veyron2/ipc: Invoker.Prepare will now return all tags associated with a
method, not just the security label.
This is primarily motivated by the goal of making security labels
"dynamic" (more discussion in:
https://docs.google.com/a/google.com/document/d/1DZUu2sGKrf-b4p9JFdIbN0ULhz9Loa8reuPNKsdMKD0/edit#
), however, the author feels that this commit is worthwhile regardless,
as it makes the power of method tagging in VDL more "accessible".
Change-Id: Ibcf3d549dc466339a31f871fb3e272a648295ebc
diff --git a/runtimes/google/ipc/server.go b/runtimes/google/ipc/server.go
index 115615f..6d8e1dd 100644
--- a/runtimes/google/ipc/server.go
+++ b/runtimes/google/ipc/server.go
@@ -856,8 +856,8 @@
}
// Prepare invoker and decode args.
numArgs := int(req.NumPosArgs)
- argptrs, label, err := invoker.Prepare(req.Method, numArgs)
- fs.label = label
+ argptrs, tags, err := invoker.Prepare(req.Method, numArgs)
+ fs.label = labelFromTags(tags)
if err != nil {
return nil, verror.Makef(verror.ErrorID(err), "%s: name: %q", err, req.Suffix)
}
@@ -961,14 +961,14 @@
// TODO(cnicolaou): ipc.Serve TRANSITION
invoker, ok := obj.(ipc.Invoker)
if !ok {
- panic("Lookup should have returned an ipc.Invoker")
+ panic(fmt.Errorf("Lookup should have returned an ipc.Invoker, returned %T", obj))
}
if obj == nil || !ok {
return verror.NoExistf("ipc: invoker not found for Glob")
}
- argptrs, label, err := invoker.Prepare("Glob", 1)
- i.fs.label = label
+ argptrs, tags, err := invoker.Prepare("Glob", 1)
+ i.fs.label = labelFromTags(tags)
if err != nil {
return verror.Makef(verror.ErrorID(err), "%s", err)
}
@@ -1122,3 +1122,12 @@
//nologcall
return fs.flow.RemoteEndpoint()
}
+
+func labelFromTags(tags []interface{}) security.Label {
+ for _, t := range tags {
+ if l, ok := t.(security.Label); ok {
+ return l
+ }
+ }
+ return security.AdminLabel
+}
