mirrors/ctrl
1
0
Fork 0
mirror of https://github.com/postmannen/ctrl.git synced 2025-03-31 01:24:31 +00:00
Code Activity

cleaning up in keys code

Browse source
This commit is contained in:
postmannen 2025-01-06 14:40:48 +01:00
parent b5561b9e55
commit b93be49ef9
1 changed files with 5 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
process.go
View file

@ -490,13 +490,11 @@ func (p process) callHandler(message Message, thisNode string) {
// Call the handler if ACL/signature checking returns true. // Call the handler if ACL/signature checking returns true.
go func() { go func() {
// ----
conf := p.nodeAuth.configuration conf := p.nodeAuth.configuration
doHandler := false doHandler := false
var er error var er error
switch { switch {
// If no checking enabled we should just allow the message. // If no checking enabled we should just allow the message.
case !conf.EnableSignatureCheck && !conf.EnableAclCheck: case !conf.EnableSignatureCheck && !conf.EnableAclCheck:
doHandler = true doHandler = true
@ -504,30 +502,26 @@ func (p process) callHandler(message Message, thisNode string) {
// If only sig check enabled, and sig OK, we should allow the message. // If only sig check enabled, and sig OK, we should allow the message.
case conf.EnableSignatureCheck && !conf.EnableAclCheck: case conf.EnableSignatureCheck && !conf.EnableAclCheck:
sigOK := p.nodeAuth.verifySignature(message) sigOK := p.nodeAuth.verifySignature(message)
er = fmt.Errorf("callHandler: Only signature checking enabled, ALLOW the message if sigOK, sigOK=%v, method %v", sigOK, message.Method)
if sigOK { if sigOK {
doHandler = true doHandler = true
} }
er = fmt.Errorf("callHandler: Only signature checking enabled, ALLOW the message if sigOK, sigOK=%v, method %v", sigOK, message.Method)
// If both sig and acl check enabled, and sig and acl OK, we should allow the message. // If both sig and acl check enabled, and sig and acl OK, we should allow the message.
case conf.EnableSignatureCheck && conf.EnableAclCheck: case conf.EnableSignatureCheck && conf.EnableAclCheck:
sigOK := p.nodeAuth.verifySignature(message) sigOK := p.nodeAuth.verifySignature(message)
aclOK := p.nodeAuth.verifyAcl(message) aclOK := p.nodeAuth.verifyAcl(message)
er = fmt.Errorf("callHandler:both signature and acl checking enabled, allow the message if sigOK and aclOK, sigOK=%v, aclOK=%v, method=%v", sigOK, aclOK, message.Method)
if sigOK && aclOK { if sigOK && aclOK {
doHandler = true doHandler = true
} }
er = fmt.Errorf("callHandler:both signature and acl checking enabled, allow the message if sigOK and aclOK, sigOK=%v, aclOK=%v, method=%v", sigOK, aclOK, message.Method)
default: default:
er = fmt.Errorf("callHandler: None of the verify flags matched, not doing handler for message, method=%v", message.Method) er = fmt.Errorf("callHandler: None of the verify flags matched, not doing handler for message, method=%v", message.Method)
} }
// ----
p.errorKernel.logDebug(er) p.errorKernel.logDebug(er)
switch doHandler { switch doHandler {
@ -544,6 +538,7 @@ func (p process) callHandler(message Message, thisNode string) {
} }
// executeHandler will call the handler for the Request type defined in the message. // executeHandler will call the handler for the Request type defined in the message.
// Will also take care of executing a method as scheduled.
func executeHandler(p process, message Message, thisNode string) { func executeHandler(p process, message Message, thisNode string) {
var err error var err error
@ -563,12 +558,6 @@ func executeHandler(p process, message Message, thisNode string) {
runAsScheduled = true runAsScheduled = true
} }
if p.configuration.EnableAclCheck {
// Either ACL were verified OK, or ACL/Signature check was not enabled, so we call the handler.
er := fmt.Errorf("info: subscriberHandler: Either ACL were verified OK, or ACL/Signature check was not enabled, so we call the handler: %v", true)
p.errorKernel.logDebug(er)
}
switch { switch {
case !runAsScheduled && p.handler != nil: case !runAsScheduled && p.handler != nil: