From 49b558f371d5f2b7da3bc3028c823f316b3abd16 Mon Sep 17 00:00:00 2001 From: postmannen Date: Wed, 1 Jun 2022 14:30:30 +0200 Subject: [PATCH] wildcard matching hosts initially implemented, and seems to work --- central_auth_acl_handling.go | 17 +++++++++++++++-- central_auth_parser.go | 2 +- node_auth.go | 3 ++- requests_acl.go | 13 ++++++++----- 4 files changed, 26 insertions(+), 9 deletions(-) diff --git a/central_auth_acl_handling.go b/central_auth_acl_handling.go index 7bc5137..3949b02 100644 --- a/central_auth_acl_handling.go +++ b/central_auth_acl_handling.go @@ -156,13 +156,26 @@ func (a *accessLists) nodeAsSlice(n Node) []Node { // Check if we are given a nodeGroup variable, and if we are, get all the // nodes for that group. - if strings.HasPrefix(string(n), "grp_nodes_") { + switch { + case strings.HasPrefix(string(n), "grp_nodes_"): for nd := range a.schemaMain.NodeGroupMap[nodeGroup(n)] { nodes = append(nodes, nd) } - } else { + + case string(n) == "*": + func() { + a.pki.nodesAcked.mu.Lock() + defer a.pki.nodesAcked.mu.Unlock() + + for nd := range a.pki.nodesAcked.keysAndHash.Keys { + nodes = append(nodes, nd) + } + }() + + default: // No group found meaning a single node was given as an argument. nodes = []Node{n} + } return nodes diff --git a/central_auth_parser.go b/central_auth_parser.go index ba61d31..2997bc2 100644 --- a/central_auth_parser.go +++ b/central_auth_parser.go @@ -37,7 +37,7 @@ func (a *authParser) parse() { // hostGroupOrSingle checks if host grp or single node. func (a *authParser) hostGroupOrSingle() parseFn { switch { - case strings.HasPrefix(string(a.currentHost), "grp_nodes_"): + case strings.HasPrefix(string(a.currentHost), "grp_nodes_") || a.currentHost == "*": // Is group return a.hostIsGroup default: diff --git a/node_auth.go b/node_auth.go index 74cce1a..4406916 100644 --- a/node_auth.go +++ b/node_auth.go @@ -88,7 +88,7 @@ type nodeAcl struct { func newNodeAcl(c *Configuration) *nodeAcl { n := nodeAcl{ aclAndHash: newAclAndHash(), - filePath: filepath.Join(c.DatabaseFolder, "acl.txt"), + filePath: filepath.Join(c.DatabaseFolder, "node_aclmap.txt"), } err := n.loadFromFile() @@ -136,6 +136,7 @@ func (n *nodeAcl) loadFromFile() error { // saveToFile will save the acl to file for persistent storage. // An error is returned if it fails. +// TODO: HERE: not saving deleted wildcard map entry for some reason! func (n *nodeAcl) saveToFile() error { fh, err := os.OpenFile(n.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) if err != nil { diff --git a/requests_acl.go b/requests_acl.go index f172cc3..dc7a884 100644 --- a/requests_acl.go +++ b/requests_acl.go @@ -157,12 +157,15 @@ func (m methodREQAclDeliverUpdate) handler(proc process, message Message, node s } mapOfFromNodeCommands := make(map[Node]map[command]struct{}) - err = cbor.Unmarshal(hdh.Data, &mapOfFromNodeCommands) - if err != nil { - er := fmt.Errorf("error: subscriber REQAclDeliverUpdate : json unmarshal failed: %v, message: %v", err, message) - proc.errorKernel.errSend(proc, message, er) - log.Fatalf("\n * DEBUG: ER: %v\n", er) + if len(hdh.Data) != 0 { + err = cbor.Unmarshal(hdh.Data, &mapOfFromNodeCommands) + if err != nil { + er := fmt.Errorf("error: subscriber REQAclDeliverUpdate : cbor unmarshal failed: %v, message: %v", err, message) + proc.errorKernel.errSend(proc, message, er) + log.Fatalf("\n * DEBUG: ER: %v\n", er) + + } } proc.nodeAuth.nodeAcl.aclAndHash.Hash = hdh.Hash