNode) getKind() Event {
|
||||
func (m methodREQKeysDeliverUpdate) getKind() Event {
|
||||
return m.event
|
||||
}
|
||||
|
||||
// Handler to put the public key replies received from a central server.
|
||||
func (m methodREQPublicKeysToNode) handler(proc process, message Message, node string) ([]byte, error) {
|
||||
// Handler to receive the public keys from a central server.
|
||||
func (m methodREQKeysDeliverUpdate) handler(proc process, message Message, node string) ([]byte, error) {
|
||||
// Get a context with the timeout specified in message.MethodTimeout.
|
||||
|
||||
// TODO:
|
||||
|
@ -186,12 +186,12 @@ func (m methodREQPublicKeysToNode) handler(proc process, message Message, node s
|
|||
proc.nodeAuth.publicKeys.mu.Lock()
|
||||
|
||||
err := json.Unmarshal(message.Data, proc.nodeAuth.publicKeys.keysAndHash)
|
||||
fmt.Printf("\n <---- REQPublicKeysToNode: after unmarshal, nodeAuth keysAndhash contains: %+v\n\n", proc.nodeAuth.publicKeys.keysAndHash)
|
||||
fmt.Printf("\n <---- REQKeysDeliverUpdate: after unmarshal, nodeAuth keysAndhash contains: %+v\n\n", proc.nodeAuth.publicKeys.keysAndHash)
|
||||
|
||||
proc.nodeAuth.publicKeys.mu.Unlock()
|
||||
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: REQPublicKeysToNode : json unmarshal failed: %v, message: %v", err, message)
|
||||
er := fmt.Errorf("error: REQKeysDeliverUpdate : json unmarshal failed: %v, message: %v", err, message)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
}
|
||||
|
||||
|
@ -202,7 +202,7 @@ func (m methodREQPublicKeysToNode) handler(proc process, message Message, node s
|
|||
|
||||
err = proc.nodeAuth.publicKeys.saveToFile()
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: REQPublicKeysToNode : save to file failed: %v, message: %v", err, message)
|
||||
er := fmt.Errorf("error: REQKeysDeliverUpdate : save to file failed: %v, message: %v", err, message)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
}
|
||||
|
||||
|
@ -221,11 +221,11 @@ func (m methodREQPublicKeysToNode) handler(proc process, message Message, node s
|
|||
|
||||
// TODO: We should also add a request method methodREQPublicKeysRevoke
|
||||
|
||||
type methodREQPublicKeysAllow struct {
|
||||
type methodREQKeysAllow struct {
|
||||
event Event
|
||||
}
|
||||
|
||||
func (m methodREQPublicKeysAllow) getKind() Event {
|
||||
func (m methodREQKeysAllow) getKind() Event {
|
||||
return m.event
|
||||
}
|
||||
|
||||
|
@ -234,7 +234,7 @@ func (m methodREQPublicKeysAllow) getKind() Event {
|
|||
// are recived on the central server they will be put into a temp key
|
||||
// map, and we need to acknowledge them before they are moved into the
|
||||
// main key map, and then allowed to be sent out to other nodes.
|
||||
func (m methodREQPublicKeysAllow) handler(proc process, message Message, node string) ([]byte, error) {
|
||||
func (m methodREQKeysAllow) handler(proc process, message Message, node string) ([]byte, error) {
|
||||
// Get a context with the timeout specified in message.MethodTimeout.
|
||||
ctx, _ := getContextForMethodTimeout(proc.ctx, message)
|
||||
|
||||
|
@ -280,7 +280,7 @@ func (m methodREQPublicKeysAllow) handler(proc process, message Message, node st
|
|||
// Delete the key from the NotAcked map
|
||||
delete(proc.centralAuth.pki.nodeNotAckedPublicKeys.KeyMap, Node(n))
|
||||
|
||||
er := fmt.Errorf("info: REQPublicKeysAllow : allowed new/updated public key for %v to allowed public key map", n)
|
||||
er := fmt.Errorf("info: REQKeysAllow : allowed new/updated public key for %v to allowed public key map", n)
|
||||
proc.errorKernel.infoSend(proc, message, er)
|
||||
}
|
||||
}
|
||||
|
@ -319,7 +319,7 @@ func (m methodREQPublicKeysAllow) handler(proc process, message Message, node st
|
|||
|
||||
b, err := cbor.Marshal(sortedNodesAndKeys)
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: methodREQPublicKeysAllow, failed to marshal slice, and will not update hash for public keys: %v", err)
|
||||
er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal slice, and will not update hash for public keys: %v", err)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
log.Printf(" * DEBUG: %v\n", er)
|
||||
|
||||
|
@ -333,7 +333,7 @@ func (m methodREQPublicKeysAllow) handler(proc process, message Message, node st
|
|||
// Store the key to the db for persistence.
|
||||
proc.centralAuth.pki.dbUpdateHash(hash[:])
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: methodREQPublicKeysAllow, failed to store the hash into the db: %v", err)
|
||||
er := fmt.Errorf("error: methodREQKeysAllow, failed to store the hash into the db: %v", err)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
log.Printf(" * DEBUG: %v\n", er)
|
||||
|
||||
|
|
|
@ -372,7 +372,7 @@ func (r *ringBuffer) processBufferMessages(ctx context.Context, outCh chan samDB
|
|||
//r.permStore <- fmt.Sprintf("%v\n", str)
|
||||
|
||||
// NB: Removed this one since it creates a data race with the storing of the hash value in
|
||||
// the methodREQPublicKeysToNode. Sorted by splitting up the sprint below with the sprint
|
||||
// the methodREQKeysDeliverUpdate. Sorted by splitting up the sprint below with the sprint
|
||||
// above for now, but should investigate further what might be the case here, since the
|
||||
// message have no reference to the proc and should in theory not create a race.
|
||||
//
|
||||
|
|
Loading…
Add table
Reference in a new issue