blob: af2818fdc09b30dc4fe6c74b789bda857a77d719 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package server
import (
"sync"
"time"
"v.io/v23/security"
"v.io/x/ref/services/agent/internal/ipc"
)
type agentd struct {
ipc *ipc.IPC
principal security.Principal
mu sync.RWMutex
}
// ServeAgent registers the agent server with 'ipc'.
// It will respond to requests using 'principal'.
// Must be called before ipc.Listen or ipc.Connect.
func ServeAgent(i *ipc.IPC, principal security.Principal) (err error) {
server := &agentd{ipc: i, principal: principal}
return i.Serve(server)
}
func (a *agentd) Bless(key []byte, with security.Blessings, extension string, caveat security.Caveat, additionalCaveats []security.Caveat) (security.Blessings, error) {
pkey, err := security.UnmarshalPublicKey(key)
if err != nil {
return security.Blessings{}, err
}
return a.principal.Bless(pkey, with, extension, caveat, additionalCaveats...)
}
func (a *agentd) BlessSelf(name string, caveats []security.Caveat) (security.Blessings, error) {
return a.principal.BlessSelf(name, caveats...)
}
func (a *agentd) Sign(message []byte) (security.Signature, error) {
return a.principal.Sign(message)
}
func (a *agentd) MintDischarge(forCaveat, caveatOnDischarge security.Caveat, additionalCaveatsOnDischarge []security.Caveat) (security.Discharge, error) {
return a.principal.MintDischarge(forCaveat, caveatOnDischarge, additionalCaveatsOnDischarge...)
}
func (a *agentd) unlock() {
a.mu.Unlock()
for _, conn := range a.ipc.Connections() {
go conn.Call("FlushAllCaches", nil)
}
}
func (a *agentd) PublicKey() ([]byte, error) {
return a.principal.PublicKey().MarshalBinary()
}
func (a *agentd) BlessingStoreSet(blessings security.Blessings, forPeers security.BlessingPattern) (security.Blessings, error) {
defer a.unlock()
a.mu.Lock()
return a.principal.BlessingStore().Set(blessings, forPeers)
}
func (a *agentd) BlessingStoreForPeer(peerBlessings []string) (security.Blessings, error) {
defer a.mu.RUnlock()
a.mu.RLock()
return a.principal.BlessingStore().ForPeer(peerBlessings...), nil
}
func (a *agentd) BlessingStoreSetDefault(blessings security.Blessings) error {
defer a.unlock()
a.mu.Lock()
return a.principal.BlessingStore().SetDefault(blessings)
}
func (a *agentd) BlessingStorePeerBlessings() (map[security.BlessingPattern]security.Blessings, error) {
defer a.mu.RUnlock()
a.mu.RLock()
return a.principal.BlessingStore().PeerBlessings(), nil
}
func (a *agentd) BlessingStoreDebugString() (string, error) {
defer a.mu.RUnlock()
a.mu.RLock()
return a.principal.BlessingStore().DebugString(), nil
}
func (a *agentd) BlessingStoreDefault() (security.Blessings, error) {
defer a.mu.RUnlock()
a.mu.RLock()
b, _ := a.principal.BlessingStore().Default()
return b, nil
}
func (a *agentd) BlessingStoreCacheDischarge(discharge security.Discharge, caveat security.Caveat, impetus security.DischargeImpetus) error {
defer a.mu.Unlock()
a.mu.Lock()
a.principal.BlessingStore().CacheDischarge(discharge, caveat, impetus)
return nil
}
func (a *agentd) BlessingStoreClearDischarges(discharges []security.Discharge) error {
defer a.mu.Unlock()
a.mu.Lock()
a.principal.BlessingStore().ClearDischarges(discharges...)
return nil
}
func (a *agentd) BlessingStoreDischarge(caveat security.Caveat, impetus security.DischargeImpetus) (security.Discharge, error) {
defer a.mu.Unlock()
a.mu.Lock()
discharge, _ := a.principal.BlessingStore().Discharge(caveat, impetus)
return discharge, nil
}
func (a *agentd) BlessingStoreDischarge2(caveat security.Caveat, impetus security.DischargeImpetus) (security.Discharge, time.Time, error) {
defer a.mu.Unlock()
a.mu.Lock()
discharge, cacheTime := a.principal.BlessingStore().Discharge(caveat, impetus)
return discharge, cacheTime, nil
}
func (a *agentd) BlessingRootsAdd(root []byte, pattern security.BlessingPattern) error {
defer a.unlock()
a.mu.Lock()
return a.principal.Roots().Add(root, pattern)
}
func (a *agentd) BlessingRootsRecognized(root []byte, blessing string) error {
defer a.mu.RUnlock()
a.mu.RLock()
return a.principal.Roots().Recognized(root, blessing)
}
func (a *agentd) BlessingRootsDump() (map[security.BlessingPattern][][]byte, error) {
ret := make(map[security.BlessingPattern][][]byte)
defer a.mu.RUnlock()
a.mu.RLock()
for p, keys := range a.principal.Roots().Dump() {
for _, key := range keys {
marshaledKey, err := key.MarshalBinary()
if err != nil {
return nil, err
}
ret[p] = append(ret[p], marshaledKey)
}
}
return ret, nil
}
func (a *agentd) BlessingRootsDebugString() (string, error) {
defer a.mu.RUnlock()
a.mu.RLock()
return a.principal.Roots().DebugString(), nil
}