1
0
Fork 0
mirror of https://github.com/postmannen/ctrl.git synced 2025-01-05 20:09:16 +00:00

changed name for keys requests

This commit is contained in:
postmannen 2022-05-24 07:21:48 +02:00
parent 912e2879ff
commit 041d59be22
6 changed files with 99 additions and 99 deletions

View file

@ -822,7 +822,7 @@ For storing the keys on the central server two databases are involved.
1. Steward nodes will request key updates by sending a message to the central server with the **REQGetKeys** method on a timed interval. The hash of the current keys on a node will be put as the payload of the message.
2. On the Central server the received hash will be compared with the current hash on the central server. If the hashes are equal nothing will be done, and no reply message will be sent back to the end node.
3. If the hashes are not equal a reply message of type **REQPublicKeysToNode** will be sent back to the end node with a copy of the acknowledged public keys database and a hash of those keys.
3. If the hashes are not equal a reply message of type **REQKeysDeliverUpdate** will be sent back to the end node with a copy of the acknowledged public keys database and a hash of those keys.
4. The end node will then update it's local key database.
NB: The update process is initiated by the end nodes on a timed interval. No key updates are initiaded from the central server.

View file

@ -90,9 +90,9 @@ type Configuration struct {
// Make the current node send hello messages to central at given interval in seconds
StartPubREQHello int
// Publisher for asking central for public keys
StartPubREQPublicKeysGet bool
StartPubREQKeysRequestUpdate bool
// Subscriber for receiving updates of public keys from central
StartSubREQPublicKeysToNode bool
StartSubREQKeysDeliverUpdate bool
// Start the central error logger.
StartSubREQErrorLog bool
// Subscriber for hello messages
@ -166,25 +166,25 @@ type ConfigurationFromFile struct {
IsCentralAuth *bool
EnableDebug *bool
StartPubREQHello *int
StartPubREQPublicKeysGet *bool
StartSubREQPublicKeysToNode *bool
StartSubREQErrorLog *bool
StartSubREQHello *bool
StartSubREQToFileAppend *bool
StartSubREQToFile *bool
StartSubREQToFileNACK *bool
StartSubREQCopyFileFrom *bool
StartSubREQCopyFileTo *bool
StartSubREQPing *bool
StartSubREQPong *bool
StartSubREQCliCommand *bool
StartSubREQToConsole *bool
StartSubREQHttpGet *bool
StartSubREQHttpGetScheduled *bool
StartSubREQTailFile *bool
StartSubREQCliCommandCont *bool
StartSubREQRelay *bool
StartPubREQHello *int
StartPubREQKeysRequestUpdate *bool
StartSubREQKeysDeliverUpdate *bool
StartSubREQErrorLog *bool
StartSubREQHello *bool
StartSubREQToFileAppend *bool
StartSubREQToFile *bool
StartSubREQToFileNACK *bool
StartSubREQCopyFileFrom *bool
StartSubREQCopyFileTo *bool
StartSubREQPing *bool
StartSubREQPong *bool
StartSubREQCliCommand *bool
StartSubREQToConsole *bool
StartSubREQHttpGet *bool
StartSubREQHttpGetScheduled *bool
StartSubREQTailFile *bool
StartSubREQCliCommandCont *bool
StartSubREQRelay *bool
}
// NewConfiguration will return a *Configuration.
@ -230,25 +230,25 @@ func newConfigurationDefaults() Configuration {
IsCentralAuth: false,
EnableDebug: false,
StartPubREQHello: 30,
StartPubREQPublicKeysGet: true,
StartSubREQPublicKeysToNode: true,
StartSubREQErrorLog: false,
StartSubREQHello: true,
StartSubREQToFileAppend: true,
StartSubREQToFile: true,
StartSubREQToFileNACK: true,
StartSubREQCopyFileFrom: true,
StartSubREQCopyFileTo: true,
StartSubREQPing: true,
StartSubREQPong: true,
StartSubREQCliCommand: true,
StartSubREQToConsole: true,
StartSubREQHttpGet: true,
StartSubREQHttpGetScheduled: true,
StartSubREQTailFile: true,
StartSubREQCliCommandCont: true,
StartSubREQRelay: false,
StartPubREQHello: 30,
StartPubREQKeysRequestUpdate: true,
StartSubREQKeysDeliverUpdate: true,
StartSubREQErrorLog: false,
StartSubREQHello: true,
StartSubREQToFileAppend: true,
StartSubREQToFile: true,
StartSubREQToFileNACK: true,
StartSubREQCopyFileFrom: true,
StartSubREQCopyFileTo: true,
StartSubREQPing: true,
StartSubREQPong: true,
StartSubREQCliCommand: true,
StartSubREQToConsole: true,
StartSubREQHttpGet: true,
StartSubREQHttpGetScheduled: true,
StartSubREQTailFile: true,
StartSubREQCliCommandCont: true,
StartSubREQRelay: false,
}
return c
}
@ -432,15 +432,15 @@ func checkConfigValues(cf ConfigurationFromFile) Configuration {
} else {
conf.StartPubREQHello = *cf.StartPubREQHello
}
if cf.StartPubREQPublicKeysGet == nil {
conf.StartPubREQPublicKeysGet = cd.StartPubREQPublicKeysGet
if cf.StartPubREQKeysRequestUpdate == nil {
conf.StartPubREQKeysRequestUpdate = cd.StartPubREQKeysRequestUpdate
} else {
conf.StartPubREQPublicKeysGet = *cf.StartPubREQPublicKeysGet
conf.StartPubREQKeysRequestUpdate = *cf.StartPubREQKeysRequestUpdate
}
if cf.StartSubREQPublicKeysToNode == nil {
conf.StartSubREQPublicKeysToNode = cd.StartSubREQPublicKeysToNode
if cf.StartSubREQKeysDeliverUpdate == nil {
conf.StartSubREQKeysDeliverUpdate = cd.StartSubREQKeysDeliverUpdate
} else {
conf.StartSubREQPublicKeysToNode = *cf.StartSubREQPublicKeysToNode
conf.StartSubREQKeysDeliverUpdate = *cf.StartSubREQKeysDeliverUpdate
}
if cf.StartSubREQErrorLog == nil {
conf.StartSubREQErrorLog = cd.StartSubREQErrorLog
@ -590,8 +590,8 @@ func (c *Configuration) CheckFlags() error {
flag.IntVar(&c.StartPubREQHello, "startPubREQHello", fc.StartPubREQHello, "Make the current node send hello messages to central at given interval in seconds")
flag.BoolVar(&c.StartPubREQPublicKeysGet, "startPubREQPublicKeysGet", fc.StartPubREQPublicKeysGet, "true/false")
flag.BoolVar(&c.StartSubREQPublicKeysToNode, "startSubREQPublicKeysToNode", fc.StartSubREQPublicKeysToNode, "true/false")
flag.BoolVar(&c.StartPubREQKeysRequestUpdate, "startPubREQKeysRequestUpdate", fc.StartPubREQKeysRequestUpdate, "true/false")
flag.BoolVar(&c.StartSubREQKeysDeliverUpdate, "startSubREQKeysDeliverUpdate", fc.StartSubREQKeysDeliverUpdate, "true/false")
flag.BoolVar(&c.StartSubREQErrorLog, "startSubREQErrorLog", fc.StartSubREQErrorLog, "true/false")
flag.BoolVar(&c.StartSubREQHello, "startSubREQHello", fc.StartSubREQHello, "true/false")
flag.BoolVar(&c.StartSubREQToFileAppend, "startSubREQToFileAppend", fc.StartSubREQToFileAppend, "true/false")

View file

@ -173,13 +173,13 @@ func (p *processes) Start(proc process) {
proc.startup.pubREQHello(proc)
}
if proc.configuration.StartPubREQPublicKeysGet {
proc.startup.pubREQPublicKeysGet(proc)
if proc.configuration.StartPubREQKeysRequestUpdate {
proc.startup.pubREQKeysRequestUpdate(proc)
}
if proc.configuration.IsCentralAuth {
proc.startup.subREQPublicKeysGet(proc)
proc.startup.subREQPublicKeysAllow(proc)
proc.startup.subREQKeysRequestUpdate(proc)
proc.startup.subREQKeysAllow(proc)
proc.startup.subREQAclAddCommand(proc)
proc.startup.subREQAclDeleteCommand(proc)
proc.startup.subREQAclDeleteSource(proc)
@ -193,8 +193,8 @@ func (p *processes) Start(proc process) {
proc.startup.subREQAclImport(proc)
}
if proc.configuration.StartSubREQPublicKeysToNode {
proc.startup.subREQPublicKeysToNode(proc)
if proc.configuration.StartSubREQKeysDeliverUpdate {
proc.startup.subREQKeysDeliverUpdate(proc)
}
if proc.configuration.StartSubREQHttpGet {
@ -317,13 +317,13 @@ func (s startup) pubREQHello(p process) {
go proc.spawnWorker()
}
// pubREQPublicKeysGet defines the startup of a publisher that will send REQPublicKeysGet
// pubREQKeysRequestUpdate defines the startup of a publisher that will send REQREQKeysRequestUpdate
// to central server and ask for publics keys, and to get them deliver back with a request
// of type pubREQPublicKeysToNode.
func (s startup) pubREQPublicKeysGet(p process) {
// of type pubREQKeysDeliverUpdate.
func (s startup) pubREQKeysRequestUpdate(p process) {
log.Printf("Starting PublicKeysGet Publisher: %#v\n", p.node)
sub := newSubject(REQPublicKeysGet, p.configuration.CentralNodeName)
sub := newSubject(REQKeysRequestUpdate, p.configuration.CentralNodeName)
proc := newProcess(p.ctx, s.server, sub, processKindPublisher, nil)
// Define the procFunc to be used for the process.
@ -336,7 +336,7 @@ func (s startup) pubREQPublicKeysGet(p process) {
// and update with new keys back.
proc.nodeAuth.publicKeys.mu.Lock()
fmt.Printf("\n ----> REQPublicKeysGet: sending our current hash: %v\n\n", []byte(proc.nodeAuth.publicKeys.keysAndHash.Hash[:]))
fmt.Printf("\n ----> REQKeysRequestUpdate: sending our current hash: %v\n\n", []byte(proc.nodeAuth.publicKeys.keysAndHash.Hash[:]))
m := Message{
FileName: "publickeysget.log",
@ -344,8 +344,8 @@ func (s startup) pubREQPublicKeysGet(p process) {
ToNode: Node(p.configuration.CentralNodeName),
FromNode: Node(p.node),
Data: []byte(proc.nodeAuth.publicKeys.keysAndHash.Hash[:]),
Method: REQPublicKeysGet,
ReplyMethod: REQPublicKeysToNode,
Method: REQKeysRequestUpdate,
ReplyMethod: REQKeysDeliverUpdate,
ACKTimeout: proc.configuration.DefaultMessageTimeout,
Retries: 1,
}
@ -372,23 +372,23 @@ func (s startup) pubREQPublicKeysGet(p process) {
go proc.spawnWorker()
}
func (s startup) subREQPublicKeysGet(p process) {
log.Printf("Starting Public keys get subscriber: %#v\n", p.node)
sub := newSubject(REQPublicKeysGet, string(p.node))
func (s startup) subREQKeysRequestUpdate(p process) {
log.Printf("Starting Public keys request update subscriber: %#v\n", p.node)
sub := newSubject(REQKeysRequestUpdate, string(p.node))
proc := newProcess(p.ctx, s.server, sub, processKindSubscriber, nil)
go proc.spawnWorker()
}
func (s startup) subREQPublicKeysAllow(p process) {
func (s startup) subREQKeysAllow(p process) {
log.Printf("Starting Public keys allow subscriber: %#v\n", p.node)
sub := newSubject(REQPublicKeysAllow, string(p.node))
sub := newSubject(REQKeysAllow, string(p.node))
proc := newProcess(p.ctx, s.server, sub, processKindSubscriber, nil)
go proc.spawnWorker()
}
func (s startup) subREQPublicKeysToNode(p process) {
func (s startup) subREQKeysDeliverUpdate(p process) {
log.Printf("Starting Public keys to Node subscriber: %#v\n", p.node)
sub := newSubject(REQPublicKeysToNode, string(p.node))
sub := newSubject(REQKeysDeliverUpdate, string(p.node))
proc := newProcess(p.ctx, s.server, sub, processKindSubscriber, nil)
go proc.spawnWorker()
}

View file

@ -124,12 +124,12 @@ const (
// REQPublicKey will get the public ed25519 key from a node.
REQPublicKey Method = "REQPublicKey"
// REQPublicKeysGet will get all the public keys from central.
REQPublicKeysGet Method = "REQPublicKeysGet"
// REQPublicKeysToNode will put all the public received from central.
REQPublicKeysToNode Method = "REQPublicKeysToNode"
// REQAuthPublicKeysAllow
REQPublicKeysAllow Method = "REQPublicKeysAllow"
// REQKeysRequestUpdate will get all the public keys from central.
REQKeysRequestUpdate Method = "REQKeysRequestUpdate"
// REQKeysDeliverUpdate will deliver the public from central to a node.
REQKeysDeliverUpdate Method = "REQKeysDeliverUpdate"
// REQKeysAllow
REQKeysAllow Method = "REQKeysAllow"
// REQAclAddCommand
REQAclAddCommand = "REQAclAddCommand"
@ -239,13 +239,13 @@ func (m Method) GetMethodsAvailable() MethodsAvailable {
REQPublicKey: methodREQPublicKey{
event: EventACK,
},
REQPublicKeysGet: methodREQPublicKeysGet{
REQKeysRequestUpdate: methodREQKeysRequestUpdate{
event: EventNACK,
},
REQPublicKeysToNode: methodREQPublicKeysToNode{
REQKeysDeliverUpdate: methodREQKeysDeliverUpdate{
event: EventNACK,
},
REQPublicKeysAllow: methodREQPublicKeysAllow{
REQKeysAllow: methodREQKeysAllow{
event: EventACK,
},
REQAclAddCommand: methodREQAclAddCommand{

View file

@ -60,16 +60,16 @@ func (m methodREQPublicKey) handler(proc process, message Message, node string)
// ----
type methodREQPublicKeysGet struct {
type methodREQKeysRequestUpdate struct {
event Event
}
func (m methodREQPublicKeysGet) getKind() Event {
func (m methodREQKeysRequestUpdate) getKind() Event {
return m.event
}
// Handler to get all the public ed25519 keys from a central server.
func (m methodREQPublicKeysGet) handler(proc process, message Message, node string) ([]byte, error) {
func (m methodREQKeysRequestUpdate) handler(proc process, message Message, node string) ([]byte, error) {
// Get a context with the timeout specified in message.MethodTimeout.
// TODO:
@ -113,7 +113,7 @@ func (m methodREQPublicKeysGet) handler(proc process, message Message, node stri
// it with the current one for the KeyMap, and know if we need to send
// and update back to the node who published the request to here.
fmt.Printf(" <---- methodREQPublicKeysGet: received hash from NODE=%v, HASH=%v\n", message.FromNode, message.Data)
fmt.Printf(" <---- methodREQKeysRequestUpdate: received hash from NODE=%v, HASH=%v\n", message.FromNode, message.Data)
// Check if the received hash is the same as the one currently active,
if bytes.Equal(proc.centralAuth.pki.nodesAcked.keysAndHash.Hash[:], message.Data) {
@ -123,15 +123,15 @@ func (m methodREQPublicKeysGet) handler(proc process, message Message, node stri
fmt.Printf("\n ------------ NODE AND CENTRAL WERE NOT EQUAL, PREPARING TO SEND NEW VERSION OF KEYS\n\n")
fmt.Printf(" * methodREQPublicKeysGet: marshalling new keys and hash to send: map=%v, hash=%v\n\n", proc.centralAuth.pki.nodesAcked.keysAndHash.Keys, proc.centralAuth.pki.nodesAcked.keysAndHash.Hash)
fmt.Printf(" * methodREQKeysRequestUpdate: marshalling new keys and hash to send: map=%v, hash=%v\n\n", proc.centralAuth.pki.nodesAcked.keysAndHash.Keys, proc.centralAuth.pki.nodesAcked.keysAndHash.Hash)
b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
if err != nil {
er := fmt.Errorf("error: REQPublicKeysGet, failed to marshal keys map: %v", err)
er := fmt.Errorf("error: methodREQKeysRequestUpdate, failed to marshal keys map: %v", err)
proc.errorKernel.errSend(proc, message, er)
}
fmt.Printf("\n ----> methodREQPublicKeysGet: SENDING KEYS TO NODE=%v\n", message.FromNode)
fmt.Printf("\n ----> methodREQKeysRequestUpdate: SENDING KEYS TO NODE=%v\n", message.FromNode)
newReplyMessage(proc, message, b)
}()
}
@ -143,16 +143,16 @@ func (m methodREQPublicKeysGet) handler(proc process, message Message, node stri
// ----
type methodREQPublicKeysToNode struct {
type methodREQKeysDeliverUpdate struct {
event Event
}
func (m methodREQPublicKeysToNode) getKind() Event {
func (m methodREQKeysDeliverUpdate) getKind() Event {
return m.event
}
// Handler to put the public key replies received from a central server.
func (m methodREQPublicKeysToNode) handler(proc process, message Message, node string) ([]byte, error) {
// Handler to receive the public keys from a central server.
func (m methodREQKeysDeliverUpdate) handler(proc process, message Message, node string) ([]byte, error) {
// Get a context with the timeout specified in message.MethodTimeout.
// TODO:
@ -186,12 +186,12 @@ func (m methodREQPublicKeysToNode) handler(proc process, message Message, node s
proc.nodeAuth.publicKeys.mu.Lock()
err := json.Unmarshal(message.Data, proc.nodeAuth.publicKeys.keysAndHash)
fmt.Printf("\n <---- REQPublicKeysToNode: after unmarshal, nodeAuth keysAndhash contains: %+v\n\n", proc.nodeAuth.publicKeys.keysAndHash)
fmt.Printf("\n <---- REQKeysDeliverUpdate: after unmarshal, nodeAuth keysAndhash contains: %+v\n\n", proc.nodeAuth.publicKeys.keysAndHash)
proc.nodeAuth.publicKeys.mu.Unlock()
if err != nil {
er := fmt.Errorf("error: REQPublicKeysToNode : json unmarshal failed: %v, message: %v", err, message)
er := fmt.Errorf("error: REQKeysDeliverUpdate : json unmarshal failed: %v, message: %v", err, message)
proc.errorKernel.errSend(proc, message, er)
}
@ -202,7 +202,7 @@ func (m methodREQPublicKeysToNode) handler(proc process, message Message, node s
err = proc.nodeAuth.publicKeys.saveToFile()
if err != nil {
er := fmt.Errorf("error: REQPublicKeysToNode : save to file failed: %v, message: %v", err, message)
er := fmt.Errorf("error: REQKeysDeliverUpdate : save to file failed: %v, message: %v", err, message)
proc.errorKernel.errSend(proc, message, er)
}
@ -221,11 +221,11 @@ func (m methodREQPublicKeysToNode) handler(proc process, message Message, node s
// TODO: We should also add a request method methodREQPublicKeysRevoke
type methodREQPublicKeysAllow struct {
type methodREQKeysAllow struct {
event Event
}
func (m methodREQPublicKeysAllow) getKind() Event {
func (m methodREQKeysAllow) getKind() Event {
return m.event
}
@ -234,7 +234,7 @@ func (m methodREQPublicKeysAllow) getKind() Event {
// are recived on the central server they will be put into a temp key
// map, and we need to acknowledge them before they are moved into the
// main key map, and then allowed to be sent out to other nodes.
func (m methodREQPublicKeysAllow) handler(proc process, message Message, node string) ([]byte, error) {
func (m methodREQKeysAllow) handler(proc process, message Message, node string) ([]byte, error) {
// Get a context with the timeout specified in message.MethodTimeout.
ctx, _ := getContextForMethodTimeout(proc.ctx, message)
@ -280,7 +280,7 @@ func (m methodREQPublicKeysAllow) handler(proc process, message Message, node st
// Delete the key from the NotAcked map
delete(proc.centralAuth.pki.nodeNotAckedPublicKeys.KeyMap, Node(n))
er := fmt.Errorf("info: REQPublicKeysAllow : allowed new/updated public key for %v to allowed public key map", n)
er := fmt.Errorf("info: REQKeysAllow : allowed new/updated public key for %v to allowed public key map", n)
proc.errorKernel.infoSend(proc, message, er)
}
}
@ -319,7 +319,7 @@ func (m methodREQPublicKeysAllow) handler(proc process, message Message, node st
b, err := cbor.Marshal(sortedNodesAndKeys)
if err != nil {
er := fmt.Errorf("error: methodREQPublicKeysAllow, failed to marshal slice, and will not update hash for public keys: %v", err)
er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal slice, and will not update hash for public keys: %v", err)
proc.errorKernel.errSend(proc, message, er)
log.Printf(" * DEBUG: %v\n", er)
@ -333,7 +333,7 @@ func (m methodREQPublicKeysAllow) handler(proc process, message Message, node st
// Store the key to the db for persistence.
proc.centralAuth.pki.dbUpdateHash(hash[:])
if err != nil {
er := fmt.Errorf("error: methodREQPublicKeysAllow, failed to store the hash into the db: %v", err)
er := fmt.Errorf("error: methodREQKeysAllow, failed to store the hash into the db: %v", err)
proc.errorKernel.errSend(proc, message, er)
log.Printf(" * DEBUG: %v\n", er)

View file

@ -372,7 +372,7 @@ func (r *ringBuffer) processBufferMessages(ctx context.Context, outCh chan samDB
//r.permStore <- fmt.Sprintf("%v\n", str)
// NB: Removed this one since it creates a data race with the storing of the hash value in
// the methodREQPublicKeysToNode. Sorted by splitting up the sprint below with the sprint
// the methodREQKeysDeliverUpdate. Sorted by splitting up the sprint below with the sprint
// above for now, but should investigate further what might be the case here, since the
// message have no reference to the proc and should in theory not create a race.
//