Google Git
Sign in
vanadium / release.go.x.ref / 45c89556684b29cb40eb0b9d4c602cd7f9e6197a^! / .
commit45c89556684b29cb40eb0b9d4c602cd7f9e6197a[log] [tgz]
authorAsim Shankar <ashankar@google.com>Thu Sep 18 10:58:10 2014 -0700
committerAsim Shankar <ashankar@google.com>Thu Sep 18 10:58:11 2014 -0700
treed5d831cc1b37e7e0ec023bbe163dfc93305f5d91
parent693cec9f692a7774197b42955700cc834f80a343 [diff]
{veyron,veyron2}/security: Hack to get old identities working with new.

This is very hacky to allow VEYRON_IDENTITY files created before the
move to the veyron.io package-space to work with binaries built after.
We choose to live with this hack in order to keep backward compatibility
until we switch to the new security model later this month
(and thus incur backward incompatibility once).

Change-Id: I694aa9f48d769e2af26c3cd094747b2b559f131b

diff --git a/runtimes/google/rt/security.go b/runtimes/google/rt/security.go
index 09afd27..f3666c7 100644
--- a/runtimes/google/rt/security.go
+++ b/runtimes/google/rt/security.go

@@ -110,7 +110,12 @@
 		return nil, err
 	}
 	defer f.Close()
-	return vsecurity.LoadIdentity(f)
+	// TODO(ashankar): Hack. See comments in vsecurity.LoadIdentity.
+	hack, err := isecurity.NewPrivateID("hack", nil)
+	if err != nil {
+		return nil, err
+	}
+	return vsecurity.LoadIdentity(f, hack)
 }
 
 func (rt *vrt) connectToAgent() (security.PrivateID, error) {

diff --git a/security/util.go b/security/util.go
index 470fe4c..0a8f9bb 100644
--- a/security/util.go
+++ b/security/util.go

@@ -22,8 +22,16 @@
 
 // LoadIdentity reads a PrivateID from r, assuming that it was written using
 // SaveIdentity.
-func LoadIdentity(r io.Reader) (security.PrivateID, error) {
+//
+// TODO(ashankar): The extra arguments is a hack that is needed to keep identities
+// generated before the "veyron.io" code move working with binaries built after.
+// This hack should go away when we make the backward-incompatible change to the
+// new security API anyway.
+func LoadIdentity(r io.Reader, hack ...security.PrivateID) (security.PrivateID, error) {
 	var id security.PrivateID
+	if len(hack) > 0 {
+		id = hack[0]
+	}
 	if err := vom.NewDecoder(base64.NewDecoder(base64.URLEncoding, r)).Decode(&id); err != nil {
 		return nil, err
 	}

diff --git a/tools/identity/test.sh b/tools/identity/test.sh
index e7e76de..7f65ca2 100755
--- a/tools/identity/test.sh
+++ b/tools/identity/test.sh

@@ -40,7 +40,7 @@
   # To regenerate testdata:
   # identity generate "root" >testdata/root.id
   # identity generate "other" | VEYRON_IDENTITY=testdata/root.id identity bless - "blessed" >testdata/blessed.id
-  local -r TESTDATA_DIR="${VEYRON_ROOT}/veyron.io/veyron/veyron/go/src/veyron/tools/identity/testdata"
+  local -r TESTDATA_DIR="${VEYRON_ROOT}/veyron/go/src/veyron.io/veyron/veyron/tools/identity/testdata"
   GOT=$(VEYRON_IDENTITY="${TESTDATA_DIR}/root.id" ./identity print | awk '/Name/ {print $3}')
   WANT="root"
   if [ "${GOT}" != "${WANT}" ]; then