mirror of
https://github.com/postmannen/ctrl.git
synced 2024-12-14 12:37:31 +00:00
disabled keys push update.. for now.
This commit is contained in:
parent
fac451ec0f
commit
da1ab140c1
2 changed files with 94 additions and 81 deletions
|
@ -593,7 +593,7 @@ func (p process) verifySigOrAclFlag(message Message) bool {
|
|||
log.Printf(" * DEBUG: only signature checking enabled, allow the message if sigOK\n")
|
||||
|
||||
sigOK := p.nodeAuth.verifySignature(message)
|
||||
log.Printf("info: sigOK=%v\n", sigOK)
|
||||
log.Printf("info: sigOK=%v, method %v\n", sigOK, message.Method)
|
||||
|
||||
if sigOK {
|
||||
doHandler = true
|
||||
|
@ -605,7 +605,7 @@ func (p process) verifySigOrAclFlag(message Message) bool {
|
|||
log.Printf(" * DEBUG: both signature and acl checking enabled, allow the message if sigOK and aclOK\n")
|
||||
|
||||
sigOK := p.nodeAuth.verifySignature(message)
|
||||
log.Printf("info: sigOK=%v\n", sigOK)
|
||||
log.Printf("info: sigOK=%v, method=%v\n", sigOK, message.Method)
|
||||
aclOK := p.nodeAuth.verifyAcl(message)
|
||||
log.Printf("info: aclOK=%v\n", aclOK)
|
||||
|
||||
|
|
171
requests_keys.go
171
requests_keys.go
|
@ -340,86 +340,99 @@ func (m methodREQKeysAllow) handler(proc process, message Message, node string)
|
|||
|
||||
}()
|
||||
|
||||
// If new keys were allowed into the main map, we should send out one
|
||||
// single update to all the registered nodes to inform of an update.
|
||||
// NB: If a node is not reachable at the time the update is sent it is
|
||||
// not a problem since the nodes will periodically check for updates.
|
||||
// TODO: FAILS: The push keys updates when change fails with that the
|
||||
// subscriber gets stuck. Need to look more into this later.
|
||||
// Disabling for now since the node will update at the timed interval.
|
||||
//
|
||||
// If there are errors we will return from the function, and send no
|
||||
// updates.
|
||||
err := func() error {
|
||||
var knh []byte
|
||||
|
||||
err := func() error {
|
||||
proc.centralAuth.pki.nodesAcked.mu.Lock()
|
||||
defer proc.centralAuth.pki.nodesAcked.mu.Unlock()
|
||||
|
||||
b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal keys map: %v", err)
|
||||
return er
|
||||
}
|
||||
|
||||
copy(knh, b)
|
||||
|
||||
return nil
|
||||
}()
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Lock()
|
||||
// defer proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Unlock()
|
||||
|
||||
// For all nodes that is not ack'ed we try to send an update once.
|
||||
for n := range proc.centralAuth.pki.nodeNotAckedPublicKeys.KeyMap {
|
||||
msg := Message{
|
||||
ToNode: n,
|
||||
Method: REQKeysDeliverUpdate,
|
||||
ReplyMethod: REQNone,
|
||||
}
|
||||
|
||||
sam, err := newSubjectAndMessage(msg)
|
||||
if err != nil {
|
||||
// In theory the system should drop the message before it reaches here.
|
||||
er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
}
|
||||
|
||||
proc.toRingbufferCh <- []subjectAndMessage{sam}
|
||||
|
||||
fmt.Printf("\n ----> methodREQKeysAllow: SENDING KEYS TO NODE=%v\n", message.FromNode)
|
||||
}
|
||||
|
||||
// For all nodes that is ack'ed we try to send an update once.
|
||||
for n := range proc.centralAuth.pki.nodesAcked.keysAndHash.Keys {
|
||||
msg := Message{
|
||||
ToNode: n,
|
||||
Method: REQKeysDeliverUpdate,
|
||||
ReplyMethod: REQNone,
|
||||
}
|
||||
|
||||
sam, err := newSubjectAndMessage(msg)
|
||||
if err != nil {
|
||||
// In theory the system should drop the message before it reaches here.
|
||||
er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
||||
proc.errorKernel.errSend(proc, message, er)
|
||||
}
|
||||
|
||||
proc.toRingbufferCh <- []subjectAndMessage{sam}
|
||||
|
||||
log.Printf("\n ----> methodREQKeysAllow: sending keys update to node=%v\n", message.FromNode)
|
||||
}
|
||||
|
||||
return nil
|
||||
|
||||
}()
|
||||
|
||||
if err != nil {
|
||||
proc.errorKernel.errSend(proc, message, err)
|
||||
return
|
||||
}
|
||||
// // If new keys were allowed into the main map, we should send out one
|
||||
// // single update to all the registered nodes to inform of an update.
|
||||
// // NB: If a node is not reachable at the time the update is sent it is
|
||||
// // not a problem since the nodes will periodically check for updates.
|
||||
// //
|
||||
// // If there are errors we will return from the function, and send no
|
||||
// // updates.
|
||||
// err := func() error {
|
||||
// var knh []byte
|
||||
//
|
||||
// err := func() error {
|
||||
// proc.centralAuth.pki.nodesAcked.mu.Lock()
|
||||
// defer proc.centralAuth.pki.nodesAcked.mu.Unlock()
|
||||
//
|
||||
// b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
||||
// if err != nil {
|
||||
// er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal keys map: %v", err)
|
||||
// return er
|
||||
// }
|
||||
//
|
||||
// copy(knh, b)
|
||||
//
|
||||
// return nil
|
||||
// }()
|
||||
//
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
//
|
||||
// // proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Lock()
|
||||
// // defer proc.centralAuth.pki.nodeNotAckedPublicKeys.mu.Unlock()
|
||||
//
|
||||
// // For all nodes that is not ack'ed we try to send an update once.
|
||||
// for n := range proc.centralAuth.pki.nodeNotAckedPublicKeys.KeyMap {
|
||||
// msg := Message{
|
||||
// ToNode: n,
|
||||
// Method: REQKeysDeliverUpdate,
|
||||
// ReplyMethod: REQNone,
|
||||
// }
|
||||
//
|
||||
// sam, err := newSubjectAndMessage(msg)
|
||||
// if err != nil {
|
||||
// // In theory the system should drop the message before it reaches here.
|
||||
// er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
||||
// proc.errorKernel.errSend(proc, message, er)
|
||||
// }
|
||||
//
|
||||
// proc.toRingbufferCh <- []subjectAndMessage{sam}
|
||||
//
|
||||
// fmt.Printf("\n ----> methodREQKeysAllow: SENDING KEYS TO NODE=%v\n", message.FromNode)
|
||||
// }
|
||||
//
|
||||
// // Create the data payload of the current allowed keys.
|
||||
// b, err := json.Marshal(proc.centralAuth.pki.nodesAcked.keysAndHash)
|
||||
//
|
||||
// if err != nil {
|
||||
// er := fmt.Errorf("error: methodREQKeysAllow, failed to marshal keys map: %v", err)
|
||||
// proc.errorKernel.errSend(proc, message, er)
|
||||
// }
|
||||
//
|
||||
// // For all nodes that is ack'ed we try to send an update once.
|
||||
// for n := range proc.centralAuth.pki.nodesAcked.keysAndHash.Keys {
|
||||
// msg := Message{
|
||||
// ToNode: n,
|
||||
// Method: REQKeysDeliverUpdate,
|
||||
// Data: b,
|
||||
// ReplyMethod: REQNone,
|
||||
// }
|
||||
//
|
||||
// sam, err := newSubjectAndMessage(msg)
|
||||
// if err != nil {
|
||||
// // In theory the system should drop the message before it reaches here.
|
||||
// er := fmt.Errorf("error: newSubjectAndMessage : %v, message: %v", err, message)
|
||||
// proc.errorKernel.errSend(proc, message, er)
|
||||
// }
|
||||
//
|
||||
// proc.toRingbufferCh <- []subjectAndMessage{sam}
|
||||
//
|
||||
// log.Printf("\n ----> methodREQKeysAllow: sending keys update to node=%v\n", message.FromNode)
|
||||
// }
|
||||
//
|
||||
// return nil
|
||||
//
|
||||
// }()
|
||||
//
|
||||
// if err != nil {
|
||||
// proc.errorKernel.errSend(proc, message, err)
|
||||
// return
|
||||
// }
|
||||
|
||||
}
|
||||
}()
|
||||
|
|
Loading…
Reference in a new issue