mirrors/ctrl
mirrors/ctrl
1
0
Fork 0
mirror of https://github.com/postmannen/ctrl.git synced 2024-12-14 12:37:31 +00:00
Code Activity

updated comments

Browse source
This commit is contained in:
postmannen 2022-06-22 14:32:58 +02:00
parent 433541fcc1
commit b3bb2e44a1
10 changed files with 21 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -641,7 +641,7 @@ An example could be that you send a `REQCliCommand` message to some node, and yo
This is a method that can be used to get the data of the message printed to console where Steward is running.
Default is to print to **stdout**, but printing to **stderr** can be done by setting the value of **methodArgs** to `"methodArgs": ["stderr"]`.
Default is to print to **stdout**, but printing to **stderr** can be done by setting the value of **methodArgs** to `"methodArgs": ["stderr"]`.
If used as a **replyMethod** set the **replyMethodArgs** `"replyMethodArgs": ["stderr"],`.
@ -1415,6 +1415,12 @@ StartSubREQCliCommandCont bool
ToNode Node `json:"toNode" yaml:"toNode"`
// ToNodes to specify several hosts to send message to in the
// form of an slice/array.
// The ToNodes field is only a concept that exists when messages
// are injected f.ex. on a socket, and there they are directly
//converted into separate node messages for each node, and from
// there the ToNodes field is not used any more within the system.
// With other words, a message that exists within Steward is always
// for just for a single node.
ToNodes []Node `json:"toNodes,omitempty" yaml:"toNodes,omitempty"`
// The actual data in the message. This is typically where we
// specify the cli commands to execute on a node, and this is

6
doc/concept/auth/auth.md
View file

@ -73,10 +73,6 @@ On the CentralAuth we need a service to verify that updating the currently store
Public Keys should only be pushed to nodes that will receive message from source node of the public key.
#### Service for key rotation
TODO
### Auth handling and storage
#### Request for operators to add authorizations for nodes
@ -118,5 +114,3 @@ Public Keys vs nodes should be implemented as a map, map `node -> publicKey`, an
Flag to turn on/off signature verification for all request types.
### Verification of MethodArgs Signature against ACL
TODO

29
errorkernel.go
View file

@ -190,35 +190,6 @@ func (e *errorKernel) logConsoleOnlyIfDebug(err error, c *Configuration) {
}
}
// // TODO: Needs more work.
// //
// // errWithAction
// //
// // Will prepare an errorEvent to send to the errorKernel that
// // contains a channel of type errorAction.
// // The errorActionCh are returned from the function and are used
// // to create a channel between where this function is called and
// // the go routine started in the errorKernel. From where the
// // function was called we can read the channel for a response
// // given from the errorKernel, and then decide what to do based
// // on the errorAction value.
// func (e *errorKernel) errWithAction(proc process, msg Message, err error) chan errorAction {
// // Create the channel where to receive what action to do.
// errActionCh := make(chan errorAction)
//
// ev := errorEvent{
// err: err,
// errorType: errTypeWithAction,
// process: proc,
// message: msg,
// errorActionCh: errActionCh,
// }
//
// e.errorCh <- ev
//
// return errActionCh
// }
// errorAction is used to tell the process who sent the error
// what it shall do. The process who sends the error will
// have to block and wait for the response on the errorActionCh.

6
message_and_subject.go
View file

@ -14,6 +14,12 @@ type Message struct {
ToNode Node `json:"toNode" yaml:"toNode"`
// ToNodes to specify several hosts to send message to in the
// form of an slice/array.
// The ToNodes field is only a concept that exists when messages
// are injected f.ex. on a socket, and there they are directly
//converted into separate node messages for each node, and from
// there the ToNodes field is not used any more within the system.
// With other words, a message that exists within Steward is always
// for just for a single node.
ToNodes []Node `json:"toNodes,omitempty" yaml:"toNodes,omitempty"`
// The Unique ID of the message
ID int `json:"id" yaml:"id"`

1
node_auth.go
View file

@ -136,7 +136,6 @@ func (n *nodeAcl) loadFromFile() error {
// saveToFile will save the acl to file for persistent storage.
// An error is returned if it fails.
// TODO: HERE: not saving deleted wildcard map entry for some reason!
func (n *nodeAcl) saveToFile() error {
fh, err := os.OpenFile(n.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {

6
processes.go
View file

@ -338,7 +338,7 @@ func (s startup) pubREQKeysRequestUpdate(p process) {
ticker := time.NewTicker(time.Second * time.Duration(p.configuration.REQKeysRequestUpdateInterval))
for {
// TODO: We could send with the hash of the currently stored keys,
// Send a message with the hash of the currently stored keys,
// so we would know on the subscriber at central if it should send
// and update with new keys back.
@ -394,8 +394,8 @@ func (s startup) pubREQAclRequestUpdate(p process) {
ticker := time.NewTicker(time.Second * time.Duration(p.configuration.REQAclRequestUpdateInterval))
for {
// TODO: We could send with the hash of the currently stored hash,
// so we would know on the subscriber at central if it should send
// Send a message with the hash of the currently stored acl's,
// so we would know for the subscriber at central if it should send
// and update with new keys back.
proc.nodeAuth.nodeAcl.mu.Lock()

6
requests.go
View file

@ -454,7 +454,11 @@ func newReplyMessage(proc process, message Message, outData []byte) {
// ringbuffer to be published.
// TODO: Check that we still got all the fields present that are needed here.
newMsg := Message{
ToNode: message.FromNode,
ToNode: message.FromNode,
// The ToNodes field is not needed since it only a concept that exists when messages
// are injected f.ex. on a socket, and there they are directly converted into separate
// node messages. With other words a message in the system are only for single nodes,
// so we don't have to worry about the ToNodes field when creating reply messages.
FromNode: message.ToNode,
Data: outData,
Method: message.ReplyMethod,

13
requests_acl.go
View file

@ -53,16 +53,6 @@ func (m methodREQAclRequestUpdate) handler(proc process, message Message, node s
proc.centralAuth.accessLists.schemaGenerated.mu.Lock()
defer proc.centralAuth.accessLists.schemaGenerated.mu.Unlock()
// DEBUGGING:
//{
// proc.centralAuth.accessLists.schemaMain.mu.Lock()
// fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaGenerated contains: %v\n\n", proc.centralAuth.accessLists.schemaGenerated)
// fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaMain contains: %v\n\n", proc.centralAuth.accessLists.schemaMain)
// proc.centralAuth.accessLists.schemaMain.mu.Unlock()
//
// // TODO: PROBLEM: The existing generated acl's are not loaded when starting, or not stored at all.
//}
log.Printf(" ---- subscriber methodREQAclRequestUpdate: got acl hash from NODE=%v, HASH data =%v\n", message.FromNode, message.Data)
// Check if the received hash is the same as the one currently active,
@ -879,9 +869,6 @@ func (m methodREQAclExport) handler(proc process, message Message, node string)
// ---
// TODO: IMPORTANT: We also need to add importing and exporting of the groups to the
// import and export methods.
type methodREQAclImport struct {
event Event
}

9
requests_keys.go
View file

@ -88,8 +88,6 @@ func (m methodREQKeysRequestUpdate) handler(proc process, message Message, node
// structure is the same as the other handlers.
select {
case <-ctx.Done():
// TODO: Should we receive a hash of he current keys from the node here
// to verify if we need to update or not ?
case outCh <- []byte{}:
}
}()
@ -164,7 +162,6 @@ func (m methodREQKeysDeliverUpdate) handler(proc process, message Message, node
// structure is the same as the other handlers.
select {
case <-ctx.Done():
// TODO: Should we receive a hash of he current keys from the node here ?
case outCh <- []byte{}:
}
}()
@ -223,8 +220,6 @@ func (m methodREQKeysDeliverUpdate) handler(proc process, message Message, node
// ----
// TODO: We should also add a request method methodREQPublicKeysRevoke
type methodREQKeysAllow struct {
event Event
}
@ -293,10 +288,6 @@ func (m methodREQKeysAllow) handler(proc process, message Message, node string)
// representing the current keys in the allowed map.
proc.centralAuth.updateHash(proc, message)
// TODO: FAILS: The push keys updates when change fails with that the
// subscriber gets stuck. Need to look more into this later.
// Disabling for now since the node will update at the timed interval.
//
// If new keys were allowed into the main map, we should send out one
// single update to all the registered nodes to inform of an update.
// NB: If a node is not reachable at the time the update is sent it is

2
server.go
View file

@ -448,8 +448,6 @@ func (s *server) routeMessagesToProcess(dbFileName string) {
// Signal back to the ringbuffer that message have been picked up.
samDBVal.delivered()
// TODO HERE!: The message will be dropped here since the method for copy uid does not exist
sam := samDBVal.samDBValue.Data
// Check if the format of the message is correct.
if _, ok := methodsAvailable.CheckIfExists(sam.Message.Method); !ok {