mirror of
https://github.com/postmannen/ctrl.git
synced 2025-01-18 21:59:30 +00:00
disabled keys push update.. for now.
This commit is contained in:
postmannen
parent
fac451ec0f
commit
da1ab140c1
2 changed files with 94 additions and 81 deletions
|
|
@ -593,7 +593,7 @@ func (p process) verifySigOrAclFlag(message Message) bool {
|
||||||
log.Printf(" * DEBUG: only signature checking enabled, allow the message if sigOK\n")
|
log.Printf(" * DEBUG: only signature checking enabled, allow the message if sigOK\n")
|
||||||
|
|
||||||
sigOK := p.nodeAuth.verifySignature(message)
|
sigOK := p.nodeAuth.verifySignature(message)
|
||||||
log.Printf("info: sigOK=%v\n", sigOK)
|
log.Printf("info: sigOK=%v, method %v\n", sigOK, message.Method)
|
||||||
|
|
||||||
if sigOK {
|
if sigOK {
|
||||||
doHandler = true
|
doHandler = true
|
||||||
|
|
@ -605,7 +605,7 @@ func (p process) verifySigOrAclFlag(message Message) bool {
|
||||||
log.Printf(" * DEBUG: both signature and acl checking enabled, allow the message if sigOK and aclOK\n")
|
log.Printf(" * DEBUG: both signature and acl checking enabled, allow the message if sigOK and aclOK\n")
|
||||||
|
|
||||||
sigOK := p.nodeAuth.verifySignature(message)
|
sigOK := p.nodeAuth.verifySignature(message)
|
||||||
log.Printf("info: sigOK=%v\n", sigOK)
|
log.Printf("info: sigOK=%v, method=%v\n", sigOK, message.Method)
|
||||||
aclOK := p.nodeAuth.verifyAcl(message)
|
aclOK := p.nodeAuth.verifyAcl(message)
|
||||||
log.Printf("info: aclOK=%v\n", aclOK)
|
log.Printf("info: aclOK=%v\n", aclOK)
|
||||||
|
|
||||||
|
|
|
||||||
171
requests_keys.go
171
requests_keys.go
|
|
@ -340,86 +340,99 @@ func (m methodREQKeysAllow) handler(proc process, message Message, node string)
|
||||||
|
|
||||||
}()
|
}()
|
||||||
|
|
||||||
// If new keys were allowed into the main map, we should send out one
|
// TODO: FAILS: The push keys updates when change fails with that the
|
||||||
// single update to all the registered nodes to inform of an update.
|
// subscriber gets stuck. Need to look more into this later.
|
||||||
// NB: If a node is not reachable at the time the update is sent it is
|
// Disabling for now since the node will update at the timed interval.
|
||||||
// not a problem since the nodes will periodically check for updates.
|
|
||||||
//
|
//
|
||||||
// If there are errors we will return from the function, and send no
|
// // If new keys were allowed into the main map, we should send out one
|
||||||
// updates.
|
// // single update to all the registered nodes to inform of an update.
|
||||||
err := func() error {
|
// // NB: If a node is not reachable at the time the update is sent it is
|
||||||
var knh []byte
|
// // not a problem since the nodes will periodically check for updates.
|
||||||
|
// //
|
||||||
err := func() error {
|
// // If there are errors we will return from the function, and send no
|
||||||
proc.centralAuth.pki.nodesAcked.mu.Lock()
|
// // updates.
|
||||||
defer proc.centralAuth.pki.nodesAcked.mu.Unlock()
|
// err := func() error {
|
||||||
|
// var knh []byte
|
||||||
b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
//
|
||||||
if err != nil {
|
// err := func() error {
|
||||||
er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal keys map: %v", err)
|
// proc.centralAuth.pki.nodesAcked.mu.Lock()
|
||||||
return er
|
// defer proc.centralAuth.pki.nodesAcked.mu.Unlock()
|
||||||
}
|
//
|
||||||
|
// b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
||||||
copy(knh, b)
|
// if err != nil {
|
||||||
|
// er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal keys map: %v", err)
|
||||||
return nil
|
// return er
|
||||||
}()
|
// }
|
||||||
|
//
|
||||||
if err != nil {
|
// copy(knh, b)
|
||||||
return err
|
//
|
||||||
}
|
// return nil
|
||||||
|
// }()
|
||||||
// proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Lock()
|
//
|
||||||
// defer proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Unlock()
|
// if err != nil {
|
||||||
|
// return err
|
||||||
// For all nodes that is not ack'ed we try to send an update once.
|
// }
|
||||||
for n := range proc.centralAuth.pki.nodeNotAckedPublicKeys.KeyMap {
|
//
|
||||||
msg := Message{
|
// // proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Lock()
|
||||||
ToNode: n,
|
// // defer proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Unlock()
|
||||||
Method: REQKeysDeliverUpdate,
|
//
|
||||||
ReplyMethod: REQNone,
|
// // For all nodes that is not ack'ed we try to send an update once.
|
||||||
}
|
// for n := range proc.centralAuth.pki.nodeNotAckedPublicKeys.KeyMap {
|
||||||
|
// msg := Message{
|
||||||
sam, err := newSubjectAndMessage(msg)
|
// ToNode: n,
|
||||||
if err != nil {
|
// Method: REQKeysDeliverUpdate,
|
||||||
// In theory the system should drop the message before it reaches here.
|
// ReplyMethod: REQNone,
|
||||||
er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
// }
|
||||||
proc.errorKernel.errSend(proc, message, er)
|
//
|
||||||
}
|
// sam, err := newSubjectAndMessage(msg)
|
||||||
|
// if err != nil {
|
||||||
proc.toRingbufferCh <- []subjectAndMessage{sam}
|
// // In theory the system should drop the message before it reaches here.
|
||||||
|
// er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
||||||
fmt.Printf("\n ----> methodREQKeysAllow: SENDING KEYS TO NODE=%v\n", message.FromNode)
|
// proc.errorKernel.errSend(proc, message, er)
|
||||||
}
|
// }
|
||||||
|
//
|
||||||
// For all nodes that is ack'ed we try to send an update once.
|
// proc.toRingbufferCh <- []subjectAndMessage{sam}
|
||||||
for n := range proc.centralAuth.pki.nodesAcked.keysAndHash.Keys {
|
//
|
||||||
msg := Message{
|
// fmt.Printf("\n ----> methodREQKeysAllow: SENDING KEYS TO NODE=%v\n", message.FromNode)
|
||||||
ToNode: n,
|
// }
|
||||||
Method: REQKeysDeliverUpdate,
|
//
|
||||||
ReplyMethod: REQNone,
|
// // Create the data payload of the current allowed keys.
|
||||||
}
|
// b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
||||||
|
//
|
||||||
sam, err := newSubjectAndMessage(msg)
|
// if err != nil {
|
||||||
if err != nil {
|
// er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal keys map: %v", err)
|
||||||
// In theory the system should drop the message before it reaches here.
|
// proc.errorKernel.errSend(proc, message, er)
|
||||||
er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
// }
|
||||||
proc.errorKernel.errSend(proc, message, er)
|
//
|
||||||
}
|
// // For all nodes that is ack'ed we try to send an update once.
|
||||||
|
// for n := range proc.centralAuth.pki.nodesAcked.keysAndHash.Keys {
|
||||||
proc.toRingbufferCh <- []subjectAndMessage{sam}
|
// msg := Message{
|
||||||
|
// ToNode: n,
|
||||||
log.Printf("\n ----> methodREQKeysAllow: sending keys update to node=%v\n", message.FromNode)
|
// Method: REQKeysDeliverUpdate,
|
||||||
}
|
// Data: b,
|
||||||
|
// ReplyMethod: REQNone,
|
||||||
return nil
|
// }
|
||||||
|
//
|
||||||
}()
|
// sam, err := newSubjectAndMessage(msg)
|
||||||
|
// if err != nil {
|
||||||
if err != nil {
|
// // In theory the system should drop the message before it reaches here.
|
||||||
proc.errorKernel.errSend(proc, message, err)
|
// er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
||||||
return
|
// proc.errorKernel.errSend(proc, message, er)
|
||||||
}
|
// }
|
||||||
|
//
|
||||||
|
// proc.toRingbufferCh <- []subjectAndMessage{sam}
|
||||||
|
//
|
||||||
|
// log.Printf("\n ----> methodREQKeysAllow: sending keys update to node=%v\n", message.FromNode)
|
||||||
|
// }
|
||||||
|
//
|
||||||
|
// return nil
|
||||||
|
//
|
||||||
|
// }()
|
||||||
|
//
|
||||||
|
// if err != nil {
|
||||||
|
// proc.errorKernel.errSend(proc, message, err)
|
||||||
|
// return
|
||||||
|
// }
|
||||||
|
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue