security: Make Blessings a struct instead of an interface.
Accompanies: https://vanadium-review.googlesource.com/6040
Motivations:
- In any case, we disallowed implementations of this interface outside
the security package because we wanted to discourage other
implementations that may skip over critical security considerations.
- There was only one implementation
- This will allow us to use the VOM native<->wire conversions, thereby
preventing users from having to worry about conversion to and from
the wire format.
MultiPart: 2/2
Change-Id: I2a6a44c7d13a131bf98b9b6fa6db7235063b21e9
diff --git a/lib/testutil/security/util.go b/lib/testutil/security/util.go
index 148e70e..3901177 100644
--- a/lib/testutil/security/util.go
+++ b/lib/testutil/security/util.go
@@ -71,9 +71,8 @@
// initialize a Runtime.
func NewCredentials(requiredName string, otherNames ...string) (string, security.Principal) {
dir, p := newCredentials()
- if def := selfBlessings(p, append([]string{requiredName}, otherNames...)...); def != nil {
- SetDefaultBlessings(p, def)
- }
+ def := selfBlessings(p, append([]string{requiredName}, otherNames...)...)
+ SetDefaultBlessings(p, def)
return dir, p
}
@@ -107,9 +106,7 @@
panic(err)
}
}
- if def != nil {
- SetDefaultBlessings(p, def)
- }
+ SetDefaultBlessings(p, def)
return dir, p
}
@@ -123,9 +120,8 @@
if err != nil {
panic(err)
}
- if def := selfBlessings(p, defaultBlessings...); def != nil {
- SetDefaultBlessings(p, def)
- }
+ def := selfBlessings(p, defaultBlessings...)
+ SetDefaultBlessings(p, def)
return p
}
@@ -203,11 +199,7 @@
if len(caveats) == 0 {
caveats = append(caveats, security.UnconstrainedUse())
}
- blessings, err := idp.p.Bless(p.PublicKey(), idp.b, extension, caveats[0], caveats[1:]...)
- if err != nil {
- return nil, err
- }
- return blessings, nil
+ return idp.p.Bless(p.PublicKey(), idp.b, extension, caveats[0], caveats[1:]...)
}
// PublicKey is the public key of the identity provider.
diff --git a/lib/testutil/security/util_test.go b/lib/testutil/security/util_test.go
index b8bd2d9..1cf1853 100644
--- a/lib/testutil/security/util_test.go
+++ b/lib/testutil/security/util_test.go
@@ -105,10 +105,10 @@
}
def := p.BlessingStore().Default()
peers := p.BlessingStore().ForPeer("anyone_else")
- if def == nil {
+ if def.IsZero() {
t.Errorf("BlessingStore should have a default blessing")
}
- if peers != def {
+ if !reflect.DeepEqual(peers, def) {
t.Errorf("ForPeer(...) returned %v, want %v", peers, def)
}
// TODO(ashankar): Implement a security.Context and test the string
diff --git a/runtimes/google/ipc/blessings_cache.go b/runtimes/google/ipc/blessings_cache.go
index ac71eee..204715a 100644
--- a/runtimes/google/ipc/blessings_cache.go
+++ b/runtimes/google/ipc/blessings_cache.go
@@ -133,10 +133,10 @@
}
func (c *serverBlessingsCache) getOrInsert(req ipc.BlessingsRequest, stats *ipcStats) (security.Blessings, error) {
- // In the case that the key sent is 0, we are running in VCSecurityNone and should
- // return nil for the client Blessings.
+ // In the case that the key sent is 0, we are running in VCSecurityNone
+ // and should return the zero value.
if req.Key == 0 {
- return nil, nil
+ return security.Blessings{}, nil
}
if req.Blessings == nil {
// Fastpath, lookup based on the key.
@@ -144,7 +144,7 @@
cached, exists := c.m[req.Key]
c.RUnlock()
if !exists {
- return nil, fmt.Errorf("ipc: key was not in the cache")
+ return security.Blessings{}, fmt.Errorf("ipc: key was not in the cache")
}
stats.recordBlessingCache(true)
return cached, nil
@@ -155,14 +155,14 @@
// the same as what's in the cache.
recv, err := security.NewBlessings(*req.Blessings)
if err != nil {
- return nil, fmt.Errorf("ipc: create new client blessings failed: %v", err)
+ return security.Blessings{}, fmt.Errorf("ipc: create new client blessings failed: %v", err)
}
c.Lock()
defer c.Unlock()
if cached, exists := c.m[req.Key]; exists {
// TODO(suharshs): Replace this reflect.DeepEqual() with a less expensive check.
if !reflect.DeepEqual(cached, recv) {
- return nil, fmt.Errorf("client sent invalid Blessings")
+ return security.Blessings{}, fmt.Errorf("client sent invalid Blessings")
}
return cached, nil
}
diff --git a/runtimes/google/ipc/client.go b/runtimes/google/ipc/client.go
index b107f56..6c0936d 100644
--- a/runtimes/google/ipc/client.go
+++ b/runtimes/google/ipc/client.go
@@ -647,8 +647,8 @@
// server that are authorized for this purpose and any blessings that are to be granted to
// the server (via ipc.Granter implementations in opts.)
func (c *client) authorizeServer(ctx *context.T, flow stream.Flow, name, method string, serverPatterns []string, opts []ipc.CallOpt) (serverBlessings []string, grantedBlessings security.Blessings, err error) {
- if flow.RemoteBlessings() == nil {
- return nil, nil, verror.New(errNoBlessings, ctx)
+ if flow.RemoteBlessings().IsZero() {
+ return nil, security.Blessings{}, verror.New(errNoBlessings, ctx)
}
ctxt := security.NewContext(&security.ContextParams{
LocalPrincipal: flow.LocalPrincipal(),
@@ -666,7 +666,7 @@
switch v := o.(type) {
case options.ServerPublicKey:
if remoteKey, key := flow.RemoteBlessings().PublicKey(), v.PublicKey; !reflect.DeepEqual(remoteKey, key) {
- return nil, nil, verror.New(errAuthServerKeyNotAllowed, ctx, remoteKey, key)
+ return nil, security.Blessings{}, verror.New(errAuthServerKeyNotAllowed, ctx, remoteKey, key)
}
case options.AllowedServersPolicy:
allowed := false
@@ -677,15 +677,15 @@
}
}
if !allowed {
- return nil, nil, verror.New(errAuthServerNotAllowed, ctx, v, serverBlessings)
+ return nil, security.Blessings{}, verror.New(errAuthServerNotAllowed, ctx, v, serverBlessings)
}
case options.SkipResolveAuthorization:
ignorePatterns = true
case ipc.Granter:
if b, err := v.Grant(flow.RemoteBlessings()); err != nil {
- return nil, nil, verror.New(errBlessingGrant, ctx, serverBlessings, err)
+ return nil, security.Blessings{}, verror.New(errBlessingGrant, ctx, serverBlessings, err)
} else if grantedBlessings, err = security.UnionOfBlessings(grantedBlessings, b); err != nil {
- return nil, nil, verror.New(errBlessingAdd, ctx, serverBlessings, err)
+ return nil, security.Blessings{}, verror.New(errBlessingAdd, ctx, serverBlessings, err)
}
}
}
@@ -698,11 +698,11 @@
}
}
if !matched {
- return nil, nil, verror.New(errAuthNoPatternMatch, ctx, serverBlessings, serverPatterns, rejectedBlessings)
+ return nil, security.Blessings{}, verror.New(errAuthNoPatternMatch, ctx, serverBlessings, serverPatterns, rejectedBlessings)
}
} else if enableSecureServerAuth && !ignorePatterns {
if err := (defaultAuthorizer{}).Authorize(ctxt); err != nil {
- return nil, nil, verror.New(errDefaultAuthDenied, ctx, serverBlessings)
+ return nil, security.Blessings{}, verror.New(errDefaultAuthDenied, ctx, serverBlessings)
}
}
return serverBlessings, grantedBlessings, nil
@@ -789,7 +789,7 @@
func (fc *flowClient) start(suffix, method string, args []interface{}, timeout time.Duration, blessings security.Blessings) error {
// Fetch any discharges for third-party caveats on the client's blessings
// if this client owns a discharge-client.
- if self := fc.flow.LocalBlessings(); self != nil && fc.dc != nil {
+ if self := fc.flow.LocalBlessings(); fc.dc != nil {
impetus, err := mkDischargeImpetus(fc.server, method, args)
if err != nil {
// TODO(toddw): Fix up the internal error.
diff --git a/runtimes/google/ipc/default_authorizer_test.go b/runtimes/google/ipc/default_authorizer_test.go
index 72351f9..fba7c85 100644
--- a/runtimes/google/ipc/default_authorizer_test.go
+++ b/runtimes/google/ipc/default_authorizer_test.go
@@ -25,12 +25,12 @@
// bless(ali, bob, "friend") will generate a blessing for ali, calling him "bob/friend".
bless = func(target, extend security.Blessings, extension string) security.Blessings {
var p security.Principal
- switch extend {
- case ali:
+ switch extend.PublicKey() {
+ case ali.PublicKey():
p = pali
- case bob:
+ case bob.PublicKey():
p = pbob
- case che:
+ case che.PublicKey():
p = pche
default:
panic(extend)
diff --git a/runtimes/google/ipc/full_test.go b/runtimes/google/ipc/full_test.go
index 9bab076..5c5e3fb 100644
--- a/runtimes/google/ipc/full_test.go
+++ b/runtimes/google/ipc/full_test.go
@@ -539,8 +539,8 @@
t.Errorf(`%s: client.StartCall: got error "%v", want to match "%v"`, name, err, test.err)
} else if call != nil {
blessings, proof := call.RemoteBlessings()
- if proof == nil {
- t.Errorf("%s: Returned nil for remote blessings", name)
+ if proof.IsZero() {
+ t.Errorf("%s: Returned zero value for remote blessings", name)
}
// Currently all tests are configured so that the only
// blessings presented by the server that are
@@ -778,7 +778,7 @@
startErrID, finishErrID verror.IDAction
blessing, starterr, finisherr string
}{
- {blessing: "<nil>"},
+ {blessing: ""},
{granter: granter{b: bless(pclient, pserver, "blessed")}, blessing: "client/blessed"},
{granter: granter{err: errors.New("hell no")}, startErrID: verror.ErrNotTrusted, starterr: "hell no"},
{granter: granter{b: pclient.BlessingStore().Default()}, finishErrID: verror.ErrNoAccess, finisherr: "blessing granted not bound to this server"},
@@ -1086,7 +1086,7 @@
// own blessings to share.
pclient.AddToRoots(pserver.BlessingStore().Default())
// tsecurity.NewPrincipal sets up a principal that shares blessings with all servers, undo that.
- pclient.BlessingStore().Set(nil, security.AllPrincipals)
+ pclient.BlessingStore().Set(security.Blessings{}, security.AllPrincipals)
for _, test := range tests {
name := fmt.Sprintf("%q.%s(%v) by %v", test.name, test.method, test.args, test.blessings)
diff --git a/runtimes/google/ipc/server.go b/runtimes/google/ipc/server.go
index 09b70b3..06c6404 100644
--- a/runtimes/google/ipc/server.go
+++ b/runtimes/google/ipc/server.go
@@ -210,11 +210,10 @@
s.listenerOpts = append(s.listenerOpts, dc)
s.listenerOpts = append(s.listenerOpts, vc.DialContext{ctx})
blessingsStatsName := naming.Join(statsPrefix, "security", "blessings")
- if blessings != nil {
- // TODO(caprita): revist printing the blessings with %s, and
- // instead expose them as a list.
- stats.NewString(blessingsStatsName).Set(fmt.Sprintf("%s", blessings))
- } else if principal != nil { // principal should have been passed in, but just in case.
+ // TODO(caprita): revist printing the blessings with %s, and
+ // instead expose them as a list.
+ stats.NewString(blessingsStatsName).Set(fmt.Sprintf("%s", blessings))
+ if principal != nil { // principal should have been passed in, but just in case.
stats.NewStringFunc(blessingsStatsName, func() string {
return fmt.Sprintf("%s (default)", principal.BlessingStore().Default())
})
@@ -1162,7 +1161,7 @@
// the server's identity as the blessing. Figure out what we want to do about
// this - should servers be able to assume that a blessing is something that
// does not have the authorizations that the server's own identity has?
- if blessings != nil && !reflect.DeepEqual(blessings.PublicKey(), fs.flow.LocalPrincipal().PublicKey()) {
+ if blessings.PublicKey() != nil && !reflect.DeepEqual(blessings.PublicKey(), fs.flow.LocalPrincipal().PublicKey()) {
return verror.New(verror.ErrNoAccess, fs.T, fmt.Sprintf("blessing granted not bound to this server(%v vs %v)", blessings.PublicKey(), fs.flow.LocalPrincipal().PublicKey()))
}
fs.clientBlessings, err = serverDecodeBlessings(fs.flow.VCDataCache(), req.Blessings, fs.server.stats)
@@ -1174,9 +1173,7 @@
fs.server.streamMgr.ShutdownEndpoint(fs.RemoteEndpoint())
return verror.New(verror.ErrBadProtocol, fs.T, newErrBadBlessingsCache(fs.T, err))
}
- if fs.clientBlessings != nil {
- fs.ackBlessings = true
- }
+ fs.ackBlessings = true
for _, d := range req.Discharges {
dis := security.NewDischarge(d)
@@ -1291,7 +1288,7 @@
}
func (fs *flowServer) RemoteBlessings() security.Blessings {
//nologcall
- if fs.clientBlessings != nil {
+ if !fs.clientBlessings.IsZero() {
return fs.clientBlessings
}
return fs.flow.RemoteBlessings()
diff --git a/runtimes/google/ipc/stream/vc/auth.go b/runtimes/google/ipc/stream/vc/auth.go
index e7c12f2..b8d8bfa 100644
--- a/runtimes/google/ipc/stream/vc/auth.go
+++ b/runtimes/google/ipc/stream/vc/auth.go
@@ -33,8 +33,8 @@
// returns the blessings used to authenticate the client.
func AuthenticateAsServer(conn io.ReadWriteCloser, principal security.Principal, server security.Blessings, dc DischargeClient, crypter crypto.Crypter, v version.IPCVersion) (client security.Blessings, clientDischarges map[string]security.Discharge, err error) {
defer conn.Close()
- if server == nil {
- return nil, nil, errors.New("no blessings to present as a server")
+ if server.IsZero() {
+ return security.Blessings{}, nil, errors.New("no blessings to present as a server")
}
var discharges []security.Discharge
if tpcavs := server.ThirdPartyCaveats(); len(tpcavs) > 0 && dc != nil {
@@ -76,8 +76,9 @@
Context: ctx,
}))
client = principal.BlessingStore().ForPeer(serverB...)
- if client == nil {
- return nil, nil, nil, NewErrNoBlessingsForPeer(ctx, serverB, invalidB)
+ if client.IsZero() {
+ err = NewErrNoBlessingsForPeer(ctx, serverB, invalidB)
+ return
}
var discharges []security.Discharge
if dc != nil {
@@ -132,21 +133,22 @@
func readBlessings(r io.Reader, tag []byte, crypter crypto.Crypter, v version.IPCVersion) (security.Blessings, map[string]security.Discharge, error) {
var msg []byte
+ var noBlessings security.Blessings
dec, err := vom.NewDecoder(r)
if err != nil {
- return nil, nil, fmt.Errorf("failed to create new decoder: %v", err)
+ return noBlessings, nil, fmt.Errorf("failed to create new decoder: %v", err)
}
if err := dec.Decode(&msg); err != nil {
- return nil, nil, fmt.Errorf("failed to read handshake message: %v", err)
+ return noBlessings, nil, fmt.Errorf("failed to read handshake message: %v", err)
}
buf, err := crypter.Decrypt(iobuf.NewSlice(msg))
if err != nil {
- return nil, nil, err
+ return noBlessings, nil, err
}
defer buf.Release()
dec, err = vom.NewDecoder(bytes.NewReader(buf.Contents))
if err != nil {
- return nil, nil, fmt.Errorf("failed to create new decoder: %v", err)
+ return noBlessings, nil, fmt.Errorf("failed to create new decoder: %v", err)
}
var (
@@ -154,16 +156,16 @@
sig security.Signature
)
if err = dec.Decode(&sig); err != nil {
- return nil, nil, err
+ return noBlessings, nil, err
}
if err = dec.Decode(&wireb); err != nil {
- return nil, nil, err
+ return noBlessings, nil, err
}
var discharges map[string]security.Discharge
if v >= version.IPCVersion7 {
var wired []security.WireDischarge
if err = dec.Decode(&wired); err != nil {
- return nil, nil, err
+ return noBlessings, nil, err
}
if len(wired) > 0 {
discharges = make(map[string]security.Discharge)
@@ -175,7 +177,7 @@
} else if v >= version.IPCVersion5 {
var list []security.Discharge
if err = dec.Decode(&list); err != nil {
- return nil, nil, err
+ return noBlessings, nil, err
}
if len(list) > 0 {
discharges = make(map[string]security.Discharge)
@@ -186,13 +188,10 @@
}
blessings, err := security.NewBlessings(wireb)
if err != nil {
- return nil, nil, err
- }
- if blessings == nil {
- return nil, nil, errNoCertificatesReceived
+ return noBlessings, nil, err
}
if !sig.Verify(blessings.PublicKey(), append(tag, crypter.ChannelBinding()...)) {
- return nil, nil, errInvalidSignatureInMessage
+ return noBlessings, nil, errInvalidSignatureInMessage
}
return blessings, discharges, nil
}
diff --git a/runtimes/google/ipc/stream/vc/init.go b/runtimes/google/ipc/stream/vc/init.go
index efa0cab..bf322fa 100644
--- a/runtimes/google/ipc/stream/vc/init.go
+++ b/runtimes/google/ipc/stream/vc/init.go
@@ -35,7 +35,7 @@
}
func (s *anonymousBlessingStore) Set(security.Blessings, security.BlessingPattern) (security.Blessings, error) {
- return nil, fmt.Errorf("cannot store blessings with an anonymous principal")
+ return security.Blessings{}, fmt.Errorf("cannot store blessings with an anonymous principal")
}
func (s *anonymousBlessingStore) ForPeer(...string) security.Blessings {
diff --git a/runtimes/google/ipc/stream/vc/listener_test.go b/runtimes/google/ipc/stream/vc/listener_test.go
index 6cabc70..1d81edd 100644
--- a/runtimes/google/ipc/stream/vc/listener_test.go
+++ b/runtimes/google/ipc/stream/vc/listener_test.go
@@ -22,8 +22,8 @@
// Other stream.Flow methods
func (*noopFlow) LocalPrincipal() security.Principal { return nil }
-func (*noopFlow) LocalBlessings() security.Blessings { return nil }
-func (*noopFlow) RemoteBlessings() security.Blessings { return nil }
+func (*noopFlow) LocalBlessings() security.Blessings { return security.Blessings{} }
+func (*noopFlow) RemoteBlessings() security.Blessings { return security.Blessings{} }
func (*noopFlow) RemoteDischarges() map[string]security.Discharge { return nil }
func (*noopFlow) SetDeadline(<-chan struct{}) {}
func (*noopFlow) VCDataCache() stream.VCDataCache { return nil }
diff --git a/runtimes/google/ipc/stream/vc/vc.go b/runtimes/google/ipc/stream/vc/vc.go
index 5c45530..5c36305 100644
--- a/runtimes/google/ipc/stream/vc/vc.go
+++ b/runtimes/google/ipc/stream/vc/vc.go
@@ -511,7 +511,7 @@
if principal == nil {
principal = AnonymousPrincipal
}
- if lBlessings == nil {
+ if lBlessings.IsZero() {
lBlessings = principal.BlessingStore().Default()
}
case options.VCSecurityNone:
diff --git a/runtimes/google/ipc/stream/vc/vc_test.go b/runtimes/google/ipc/stream/vc/vc_test.go
index ef35895..7d5cf9d 100644
--- a/runtimes/google/ipc/stream/vc/vc_test.go
+++ b/runtimes/google/ipc/stream/vc/vc_test.go
@@ -87,10 +87,10 @@
if err != nil {
t.Fatal(err)
}
- if flow.RemoteBlessings() != nil {
+ if !flow.RemoteBlessings().IsZero() {
t.Errorf("Server sent blessing %v over insecure transport", flow.RemoteBlessings())
}
- if flow.LocalBlessings() != nil {
+ if !flow.LocalBlessings().IsZero() {
t.Errorf("Client sent blessing %v over insecure transport", flow.LocalBlessings())
}
}
@@ -131,7 +131,7 @@
if err != nil {
t.Fatal(err)
}
- client.BlessingStore().Set(nil, security.AllPrincipals)
+ client.BlessingStore().Set(security.Blessings{}, security.AllPrincipals)
client.BlessingStore().Set(forServer1, security.BlessingPattern("server1"))
client.BlessingStore().Set(forServer2, security.BlessingPattern("server2"))
diff --git a/runtimes/google/ipc/stream/vif/auth.go b/runtimes/google/ipc/stream/vif/auth.go
index f02d085..c280ebd 100644
--- a/runtimes/google/ipc/stream/vif/auth.go
+++ b/runtimes/google/ipc/stream/vif/auth.go
@@ -208,7 +208,7 @@
if principal == nil {
principal = vc.AnonymousPrincipal
}
- if lBlessings == nil {
+ if lBlessings.IsZero() {
lBlessings = principal.BlessingStore().Default()
}
case options.VCSecurityNone:
diff --git a/runtimes/google/naming/namespace/mount.go b/runtimes/google/naming/namespace/mount.go
index 844baed..4d3f993 100644
--- a/runtimes/google/naming/namespace/mount.go
+++ b/runtimes/google/naming/namespace/mount.go
@@ -65,7 +65,7 @@
// process.
p := v23.GetPrincipal(ctx)
b := p.BlessingStore().Default()
- if b == nil {
+ if b.IsZero() {
return fmt.Errorf("must provide a MountedServerBlessingsOpt")
}
for str, _ := range p.BlessingsInfo(b) {
diff --git a/runtimes/google/rt/ipc_test.go b/runtimes/google/rt/ipc_test.go
index ff80214..6b582f7 100644
--- a/runtimes/google/rt/ipc_test.go
+++ b/runtimes/google/rt/ipc_test.go
@@ -225,7 +225,7 @@
// Setup up the client's blessing store so that it can talk to the server.
rootClient := mkBlessings(root.NewBlessings(pclient, "client"))
- if _, err := pclient.BlessingStore().Set(nil, security.AllPrincipals); err != nil {
+ if _, err := pclient.BlessingStore().Set(security.Blessings{}, security.AllPrincipals); err != nil {
t.Fatal(err)
}
if _, err := pclient.BlessingStore().Set(rootClient, "root/server"); err != nil {
diff --git a/runtimes/google/rt/rt_test.go b/runtimes/google/rt/rt_test.go
index 3119e49..19db102 100644
--- a/runtimes/google/rt/rt_test.go
+++ b/runtimes/google/rt/rt_test.go
@@ -41,11 +41,11 @@
if p.BlessingStore() == nil {
t.Fatalf("The principal must have a BlessingStore")
}
- if p.BlessingStore().Default() == nil {
- t.Errorf("Principal().BlessingStore().Default() should not be nil")
+ if p.BlessingStore().Default().IsZero() {
+ t.Errorf("Principal().BlessingStore().Default() should not be the zero value")
}
- if p.BlessingStore().ForPeer() == nil {
- t.Errorf("Principal().BlessingStore().ForPeer() should not be nil")
+ if p.BlessingStore().ForPeer().IsZero() {
+ t.Errorf("Principal().BlessingStore().ForPeer() should not be the zero value")
}
}
@@ -92,14 +92,10 @@
if p == nil {
return fmt.Errorf("nil principal")
}
- blessings := p.BlessingStore().Default()
- if blessings == nil {
- return fmt.Errorf("rt.Principal().BlessingStore().Default() returned nil")
- }
ctx := security.NewContext(&security.ContextParams{LocalPrincipal: p})
- validBlessings, err := blessings.ForContext(ctx)
- if n := len(validBlessings); n != 1 {
- return fmt.Errorf("rt.Principal().BlessingStore().Default() returned Blessing %v with %d recognized blessings, want exactly one recognized blessing: %v", blessings, n, err)
+ blessings, rejected := p.BlessingStore().Default().ForContext(ctx)
+ if n := len(blessings); n != 1 {
+ return fmt.Errorf("rt.Principal().BlessingStore().Default() return blessings:%v (rejected:%v), want exactly one recognized blessing", blessings, rejected)
}
return nil
}
diff --git a/runtimes/google/testing/mocks/ipc/simple_client.go b/runtimes/google/testing/mocks/ipc/simple_client.go
index 0eeae54..40442d7 100644
--- a/runtimes/google/testing/mocks/ipc/simple_client.go
+++ b/runtimes/google/testing/mocks/ipc/simple_client.go
@@ -116,7 +116,7 @@
// RemoteBlessings implements ipc.Call
func (*mockCall) RemoteBlessings() ([]string, security.Blessings) {
- return []string{}, nil
+ return []string{}, security.Blessings{}
}
//mockStream implements ipc.Stream
diff --git a/security/agent/agent_test.go b/security/agent/agent_test.go
index dbb7226..821033b 100644
--- a/security/agent/agent_test.go
+++ b/security/agent/agent_test.go
@@ -183,8 +183,8 @@
func runDefaultBenchmark(b *testing.B, p security.Principal) {
b.ResetTimer()
for i := 0; i < b.N; i++ {
- if d := p.BlessingStore().Default(); d == nil {
- b.Fatal("nil")
+ if d := p.BlessingStore().Default(); d.IsZero() {
+ b.Fatal("empty blessings")
}
}
}
diff --git a/security/agent/cache/cache_test.go b/security/agent/cache/cache_test.go
index 2093f29..9025fb2 100644
--- a/security/agent/cache/cache_test.go
+++ b/security/agent/cache/cache_test.go
@@ -191,6 +191,7 @@
func TestSet(t *testing.T) {
p := tsecurity.NewPrincipal("bob")
store, cache := createStore(p)
+ var noBlessings security.Blessings
bob := store.Default()
alice, err := p.BlessSelf("alice")
@@ -199,35 +200,31 @@
}
john := tsecurity.NewPrincipal("john").BlessingStore().Default()
- store.Set(nil, "...")
- blessings, err := cache.Set(bob, "bob")
- if err != nil {
+ store.Set(noBlessings, "...")
+ if _, err := cache.Set(bob, "bob"); err != nil {
t.Errorf("Set() failed: %v", err)
}
- if blessings != nil {
- t.Errorf("Got unexpected previous blessings %v", blessings)
- }
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(bob, got) {
t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, bob)
}
- blessings, err = cache.Set(nil, "bob")
+ blessings, err := cache.Set(noBlessings, "bob")
if err != nil {
t.Errorf("Set() failed: %v", err)
}
if !reflect.DeepEqual(bob, blessings) {
t.Errorf("Previous blessings %v, wanted %v", blessings, bob)
}
- if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(nil, got) {
- t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, nil)
+ if got, want := cache.ForPeer("bob/server"), (security.Blessings{}); !reflect.DeepEqual(want, got) {
+ t.Errorf("ForPeer(bob/server) got: %v, want: %v", got, want)
}
blessings, err = cache.Set(john, "john")
if err == nil {
t.Errorf("No error from set")
}
- if got := cache.ForPeer("john/server"); got != nil {
+ if got := cache.ForPeer("john/server"); got.PublicKey() != nil {
t.Errorf("ForPeer(john/server) got: %v, want: %v", got, nil)
}
@@ -235,16 +232,10 @@
if err != nil {
t.Errorf("Set() failed: %v", err)
}
- if blessings != nil {
- t.Errorf("Got unexpected previous blessings %v", blessings)
- }
blessings, err = cache.Set(alice, "bob")
if err != nil {
t.Errorf("Set() failed: %v", err)
}
- if blessings != nil {
- t.Errorf("Got unexpected previous blessings %v", blessings)
- }
expected, err := security.UnionOfBlessings(bob, alice)
if err != nil {
@@ -265,7 +256,7 @@
t.Fatalf("BlessSelf failed: %v", err)
}
- store.Set(nil, "...")
+ store.Set(security.Blessings{}, "...")
store.Set(bob, "bob")
if got := cache.ForPeer("bob/server"); !reflect.DeepEqual(bob, got) {
diff --git a/security/agent/client.go b/security/agent/client.go
index e32e886..6209b7f 100644
--- a/security/agent/client.go
+++ b/security/agent/client.go
@@ -108,20 +108,18 @@
var blessings security.WireBlessings
marshalledKey, err := key.MarshalBinary()
if err != nil {
- return nil, err
+ return security.Blessings{}, err
}
- err = c.caller.call("Bless", results(&blessings), marshalledKey, security.MarshalBlessings(with), extension, caveat, additionalCaveats)
- if err != nil {
- return nil, err
+ if err = c.caller.call("Bless", results(&blessings), marshalledKey, security.MarshalBlessings(with), extension, caveat, additionalCaveats); err != nil {
+ return security.Blessings{}, err
}
return security.NewBlessings(blessings)
}
func (c *client) BlessSelf(name string, caveats ...security.Caveat) (security.Blessings, error) {
var blessings security.WireBlessings
- err := c.caller.call("BlessSelf", results(&blessings), name, caveats)
- if err != nil {
- return nil, err
+ if err := c.caller.call("BlessSelf", results(&blessings), name, caveats); err != nil {
+ return security.Blessings{}, err
}
return security.NewBlessings(blessings)
}
@@ -189,9 +187,8 @@
func (b *blessingStore) Set(blessings security.Blessings, forPeers security.BlessingPattern) (security.Blessings, error) {
var resultBlessings security.WireBlessings
- err := b.caller.call("BlessingStoreSet", results(&resultBlessings), security.MarshalBlessings(blessings), forPeers)
- if err != nil {
- return nil, err
+ if err := b.caller.call("BlessingStoreSet", results(&resultBlessings), security.MarshalBlessings(blessings), forPeers); err != nil {
+ return security.Blessings{}, err
}
return security.NewBlessings(resultBlessings)
}
@@ -201,12 +198,12 @@
err := b.caller.call("BlessingStoreForPeer", results(&resultBlessings), peerBlessings)
if err != nil {
vlog.Errorf("error calling BlessingStoreForPeer: %v", err)
- return nil
+ return security.Blessings{}
}
blessings, err := security.NewBlessings(resultBlessings)
if err != nil {
vlog.Errorf("error creating Blessings from WireBlessings: %v", err)
- return nil
+ return security.Blessings{}
}
return blessings
}
@@ -220,12 +217,11 @@
err := b.caller.call("BlessingStoreDefault", results(&resultBlessings))
if err != nil {
vlog.Errorf("error calling BlessingStoreDefault: %v", err)
- return nil
+ return security.Blessings{}
}
blessings, err := security.NewBlessings(resultBlessings)
if err != nil {
vlog.Errorf("error creating Blessing from WireBlessings: %v", err)
- return nil
}
return blessings
}
diff --git a/security/agent/test_principal/main.go b/security/agent/test_principal/main.go
index c5126f3..f69c3d9 100644
--- a/security/agent/test_principal/main.go
+++ b/security/agent/test_principal/main.go
@@ -85,11 +85,11 @@
errorf("Roots().Recognized: %v", err)
}
// BlessingStore: Defaults
- if err := p.BlessingStore().SetDefault(nil); err != nil {
+ if err := p.BlessingStore().SetDefault(security.Blessings{}); err != nil {
errorf("BlessingStore().SetDefault: %v", err)
}
- if def := p.BlessingStore().Default(); def != nil {
- errorf("BlessingStore().Default returned %v, want nil", def)
+ if def := p.BlessingStore().Default(); !def.IsZero() {
+ errorf("BlessingStore().Default returned %v, want empty", def)
}
if err := p.BlessingStore().SetDefault(b); err != nil {
errorf("BlessingStore().SetDefault: %v", err)
@@ -99,13 +99,13 @@
}
// BlessingStore: Set & ForPeer
// First, clear out the self-generated default of the blessing store.
- if _, err := p.BlessingStore().Set(nil, security.AllPrincipals); err != nil {
+ if _, err := p.BlessingStore().Set(security.Blessings{}, security.AllPrincipals); err != nil {
errorf("BlessingStore().Set(nil, %q): %v", security.AllPrincipals, err)
}
- if forpeer := p.BlessingStore().ForPeer("superman/friend"); forpeer != nil {
+ if forpeer := p.BlessingStore().ForPeer("superman/friend"); !forpeer.IsZero() {
errorf("BlessingStore().ForPeer unexpectedly returned %v", forpeer)
}
- if old, err := p.BlessingStore().Set(b, "superman"); old != nil || err != nil {
+ if old, err := p.BlessingStore().Set(b, "superman"); err != nil {
errorf("BlessingStore().Set returned (%v, %v)", old, err)
}
if forpeer := p.BlessingStore().ForPeer("superman/friend"); !reflect.DeepEqual(forpeer, b) {
diff --git a/security/audit/principal.go b/security/audit/principal.go
index f1095b8..abc88f3 100644
--- a/security/audit/principal.go
+++ b/security/audit/principal.go
@@ -21,10 +21,12 @@
type args []interface{}
+var noBlessings security.Blessings
+
func (p *auditingPrincipal) Bless(key security.PublicKey, with security.Blessings, extension string, caveat security.Caveat, additionalCaveats ...security.Caveat) (security.Blessings, error) {
blessings, err := p.principal.Bless(key, with, extension, caveat, additionalCaveats...)
if err = p.audit(err, "Bless", addCaveats(args{key, with, extension, caveat}, additionalCaveats...), blessings); err != nil {
- return nil, err
+ return noBlessings, err
}
return blessings, nil
}
@@ -32,7 +34,7 @@
func (p *auditingPrincipal) BlessSelf(name string, caveats ...security.Caveat) (security.Blessings, error) {
blessings, err := p.principal.BlessSelf(name, caveats...)
if err = p.audit(err, "BlessSelf", addCaveats(args{name}, caveats...), blessings); err != nil {
- return nil, err
+ return noBlessings, err
}
return blessings, nil
}
diff --git a/security/blessingstore.go b/security/blessingstore.go
index a683dd8..cb9eed5 100644
--- a/security/blessingstore.go
+++ b/security/blessingstore.go
@@ -18,26 +18,30 @@
type blessings struct {
Value security.WireBlessings
- unmarshaled security.Blessings
+ unmarshaled *security.Blessings
}
func (w *blessings) Blessings() security.Blessings {
if w == nil {
- return nil
+ return security.Blessings{}
}
- return w.unmarshaled
+ return *w.unmarshaled
}
func (w *blessings) Verify() error {
- var err error
- if w.unmarshaled == nil {
- w.unmarshaled, err = security.NewBlessings(w.Value)
+ if w.unmarshaled != nil {
+ return nil
}
- return err
+ b, err := security.NewBlessings(w.Value)
+ if err != nil {
+ return err
+ }
+ w.unmarshaled = &b
+ return nil
}
func newWireBlessings(b security.Blessings) *blessings {
- return &blessings{Value: security.MarshalBlessings(b), unmarshaled: b}
+ return &blessings{Value: security.MarshalBlessings(b), unmarshaled: &b}
}
type state struct {
@@ -62,15 +66,15 @@
func (bs *blessingStore) Set(blessings security.Blessings, forPeers security.BlessingPattern) (security.Blessings, error) {
if !forPeers.IsValid() {
- return nil, fmt.Errorf("%q is an invalid BlessingPattern", forPeers)
+ return security.Blessings{}, fmt.Errorf("%q is an invalid BlessingPattern", forPeers)
}
- if blessings != nil && !reflect.DeepEqual(blessings.PublicKey(), bs.publicKey) {
- return nil, errStoreAddMismatch
+ if !blessings.IsZero() && !reflect.DeepEqual(blessings.PublicKey(), bs.publicKey) {
+ return security.Blessings{}, errStoreAddMismatch
}
bs.mu.Lock()
defer bs.mu.Unlock()
old, hadold := bs.state.Store[forPeers]
- if blessings != nil {
+ if !blessings.IsZero() {
bs.state.Store[forPeers] = newWireBlessings(blessings)
} else {
delete(bs.state.Store, forPeers)
@@ -81,7 +85,7 @@
} else {
delete(bs.state.Store, forPeers)
}
- return nil, err
+ return security.Blessings{}, err
}
return old.Blessings(), nil
}
@@ -116,7 +120,7 @@
func (bs *blessingStore) SetDefault(blessings security.Blessings) error {
bs.mu.Lock()
defer bs.mu.Unlock()
- if blessings != nil && !reflect.DeepEqual(blessings.PublicKey(), bs.publicKey) {
+ if !blessings.IsZero() && !reflect.DeepEqual(blessings.PublicKey(), bs.publicKey) {
return errStoreAddMismatch
}
oldDefault := bs.state.Default
@@ -218,7 +222,7 @@
if err := wb.Verify(); err != nil {
return err
}
- if b := wb.Blessings(); b != nil && !reflect.DeepEqual(b.PublicKey(), key) {
+ if b := wb.Blessings(); !reflect.DeepEqual(b.PublicKey(), key) {
return fmt.Errorf("read Blessings: %v that are not for provided PublicKey: %v", b, key)
}
return nil
diff --git a/security/blessingstore_test.go b/security/blessingstore_test.go
index f855419..a441bf0 100644
--- a/security/blessingstore_test.go
+++ b/security/blessingstore_test.go
@@ -50,12 +50,11 @@
if got := s.Default(); !reflect.DeepEqual(got, currentDefault) {
return fmt.Errorf("Default(): got: %v, want: %v", got, currentDefault)
}
- // SetDefault(nil)
- if err := s.SetDefault(nil); err != nil {
- return fmt.Errorf("SetDefault(nil): %v", err)
+ if err := s.SetDefault(security.Blessings{}); err != nil {
+ return fmt.Errorf("SetDefault({}): %v", err)
}
- if got := s.Default(); got != nil {
- return fmt.Errorf("Default returned %v, want nil", got)
+ if got := s.Default(); !got.IsZero() {
+ return fmt.Errorf("Default returned %v, wanted empty", got)
}
if err := s.SetDefault(t.def); err != nil {
return fmt.Errorf("SetDefault(%v): %v", t.def, err)
@@ -188,6 +187,7 @@
alice = blessSelf(p, "alice")
bob = blessSelf(p, "bob")
s = p.BlessingStore()
+ empty security.Blessings
)
// {alice, bob} is shared with "alice", whilst {bob} is shared with "alice/tv"
if _, err := s.Set(alice, "alice/$"); err != nil {
@@ -205,7 +205,7 @@
// Clear out the blessing associated with "alice".
// Now, bob should be shared with both alice and alice/friend.
- if _, err := s.Set(nil, "alice/$"); err != nil {
+ if _, err := s.Set(empty, "alice/$"); err != nil {
t.Fatal(err)
}
if got, want := s.ForPeer("alice"), bob; !reflect.DeepEqual(got, want) {
@@ -216,7 +216,7 @@
}
// Clearing out an association that doesn't exist should have no effect.
- if _, err := s.Set(nil, "alice/enemy/$"); err != nil {
+ if _, err := s.Set(empty, "alice/enemy/$"); err != nil {
t.Fatal(err)
}
if got, want := s.ForPeer("alice"), bob; !reflect.DeepEqual(got, want) {
@@ -227,14 +227,14 @@
}
// Clear everything
- if _, err := s.Set(nil, "alice"); err != nil {
+ if _, err := s.Set(empty, "alice"); err != nil {
t.Fatal(err)
}
- if got := s.ForPeer("alice"); got != nil {
- t.Errorf("Got %v, want nil", got)
+ if got := s.ForPeer("alice"); !got.IsZero() {
+ t.Errorf("Got %v, want empty", got)
}
- if got := s.ForPeer("alice/friend"); got != nil {
- t.Errorf("Got %v, want nil", got)
+ if got := s.ForPeer("alice/friend"); !got.IsZero() {
+ t.Errorf("Got %v, want empty", got)
}
}
@@ -247,10 +247,11 @@
alice = blessSelf(p, "alice")
bob = blessSelf(p, "bob")
s = p.BlessingStore()
+ empty security.Blessings
)
- if old, err := s.Set(alice, security.AllPrincipals); old != nil || err != nil {
- t.Errorf("Got (%v, %v)", old, err)
+ if old, err := s.Set(alice, security.AllPrincipals); !reflect.DeepEqual(old, empty) || err != nil {
+ t.Errorf("Got (%v, %v), want (%v, nil)", old, err)
}
if old, err := s.Set(alice, security.AllPrincipals); !reflect.DeepEqual(old, alice) || err != nil {
t.Errorf("Got (%v, %v) want (%v, nil)", old, err, alice)
@@ -258,7 +259,7 @@
if old, err := s.Set(bob, security.AllPrincipals); !reflect.DeepEqual(old, alice) || err != nil {
t.Errorf("Got (%v, %v) want (%v, nil)", old, err, alice)
}
- if old, err := s.Set(nil, security.AllPrincipals); !reflect.DeepEqual(old, bob) || err != nil {
+ if old, err := s.Set(empty, security.AllPrincipals); !reflect.DeepEqual(old, bob) || err != nil {
t.Errorf("Got (%v, %v) want (%v, nil)", old, err, bob)
}
}
diff --git a/security/testutil_test.go b/security/testutil_test.go
index 973d753..1b07c49 100644
--- a/security/testutil_test.go
+++ b/security/testutil_test.go
@@ -26,7 +26,7 @@
panic(err)
}
if len(selfblessings) == 0 {
- return p, nil
+ return p, security.Blessings{}
}
var def security.Blessings
for _, str := range selfblessings {
diff --git a/services/mgmt/device/impl/app_service.go b/services/mgmt/device/impl/app_service.go
index 909d27b..3bea982 100644
--- a/services/mgmt/device/impl/app_service.go
+++ b/services/mgmt/device/impl/app_service.go
@@ -471,10 +471,10 @@
if err := mkdir(pkgDir); err != nil {
return "", verror.New(ErrOperationFailed, nil)
}
- // We use a nil publisher, meaning that any signatures present in the
+ // We use a zero value publisher, meaning that any signatures present in the
// package files are not verified.
// TODO(caprita): Issue warnings when signatures are present and ignored.
- if err := downloadPackages(call.Context(), nil, packages, pkgDir); err != nil {
+ if err := downloadPackages(call.Context(), security.Blessings{}, packages, pkgDir); err != nil {
return "", err
}
if _, err := newVersion(call.Context(), installationDir, envelope, ""); err != nil {
@@ -592,7 +592,7 @@
// Take the blessings conferred upon us by the Start-er, extend them
// with the app title.
grantedBlessings := call.Blessings()
- if grantedBlessings == nil {
+ if grantedBlessings.IsZero() {
return verror.New(ErrInvalidBlessing, nil)
}
// TODO(caprita): Revisit UnconstrainedUse.
diff --git a/services/mgmt/device/impl/claim.go b/services/mgmt/device/impl/claim.go
index a2af1b0..8c57d12 100644
--- a/services/mgmt/device/impl/claim.go
+++ b/services/mgmt/device/impl/claim.go
@@ -38,7 +38,7 @@
principal = ctx.LocalPrincipal()
store = principal.BlessingStore()
)
- if granted == nil {
+ if granted.IsZero() {
return verror.New(ErrInvalidBlessing, ctx.Context())
}
c.mu.Lock()
diff --git a/services/mgmt/device/impl/util.go b/services/mgmt/device/impl/util.go
index ade3572..63ecb34 100644
--- a/services/mgmt/device/impl/util.go
+++ b/services/mgmt/device/impl/util.go
@@ -29,7 +29,7 @@
)
func verifySignature(data []byte, publisher security.Blessings, sig security.Signature) error {
- if publisher != nil {
+ if !publisher.IsZero() {
h := sha256.Sum256(data)
if !sig.Verify(publisher.PublicKey(), h[:]) {
return verror.New(ErrOperationFailed, nil)
diff --git a/services/mounttable/lib/mounttable.go b/services/mounttable/lib/mounttable.go
index 0c4a192..b8e5357 100644
--- a/services/mounttable/lib/mounttable.go
+++ b/services/mounttable/lib/mounttable.go
@@ -167,15 +167,11 @@
return nil
}
// "Self-RPCs" are always authorized.
- if l, r := ctx.LocalBlessings(), ctx.RemoteBlessings(); l != nil && r != nil && reflect.DeepEqual(l.PublicKey(), r.PublicKey()) {
+ if l, r := ctx.LocalBlessings().PublicKey(), ctx.RemoteBlessings().PublicKey(); l != nil && reflect.DeepEqual(l, r) {
return nil
}
// Match client's blessings against the ACLs.
- var blessings []string
- var invalidB []security.RejectedBlessing
- if ctx.RemoteBlessings() != nil {
- blessings, invalidB = ctx.RemoteBlessings().ForContext(ctx)
- }
+ blessings, invalidB := ctx.RemoteBlessings().ForContext(ctx)
for _, tag := range tags {
if acl, exists := n.acls.GetACLForTag(string(tag)); exists && acl.Includes(blessings...) {
return nil
@@ -208,11 +204,7 @@
return nil
}
// Match client's blessings against the ACLs.
- var blessings []string
- var invalidB []security.RejectedBlessing
- if ctx.RemoteBlessings() != nil {
- blessings, invalidB = ctx.RemoteBlessings().ForContext(ctx)
- }
+ blessings, invalidB := ctx.RemoteBlessings().ForContext(ctx)
for _, tag := range tags {
if acl, exists := n.amTemplate[string(tag)]; exists && expand(&acl, name).Includes(blessings...) {
return nil
@@ -231,10 +223,7 @@
return nil
}
acls := cur.acls.Copy()
- var blessings []string
- if ctx.RemoteBlessings() != nil {
- blessings, _ = ctx.RemoteBlessings().ForContext(ctx)
- }
+ blessings, _ := ctx.RemoteBlessings().ForContext(ctx)
for _, b := range blessings {
acls.Add(security.BlessingPattern(b), string(mounttable.Admin))
}
diff --git a/services/wsprd/app/app.go b/services/wsprd/app/app.go
index 3ddbf3c..26d1c07 100644
--- a/services/wsprd/app/app.go
+++ b/services/wsprd/app/app.go
@@ -13,6 +13,10 @@
"time"
vsecurity "v.io/core/veyron/security"
+ "v.io/core/veyron/services/wsprd/ipc/server"
+ "v.io/core/veyron/services/wsprd/lib"
+ "v.io/core/veyron/services/wsprd/namespace"
+ "v.io/core/veyron/services/wsprd/principal"
"v.io/v23"
"v.io/v23/context"
"v.io/v23/ipc"
@@ -25,10 +29,6 @@
"v.io/v23/vlog"
"v.io/v23/vom"
"v.io/v23/vtrace"
- "v.io/core/veyron/services/wsprd/ipc/server"
- "v.io/core/veyron/services/wsprd/lib"
- "v.io/core/veyron/services/wsprd/namespace"
- "v.io/core/veyron/services/wsprd/principal"
)
// pkgPath is the prefix os errors in this package.
@@ -383,7 +383,7 @@
return nil
}
func (l *localCall) Recv(interface{}) error { return nil }
-func (l *localCall) Blessings() security.Blessings { return nil }
+func (l *localCall) Blessings() security.Blessings { return security.Blessings{} }
func (l *localCall) Server() ipc.Server { return nil }
func (l *localCall) Context() *context.T { return l.ctx }
func (l *localCall) Timestamp() (t time.Time) { return }
@@ -393,8 +393,8 @@
func (l *localCall) Suffix() string { return "" }
func (l *localCall) RemoteDischarges() map[string]security.Discharge { return nil }
func (l *localCall) LocalPrincipal() security.Principal { return nil }
-func (l *localCall) LocalBlessings() security.Blessings { return nil }
-func (l *localCall) RemoteBlessings() security.Blessings { return nil }
+func (l *localCall) LocalBlessings() security.Blessings { return security.Blessings{} }
+func (l *localCall) RemoteBlessings() security.Blessings { return security.Blessings{} }
func (l *localCall) LocalEndpoint() naming.Endpoint { return nil }
func (l *localCall) RemoteEndpoint() naming.Endpoint { return nil }
func (l *localCall) VanadiumContext() *context.T { return l.ctx }
@@ -687,7 +687,7 @@
duration time.Duration,
extension string) (int32, string, error) {
var blessee security.Blessings
- if blessee = c.blessingsStore.Get(handle); blessee == nil {
+ if blessee = c.blessingsStore.Get(handle); blessee.IsZero() {
return 0, "", verror.New(invalidBlessingsHandle, nil)
}
diff --git a/services/wsprd/browspr/browspr_account_test.go b/services/wsprd/browspr/browspr_account_test.go
index 9eb94f7..e0d128c 100644
--- a/services/wsprd/browspr/browspr_account_test.go
+++ b/services/wsprd/browspr/browspr_account_test.go
@@ -79,7 +79,7 @@
}
// Verify that principalManager has the new account
- if b, err := browspr.principalManager.BlessingsForAccount(account1.RawString()); err != nil || b == nil {
+ if b, err := browspr.principalManager.BlessingsForAccount(account1.RawString()); err != nil || b.IsZero() {
t.Fatalf("Failed to get Blessings for account %v: got %v, %v", account1, b, err)
}
@@ -111,10 +111,10 @@
}
// Verify that principalManager has both accounts
- if b, err := browspr.principalManager.BlessingsForAccount(account1.RawString()); err != nil || b == nil {
+ if b, err := browspr.principalManager.BlessingsForAccount(account1.RawString()); err != nil || b.IsZero() {
t.Fatalf("Failed to get Blessings for account %v: got %v, %v", account1, b, err)
}
- if b, err := browspr.principalManager.BlessingsForAccount(account2.RawString()); err != nil || b == nil {
+ if b, err := browspr.principalManager.BlessingsForAccount(account2.RawString()); err != nil || b.IsZero() {
t.Fatalf("Failed to get Blessings for account %v: got %v, %v", account2, b, err)
}
}
diff --git a/services/wsprd/ipc/server/server.go b/services/wsprd/ipc/server/server.go
index a90527a..c3dc133 100644
--- a/services/wsprd/ipc/server/server.go
+++ b/services/wsprd/ipc/server/server.go
@@ -384,7 +384,7 @@
remoteEndpoint = ctx.RemoteEndpoint().String()
}
var localBlessings principal.BlessingsHandle
- if ctx.LocalBlessings() != nil {
+ if !ctx.LocalBlessings().IsZero() {
localBlessings = s.convertBlessingsToHandle(ctx.LocalBlessings())
}
anymtags := make([]*vdl.Value, len(ctx.MethodTags()))
diff --git a/services/wsprd/principal/js_blessings_store_test.go b/services/wsprd/principal/js_blessings_store_test.go
index 8fdee60..8daa97c 100644
--- a/services/wsprd/principal/js_blessings_store_test.go
+++ b/services/wsprd/principal/js_blessings_store_test.go
@@ -15,7 +15,7 @@
}
s.Remove(h)
- if got := s.Get(h); got != nil {
+ if got := s.Get(h); !got.IsZero() {
t.Fatalf("Get after removing: got: %v, want nil", got)
}
}
diff --git a/services/wsprd/principal/principal.go b/services/wsprd/principal/principal.go
index 23b5fdc..cf46168 100644
--- a/services/wsprd/principal/principal.go
+++ b/services/wsprd/principal/principal.go
@@ -244,7 +244,7 @@
wireBlessings, found := i.state.Accounts[account]
if !found {
- return nil, verror.New(errUnknownAccount, nil, account)
+ return security.Blessings{}, verror.New(errUnknownAccount, nil, account)
}
return security.NewBlessings(wireBlessings)
}
diff --git a/services/wsprd/principal/principal_test.go b/services/wsprd/principal/principal_test.go
index 147d150..9a26460 100644
--- a/services/wsprd/principal/principal_test.go
+++ b/services/wsprd/principal/principal_test.go
@@ -114,7 +114,7 @@
return fmt.Errorf("BlessingsForAccount(%v): got: %v, %v, want: %v, nil", t.facebookAccount, got, err, t.facebookBlessings)
}
nonExistingAccount := "nonExistingAccount"
- if got, err := m.BlessingsForAccount(nonExistingAccount); got != nil {
+ if got, err := m.BlessingsForAccount(nonExistingAccount); !got.IsZero() {
return fmt.Errorf("BlessingsForAccount(%v): got: %v, want nil", nonExistingAccount, got)
} else if merr := matchesError(err, "unknown account"); merr != nil {
return fmt.Errorf("BlessingsForAccount(%v) returned error: %v", nonExistingAccount, merr)
diff --git a/tools/principal/bless.go b/tools/principal/bless.go
index 7831729..3b4d851 100644
--- a/tools/principal/bless.go
+++ b/tools/principal/bless.go
@@ -24,7 +24,7 @@
func exchangeMacaroonForBlessing(ctx *context.T, macaroonChan <-chan string) (security.Blessings, error) {
service, macaroon, rootKey, err := prepareBlessArgs(ctx, macaroonChan)
if err != nil {
- return nil, err
+ return security.Blessings{}, err
}
ctx, cancel := context.WithTimeout(ctx, time.Minute)
@@ -36,11 +36,11 @@
// service is not a trusted root yet.
reply, err = identity.MacaroonBlesserClient(service).Bless(ctx, macaroon, options.SkipResolveAuthorization{}, options.ServerPublicKey{rootKey})
if err != nil {
- return nil, fmt.Errorf("failed to get blessing from %q: %v", service, err)
+ return security.Blessings{}, fmt.Errorf("failed to get blessing from %q: %v", service, err)
}
blessings, err := security.NewBlessings(reply)
if err != nil {
- return nil, fmt.Errorf("failed to construct Blessings object from response: %v", err)
+ return security.Blessings{}, fmt.Errorf("failed to construct Blessings object from response: %v", err)
}
return blessings, nil
}
diff --git a/tools/principal/main.go b/tools/principal/main.go
index 83d7c77..2d22948 100644
--- a/tools/principal/main.go
+++ b/tools/principal/main.go
@@ -8,7 +8,6 @@
"crypto/rand"
"crypto/subtle"
"encoding/base64"
- "errors"
"fmt"
"io"
"os"
@@ -747,14 +746,14 @@
func decodeBlessings(fname string) (security.Blessings, error) {
var wire security.WireBlessings
if err := decode(fname, &wire); err != nil {
- return nil, err
+ return security.Blessings{}, err
}
return security.NewBlessings(wire)
}
func dumpBlessings(blessings security.Blessings) error {
- if blessings == nil {
- return errors.New("no blessings found")
+ if blessings.IsZero() {
+ return fmt.Errorf("no blessings found")
}
str, err := base64VomEncode(security.MarshalBlessings(blessings))
if err != nil {
@@ -856,7 +855,7 @@
func (r *recvBlessingsService) Grant(call ipc.ServerCall, token string) error {
b := call.Blessings()
- if b == nil {
+ if b.IsZero() {
return fmt.Errorf("no blessings granted by sender")
}
if len(token) != len(r.token) {
@@ -906,7 +905,7 @@
// abort the RPC before sending the request to the server.
// Thus, there is no concern about leaking the token to an
// imposter server.
- return nil, fmt.Errorf("key mismatch: Remote end has public key %v, want %v", got, g.serverKey)
+ return security.Blessings{}, fmt.Errorf("key mismatch: Remote end has public key %v, want %v", got, g.serverKey)
}
return g.p.Bless(server.PublicKey(), g.with, g.extension, g.caveats[0], g.caveats[1:]...)
}
