mirror of
https://github.com/fluencelabs/tendermint
synced 2025-06-23 01:41:31 +00:00
Complete validation for debora
This commit is contained in:
Jae Kwon
@ -1,11 +1,15 @@
|
||||
package main
|
||||
|
||||
// TODO: Nonrepudiable command log
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
"reflect"
|
||||
"sync"
|
||||
|
||||
acm "github.com/tendermint/tendermint/account"
|
||||
@ -16,28 +20,23 @@ import (
|
||||
)
|
||||
|
||||
var Routes = map[string]*rpc.RPCFunc{
|
||||
"RunProcess": rpc.NewRPCFunc(RunProcess, []string{"wait", "label", "execPath", "args"}),
|
||||
"ListProcesses": rpc.NewRPCFunc(ListProcesses, []string{}),
|
||||
"StopProcess": rpc.NewRPCFunc(StopProcess, []string{"label", "kill"}),
|
||||
// NOTE: also, two special non-JSONRPC routes called
|
||||
// "download" and "upload".
|
||||
}
|
||||
|
||||
type Validator struct {
|
||||
VotingPower uint64
|
||||
PubKey acm.PubKey
|
||||
"run_auth_command": rpc.NewRPCFunc(Run, []string{"auth_command"}),
|
||||
// NOTE: also, two special non-JSONRPC routes called "download" and "upload"
|
||||
}
|
||||
|
||||
type Options struct {
|
||||
Validators []Validator
|
||||
ListenAddress string
|
||||
StartNonce uint64
|
||||
}
|
||||
|
||||
// Global instance
|
||||
var debora = struct {
|
||||
mtx sync.Mutex
|
||||
processes map[string]*pcm.Process
|
||||
}{sync.Mutex{}, make(map[string]*pcm.Process)}
|
||||
mtx sync.Mutex
|
||||
processes map[string]*pcm.Process
|
||||
validators []Validator
|
||||
nonce uint64
|
||||
}{sync.Mutex{}, make(map[string]*pcm.Process), nil, 0}
|
||||
|
||||
func main() {
|
||||
|
||||
@ -51,11 +50,14 @@ func main() {
|
||||
if err != nil {
|
||||
panic(Fmt("Error parsing input: %v", err))
|
||||
}
|
||||
debora.nonce = options.StartNonce
|
||||
debora.validators = options.Validators
|
||||
|
||||
// Debug.
|
||||
fmt.Printf("Validators: %v\n", options.Validators)
|
||||
fmt.Printf("Options: %v\n", options)
|
||||
fmt.Printf("Debora: %v\n", debora)
|
||||
|
||||
// start rpc server.
|
||||
// Start rpc server.
|
||||
mux := http.NewServeMux()
|
||||
mux.HandleFunc("/download", ServeFile)
|
||||
// TODO: mux.HandleFunc("/upload", UploadFile)
|
||||
@ -68,7 +70,102 @@ func main() {
|
||||
}
|
||||
|
||||
//------------------------------------------------------------------------------
|
||||
// RPC functions
|
||||
// RPC main function
|
||||
|
||||
func Run(authCommand AuthCommand) (interface{}, error) {
|
||||
command, err := parseValidateCommand(authCommand)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
log.Info(Fmt("Run() received command %v", reflect.TypeOf(command)))
|
||||
// Issue command
|
||||
switch c := command.(type) {
|
||||
case CommandRunProcess:
|
||||
return RunProcess(c.Wait, c.Label, c.ExecPath, c.Args, c.Input)
|
||||
case CommandStopProcess:
|
||||
return StopProcess(c.Label, c.Kill)
|
||||
case CommandListProcesses:
|
||||
return ListProcesses()
|
||||
default:
|
||||
return nil, errors.New("Invalid endpoint for command")
|
||||
}
|
||||
}
|
||||
|
||||
func parseValidateCommandStr(authCommandStr string) (Command, error) {
|
||||
var err error
|
||||
authCommand := binary.ReadJSON(AuthCommand{}, []byte(authCommandStr), &err).(AuthCommand)
|
||||
if err != nil {
|
||||
fmt.Printf("Failed to parse auth_command")
|
||||
return nil, errors.New("AuthCommand parse error")
|
||||
}
|
||||
return parseValidateCommand(authCommand)
|
||||
}
|
||||
|
||||
func parseValidateCommand(authCommand AuthCommand) (Command, error) {
|
||||
commandJSONStr := authCommand.CommandJSONStr
|
||||
signatures := authCommand.Signatures
|
||||
// Validate commandJSONStr
|
||||
if !validate([]byte(commandJSONStr), debora.validators, signatures) {
|
||||
fmt.Printf("Failed validation attempt")
|
||||
return nil, errors.New("Validation error")
|
||||
}
|
||||
// Parse command
|
||||
var err error
|
||||
command := binary.ReadJSON(NoncedCommand{}, []byte(commandJSONStr), &err).(NoncedCommand)
|
||||
if err != nil {
|
||||
fmt.Printf("Failed to parse command")
|
||||
return nil, errors.New("Command parse error")
|
||||
}
|
||||
// Prevent replays
|
||||
if debora.nonce+1 != command.Nonce {
|
||||
return nil, errors.New("Replay error")
|
||||
} else {
|
||||
debora.nonce += 1
|
||||
}
|
||||
return command.Command, nil
|
||||
}
|
||||
|
||||
type AuthCommand struct {
|
||||
CommandJSONStr string
|
||||
Signatures []acm.Signature
|
||||
}
|
||||
|
||||
type NoncedCommand struct {
|
||||
Nonce uint64
|
||||
Command
|
||||
}
|
||||
|
||||
type Command interface{}
|
||||
|
||||
// for binary.readReflect
|
||||
var _ = binary.RegisterInterface(
|
||||
struct{ Command }{},
|
||||
binary.ConcreteType{CommandRunProcess{}},
|
||||
binary.ConcreteType{CommandStopProcess{}},
|
||||
binary.ConcreteType{CommandListProcesses{}},
|
||||
binary.ConcreteType{CommandServeFile{}},
|
||||
)
|
||||
|
||||
const (
|
||||
typeByteRunProcess = 0x01
|
||||
typeByteStopProcess = 0x02
|
||||
typeByteListProcesses = 0x03
|
||||
typeByteServeFile = 0x04
|
||||
)
|
||||
|
||||
//------------------------------------------------------------------------------
|
||||
// RPC base commands
|
||||
// WARNING Not validated, do not export to routes.
|
||||
|
||||
type CommandRunProcess struct {
|
||||
Wait bool
|
||||
Label string
|
||||
ExecPath string
|
||||
Args []string
|
||||
Input string
|
||||
}
|
||||
|
||||
func (_ CommandRunProcess) TypeByte() byte { return typeByteRunProcess }
|
||||
|
||||
type ResponseRunProcess struct {
|
||||
}
|
||||
@ -98,24 +195,12 @@ func RunProcess(wait bool, label string, execPath string, args []string, input s
|
||||
|
||||
//--------------------------------------
|
||||
|
||||
type ResponseListProcesses struct {
|
||||
Processes []*pcm.Process
|
||||
type CommandStopProcess struct {
|
||||
Label string
|
||||
Kill bool
|
||||
}
|
||||
|
||||
func ListProcesses() (*ResponseListProcesses, error) {
|
||||
var procs = []*pcm.Process{}
|
||||
debora.mtx.Lock()
|
||||
for _, proc := range debora.processes {
|
||||
procs = append(procs, proc)
|
||||
}
|
||||
debora.mtx.Unlock()
|
||||
|
||||
return &ResponseListProcesses{
|
||||
Processes: procs,
|
||||
}, nil
|
||||
}
|
||||
|
||||
//--------------------------------------
|
||||
func (_ CommandStopProcess) TypeByte() byte { return typeByteStopProcess }
|
||||
|
||||
type ResponseStopProcess struct {
|
||||
}
|
||||
@ -133,10 +218,49 @@ func StopProcess(label string, kill bool) (*ResponseStopProcess, error) {
|
||||
return &ResponseStopProcess{}, err
|
||||
}
|
||||
|
||||
//--------------------------------------
|
||||
|
||||
type CommandListProcesses struct{}
|
||||
|
||||
func (_ CommandListProcesses) TypeByte() byte { return typeByteListProcesses }
|
||||
|
||||
type ResponseListProcesses struct {
|
||||
Processes []*pcm.Process
|
||||
}
|
||||
|
||||
func ListProcesses() (*ResponseListProcesses, error) {
|
||||
var procs = []*pcm.Process{}
|
||||
debora.mtx.Lock()
|
||||
for _, proc := range debora.processes {
|
||||
procs = append(procs, proc)
|
||||
}
|
||||
debora.mtx.Unlock()
|
||||
|
||||
return &ResponseListProcesses{
|
||||
Processes: procs,
|
||||
}, nil
|
||||
}
|
||||
|
||||
//------------------------------------------------------------------------------
|
||||
|
||||
type CommandServeFile struct {
|
||||
Path string
|
||||
}
|
||||
|
||||
func (_ CommandServeFile) TypeByte() byte { return typeByteServeFile }
|
||||
|
||||
func ServeFile(w http.ResponseWriter, req *http.Request) {
|
||||
path := req.FormValue("path")
|
||||
|
||||
authCommandStr := req.FormValue("auth_command")
|
||||
command, err := parseValidateCommandStr(authCommandStr)
|
||||
if err != nil {
|
||||
http.Error(w, Fmt("Invalid command: %v", err), 400)
|
||||
}
|
||||
serveCommand, ok := command.(CommandServeFile)
|
||||
if !ok {
|
||||
http.Error(w, "Invalid command", 400)
|
||||
}
|
||||
path := serveCommand.Path
|
||||
if path == "" {
|
||||
http.Error(w, "Must specify path", 400)
|
||||
return
|
||||
|
||||
Reference in New Issue
Block a user