mirror of
https://github.com/postmannen/ctrl.git
synced 2025-01-05 20:09:16 +00:00
updated comments
This commit is contained in:
parent
433541fcc1
commit
b3bb2e44a1
10 changed files with 21 additions and 65 deletions
|
@ -641,7 +641,7 @@ An example could be that you send a `REQCliCommand` message to some node, and yo
|
|||
|
||||
This is a method that can be used to get the data of the message printed to console where Steward is running.
|
||||
|
||||
Default is to print to **stdout**, but printing to **stderr** can be done by setting the value of **methodArgs** to `"methodArgs": ["stderr"]`.
|
||||
Default is to print to **stdout**, but printing to **stderr** can be done by setting the value of **methodArgs** to `"methodArgs": ["stderr"]`.
|
||||
|
||||
If used as a **replyMethod** set the **replyMethodArgs** `"replyMethodArgs": ["stderr"],`.
|
||||
|
||||
|
@ -1415,6 +1415,12 @@ StartSubREQCliCommandCont bool
|
|||
ToNode Node `json:"toNode" yaml:"toNode"`
|
||||
// ToNodes to specify several hosts to send message to in the
|
||||
// form of an slice/array.
|
||||
// The ToNodes field is only a concept that exists when messages
|
||||
// are injected f.ex. on a socket, and there they are directly
|
||||
//converted into separate node messages for each node, and from
|
||||
// there the ToNodes field is not used any more within the system.
|
||||
// With other words, a message that exists within Steward is always
|
||||
// for just for a single node.
|
||||
ToNodes []Node `json:"toNodes,omitempty" yaml:"toNodes,omitempty"`
|
||||
// The actual data in the message. This is typically where we
|
||||
// specify the cli commands to execute on a node, and this is
|
||||
|
|
|
@ -73,10 +73,6 @@ On the CentralAuth we need a service to verify that updating the currently store
|
|||
|
||||
Public Keys should only be pushed to nodes that will receive message from source node of the public key.
|
||||
|
||||
#### Service for key rotation
|
||||
|
||||
TODO
|
||||
|
||||
### Auth handling and storage
|
||||
|
||||
#### Request for operators to add authorizations for nodes
|
||||
|
@ -118,5 +114,3 @@ Public Keys vs nodes should be implemented as a map, map `node -> publicKey`, an
|
|||
Flag to turn on/off signature verification for all request types.
|
||||
|
||||
### Verification of MethodArgs Signature against ACL
|
||||
|
||||
TODO
|
||||
|
|
|
@ -190,35 +190,6 @@ func (e *errorKernel) logConsoleOnlyIfDebug(err error, c *Configuration) {
|
|||
}
|
||||
}
|
||||
|
||||
// // TODO: Needs more work.
|
||||
// //
|
||||
// // errWithAction
|
||||
// //
|
||||
// // Will prepare an errorEvent to send to the errorKernel that
|
||||
// // contains a channel of type errorAction.
|
||||
// // The errorActionCh are returned from the function and are used
|
||||
// // to create a channel between where this function is called and
|
||||
// // the go routine started in the errorKernel. From where the
|
||||
// // function was called we can read the channel for a response
|
||||
// // given from the errorKernel, and then decide what to do based
|
||||
// // on the errorAction value.
|
||||
// func (e *errorKernel) errWithAction(proc process, msg Message, err error) chan errorAction {
|
||||
// // Create the channel where to receive what action to do.
|
||||
// errActionCh := make(chan errorAction)
|
||||
//
|
||||
// ev := errorEvent{
|
||||
// err: err,
|
||||
// errorType: errTypeWithAction,
|
||||
// process: proc,
|
||||
// message: msg,
|
||||
// errorActionCh: errActionCh,
|
||||
// }
|
||||
//
|
||||
// e.errorCh <- ev
|
||||
//
|
||||
// return errActionCh
|
||||
// }
|
||||
|
||||
// errorAction is used to tell the process who sent the error
|
||||
// what it shall do. The process who sends the error will
|
||||
// have to block and wait for the response on the errorActionCh.
|
||||
|
|
|
@ -14,6 +14,12 @@ type Message struct {
|
|||
ToNode Node `json:"toNode" yaml:"toNode"`
|
||||
// ToNodes to specify several hosts to send message to in the
|
||||
// form of an slice/array.
|
||||
// The ToNodes field is only a concept that exists when messages
|
||||
// are injected f.ex. on a socket, and there they are directly
|
||||
//converted into separate node messages for each node, and from
|
||||
// there the ToNodes field is not used any more within the system.
|
||||
// With other words, a message that exists within Steward is always
|
||||
// for just for a single node.
|
||||
ToNodes []Node `json:"toNodes,omitempty" yaml:"toNodes,omitempty"`
|
||||
// The Unique ID of the message
|
||||
ID int `json:"id" yaml:"id"`
|
||||
|
|
|
@ -136,7 +136,6 @@ func (n *nodeAcl) loadFromFile() error {
|
|||
|
||||
// saveToFile will save the acl to file for persistent storage.
|
||||
// An error is returned if it fails.
|
||||
// TODO: HERE: not saving deleted wildcard map entry for some reason!
|
||||
func (n *nodeAcl) saveToFile() error {
|
||||
fh, err := os.OpenFile(n.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
||||
if err != nil {
|
||||
|
|
|
@ -338,7 +338,7 @@ func (s startup) pubREQKeysRequestUpdate(p process) {
|
|||
ticker := time.NewTicker(time.Second * time.Duration(p.configuration.REQKeysRequestUpdateInterval))
|
||||
for {
|
||||
|
||||
// TODO: We could send with the hash of the currently stored keys,
|
||||
// Send a message with the hash of the currently stored keys,
|
||||
// so we would know on the subscriber at central if it should send
|
||||
// and update with new keys back.
|
||||
|
||||
|
@ -394,8 +394,8 @@ func (s startup) pubREQAclRequestUpdate(p process) {
|
|||
ticker := time.NewTicker(time.Second * time.Duration(p.configuration.REQAclRequestUpdateInterval))
|
||||
for {
|
||||
|
||||
// TODO: We could send with the hash of the currently stored hash,
|
||||
// so we would know on the subscriber at central if it should send
|
||||
// Send a message with the hash of the currently stored acl's,
|
||||
// so we would know for the subscriber at central if it should send
|
||||
// and update with new keys back.
|
||||
|
||||
proc.nodeAuth.nodeAcl.mu.Lock()
|
||||
|
|
|
@ -454,7 +454,11 @@ func newReplyMessage(proc process, message Message, outData []byte) {
|
|||
// ringbuffer to be published.
|
||||
// TODO: Check that we still got all the fields present that are needed here.
|
||||
newMsg := Message{
|
||||
ToNode: message.FromNode,
|
||||
ToNode: message.FromNode,
|
||||
// The ToNodes field is not needed since it only a concept that exists when messages
|
||||
// are injected f.ex. on a socket, and there they are directly converted into separate
|
||||
// node messages. With other words a message in the system are only for single nodes,
|
||||
// so we don't have to worry about the ToNodes field when creating reply messages.
|
||||
FromNode: message.ToNode,
|
||||
Data: outData,
|
||||
Method: message.ReplyMethod,
|
||||
|
|
|
@ -53,16 +53,6 @@ func (m methodREQAclRequestUpdate) handler(proc process, message Message, node s
|
|||
proc.centralAuth.accessLists.schemaGenerated.mu.Lock()
|
||||
defer proc.centralAuth.accessLists.schemaGenerated.mu.Unlock()
|
||||
|
||||
// DEBUGGING:
|
||||
//{
|
||||
// proc.centralAuth.accessLists.schemaMain.mu.Lock()
|
||||
// fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaGenerated contains: %v\n\n", proc.centralAuth.accessLists.schemaGenerated)
|
||||
// fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaMain contains: %v\n\n", proc.centralAuth.accessLists.schemaMain)
|
||||
// proc.centralAuth.accessLists.schemaMain.mu.Unlock()
|
||||
//
|
||||
// // TODO: PROBLEM: The existing generated acl's are not loaded when starting, or not stored at all.
|
||||
//}
|
||||
|
||||
log.Printf(" ---- subscriber methodREQAclRequestUpdate: got acl hash from NODE=%v, HASH data =%v\n", message.FromNode, message.Data)
|
||||
|
||||
// Check if the received hash is the same as the one currently active,
|
||||
|
@ -879,9 +869,6 @@ func (m methodREQAclExport) handler(proc process, message Message, node string)
|
|||
|
||||
// ---
|
||||
|
||||
// TODO: IMPORTANT: We also need to add importing and exporting of the groups to the
|
||||
// import and export methods.
|
||||
|
||||
type methodREQAclImport struct {
|
||||
event Event
|
||||
}
|
||||
|
|
|
@ -88,8 +88,6 @@ func (m methodREQKeysRequestUpdate) handler(proc process, message Message, node
|
|||
// structure is the same as the other handlers.
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
// TODO: Should we receive a hash of he current keys from the node here
|
||||
// to verify if we need to update or not ?
|
||||
case outCh <- []byte{}:
|
||||
}
|
||||
}()
|
||||
|
@ -164,7 +162,6 @@ func (m methodREQKeysDeliverUpdate) handler(proc process, message Message, node
|
|||
// structure is the same as the other handlers.
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
// TODO: Should we receive a hash of he current keys from the node here ?
|
||||
case outCh <- []byte{}:
|
||||
}
|
||||
}()
|
||||
|
@ -223,8 +220,6 @@ func (m methodREQKeysDeliverUpdate) handler(proc process, message Message, node
|
|||
|
||||
// ----
|
||||
|
||||
// TODO: We should also add a request method methodREQPublicKeysRevoke
|
||||
|
||||
type methodREQKeysAllow struct {
|
||||
event Event
|
||||
}
|
||||
|
@ -293,10 +288,6 @@ func (m methodREQKeysAllow) handler(proc process, message Message, node string)
|
|||
// representing the current keys in the allowed map.
|
||||
proc.centralAuth.updateHash(proc, message)
|
||||
|
||||
// TODO: FAILS: The push keys updates when change fails with that the
|
||||
// subscriber gets stuck. Need to look more into this later.
|
||||
// Disabling for now since the node will update at the timed interval.
|
||||
//
|
||||
// If new keys were allowed into the main map, we should send out one
|
||||
// single update to all the registered nodes to inform of an update.
|
||||
// NB: If a node is not reachable at the time the update is sent it is
|
||||
|
|
|
@ -448,8 +448,6 @@ func (s *server) routeMessagesToProcess(dbFileName string) {
|
|||
// Signal back to the ringbuffer that message have been picked up.
|
||||
samDBVal.delivered()
|
||||
|
||||
// TODO HERE!: The message will be dropped here since the method for copy uid does not exist
|
||||
|
||||
sam := samDBVal.samDBValue.Data
|
||||
// Check if the format of the message is correct.
|
||||
if _, ok := methodsAvailable.CheckIfExists(sam.Message.Method); !ok {
|
||||
|
|
Loading…
Reference in a new issue