Fixed verification of authorized signals

gql_cataclysm
noah metz 2023-10-14 15:53:20 -06:00
parent b3bbf71c22
commit 76e1e9a17a
2 changed files with 28 additions and 11 deletions

@ -127,27 +127,38 @@ func ResolveNodes(ctx *ResolveContext, p graphql.ResolveParams, ids []NodeID) ([
ctx.Context.Log.Logf("gql", "SENT_READ_SIGNAL to %+s", id) ctx.Context.Log.Logf("gql", "SENT_READ_SIGNAL to %+s", id)
} }
ctx.Context.Log.Logf("gql", "Resolved cached nodes: %+v", responses) errors := ""
ctx.Context.Log.Logf("gql", "RESP_CHANNELS: %+v", resp_channels)
for sig_id, response_chan := range(resp_channels) { for sig_id, response_chan := range(resp_channels) {
// Wait for the response, returning an error on timeout // Wait for the response, returning an error on timeout
response, err := WaitForSignal(response_chan, time.Millisecond*100, func(sig *ReadResultSignal)bool{ response, err := WaitForResponse(response_chan, time.Millisecond*100, sig_id)
return sig.ReqID == sig_id
})
if err != nil { if err != nil {
return nil, err return nil, err
} }
ctx.Context.Log.Logf("gql", "GQL node response: %+v", response)
error_signal, is_error := response.(*ErrorSignal)
if is_error {
errors = fmt.Sprintf("%s, %s", errors, error_signal.Error)
continue
}
read_response, is_read_response := response.(*ReadResultSignal)
if is_read_response == false {
errors = fmt.Sprintf("%s, wrong response type %+v", errors, reflect.TypeOf(response))
continue
}
idx := indices[sig_id] idx := indices[sig_id]
responses[idx] = NodeResult{ responses[idx] = NodeResult{
response.NodeID, read_response.NodeID,
response.NodeType, read_response.NodeType,
response.Extensions, read_response.Extensions,
} }
cache, exists := ctx.NodeCache[response.NodeID] cache, exists := ctx.NodeCache[read_response.NodeID]
if exists == true { if exists == true {
for ext_type, fields := range(response.Extensions) { for ext_type, fields := range(read_response.Extensions) {
cached_fields, exists := cache.Data[ext_type] cached_fields, exists := cache.Data[ext_type]
if exists == true { if exists == true {
for field_name, field_value := range(fields) { for field_name, field_value := range(fields) {
@ -156,11 +167,14 @@ func ResolveNodes(ctx *ResolveContext, p graphql.ResolveParams, ids []NodeID) ([
} }
} }
} else { } else {
ctx.NodeCache[response.NodeID] = responses[idx] ctx.NodeCache[read_response.NodeID] = responses[idx]
} }
} }
ctx.Context.Log.Logf("gql", "RESOLVED_NODES %+v - %+v", ids, responses) ctx.Context.Log.Logf("gql", "RESOLVED_NODES %+v - %+v", ids, responses)
if errors != "" {
return nil, fmt.Errorf(errors)
}
return responses, nil return responses, nil
} }

@ -289,6 +289,9 @@ func nodeLoop(ctx *Context, node *Node) error {
} }
sig_data := append(dst_id_ser, src_id_ser...) sig_data := append(dst_id_ser, src_id_ser...)
sig_data = append(sig_data, ser...) sig_data = append(sig_data, ser...)
if msg.Authorization != nil {
sig_data = append(sig_data, msg.Authorization.Signature...)
}
validated := ed25519.Verify(msg.Source, sig_data, msg.Signature) validated := ed25519.Verify(msg.Source, sig_data, msg.Signature)
if validated == false { if validated == false {
ctx.Log.Logf("signal", "SIGNAL_VERIFY_ERR: %s - %+v", node.ID, msg) ctx.Log.Logf("signal", "SIGNAL_VERIFY_ERR: %s - %+v", node.ID, msg)