Jiri Simsa | d7616c9 | 2015-03-24 23:44:30 -0700 | [diff] [blame] | 1 | // Copyright 2015 The Vanadium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style |
| 3 | // license that can be found in the LICENSE file. |
| 4 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 5 | // An implementation of a server for WSPR |
| 6 | |
| 7 | package server |
| 8 | |
| 9 | import ( |
| 10 | "encoding/json" |
Nicolas LaCasse | e3867dc | 2015-02-05 14:44:53 -0800 | [diff] [blame] | 11 | "fmt" |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 12 | "sync" |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 13 | "time" |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 14 | |
Jiri Simsa | 1f1302c | 2015-02-23 16:18:34 -0800 | [diff] [blame] | 15 | "v.io/v23" |
| 16 | "v.io/v23/context" |
Jiri Simsa | 1f1302c | 2015-02-23 16:18:34 -0800 | [diff] [blame] | 17 | "v.io/v23/naming" |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 18 | "v.io/v23/rpc" |
Jiri Simsa | 1f1302c | 2015-02-23 16:18:34 -0800 | [diff] [blame] | 19 | "v.io/v23/security" |
| 20 | "v.io/v23/vdl" |
Todd Wang | ac9e190 | 2015-02-25 01:58:01 -0800 | [diff] [blame] | 21 | "v.io/v23/vdlroot/signature" |
Shyam Jayaraman | 7efedbe | 2015-03-05 12:57:18 -0800 | [diff] [blame] | 22 | vdltime "v.io/v23/vdlroot/time" |
Jiri Simsa | 1f1302c | 2015-02-23 16:18:34 -0800 | [diff] [blame] | 23 | "v.io/v23/verror" |
Matt Rosencrantz | e7bf2bc | 2015-03-13 09:54:27 -0700 | [diff] [blame] | 24 | "v.io/v23/vtrace" |
Jiri Simsa | 337af23 | 2015-02-27 14:36:46 -0800 | [diff] [blame] | 25 | "v.io/x/lib/vlog" |
Todd Wang | 5b77a34 | 2015-04-06 18:31:37 -0700 | [diff] [blame] | 26 | "v.io/x/ref/services/wspr/internal/lib" |
| 27 | "v.io/x/ref/services/wspr/internal/principal" |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 28 | ) |
| 29 | |
| 30 | type Flow struct { |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 31 | ID int32 |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 32 | Writer lib.ClientWriter |
| 33 | } |
| 34 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 35 | type FlowHandler interface { |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 36 | CreateNewFlow(server interface{}, sender rpc.Stream) *Flow |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 37 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 38 | CleanupFlow(id int32) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 39 | } |
| 40 | |
| 41 | type HandleStore interface { |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 42 | GetBlessings(handle principal.BlessingsHandle) security.Blessings |
Benjamin Prosnitz | 9e42399 | 2015-04-10 13:10:35 -0700 | [diff] [blame] | 43 | // Gets or adds blessings to the store and returns handle to the blessings |
| 44 | GetOrAddBlessingsHandle(blessings security.Blessings) principal.BlessingsHandle |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 45 | } |
| 46 | |
| 47 | type ServerHelper interface { |
| 48 | FlowHandler |
| 49 | HandleStore |
| 50 | |
Shyam Jayaraman | c17abda | 2015-04-06 16:49:17 -0700 | [diff] [blame] | 51 | SendLogMessage(level lib.LogLevel, msg string) error |
| 52 | |
Matt Rosencrantz | c90eb7b | 2015-01-09 08:32:01 -0800 | [diff] [blame] | 53 | Context() *context.T |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 54 | } |
| 55 | |
| 56 | type authReply struct { |
Mike Burrows | 2ec2bb3 | 2015-02-26 15:14:43 -0800 | [diff] [blame] | 57 | Err *verror.E |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 58 | } |
| 59 | |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 60 | // AuthRequest is a request for a javascript authorizer to run |
| 61 | // This is exported to make the app test easier. |
| 62 | type AuthRequest struct { |
Benjamin Prosnitz | 2be28dc | 2015-03-11 13:33:22 -0700 | [diff] [blame] | 63 | ServerId uint32 `json:"serverId"` |
Shyam Jayaraman | 250aac3 | 2015-03-05 15:29:11 -0800 | [diff] [blame] | 64 | Handle int32 `json:"handle"` |
| 65 | Call SecurityCall `json:"call"` |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 66 | } |
| 67 | |
| 68 | type Server struct { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 69 | // serverStateLock should be aquired when starting or stopping the server. |
| 70 | // This should be locked before outstandingRequestLock. |
| 71 | serverStateLock sync.Mutex |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 72 | |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 73 | // The rpc.ListenSpec to use with server.Listen |
| 74 | listenSpec *rpc.ListenSpec |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 75 | |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 76 | // The server that handles the rpc layer. Listen on this server is |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 77 | // lazily started. |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 78 | server rpc.Server |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 79 | |
| 80 | // The saved dispatcher to reuse when serve is called multiple times. |
| 81 | dispatcher *dispatcher |
| 82 | |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 83 | // Whether the server is listening. |
| 84 | isListening bool |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 85 | |
| 86 | // The server id. |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 87 | id uint32 |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 88 | helper ServerHelper |
| 89 | |
Suharsh Sivakumar | 4cc7c2d | 2015-04-09 15:21:56 -0700 | [diff] [blame] | 90 | // outstandingRequestLock should be acquired only to update the outstanding request maps below. |
| 91 | outstandingRequestLock sync.Mutex |
| 92 | outstandingServerRequests map[int32]chan *lib.ServerRpcReply // GUARDED_BY outstandingRequestLock |
| 93 | outstandingAuthRequests map[int32]chan error // GUARDED_BY outstandingRequestLock |
| 94 | outstandingValidationRequests map[int32]chan []error // GUARDED_BY outstandingRequestLock |
Shyam Jayaraman | c17abda | 2015-04-06 16:49:17 -0700 | [diff] [blame] | 95 | |
| 96 | // statusClose will be closed when the server is shutting down, this will |
| 97 | // cause the status poller to exit. |
| 98 | statusClose chan struct{} |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 99 | } |
| 100 | |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 101 | func NewServer(id uint32, listenSpec *rpc.ListenSpec, helper ServerHelper) (*Server, error) { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 102 | server := &Server{ |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 103 | id: id, |
| 104 | helper: helper, |
| 105 | listenSpec: listenSpec, |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 106 | outstandingServerRequests: make(map[int32]chan *lib.ServerRpcReply), |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 107 | outstandingAuthRequests: make(map[int32]chan error), |
| 108 | outstandingValidationRequests: make(map[int32]chan []error), |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 109 | } |
| 110 | var err error |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 111 | ctx := helper.Context() |
Benjamin Prosnitz | f39783b | 2015-02-25 17:28:50 -0800 | [diff] [blame] | 112 | ctx = context.WithValue(ctx, "customChainValidator", server.wsprCaveatValidator) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 113 | if server.server, err = v23.NewServer(ctx); err != nil { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 114 | return nil, err |
| 115 | } |
| 116 | return server, nil |
| 117 | } |
| 118 | |
| 119 | // remoteInvokeFunc is a type of function that can invoke a remote method and |
| 120 | // communicate the result back via a channel to the caller |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 121 | type remoteInvokeFunc func(ctx *context.T, call rpc.StreamServerCall, methodName string, args []interface{}) <-chan *lib.ServerRpcReply |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 122 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 123 | func (s *Server) createRemoteInvokerFunc(handle int32) remoteInvokeFunc { |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 124 | return func(ctx *context.T, call rpc.StreamServerCall, methodName string, args []interface{}) <-chan *lib.ServerRpcReply { |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 125 | securityCall := ConvertSecurityCall(s.helper, ctx, call.Security(), true) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 126 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 127 | flow := s.helper.CreateNewFlow(s, call) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 128 | replyChan := make(chan *lib.ServerRpcReply, 1) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 129 | s.outstandingRequestLock.Lock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 130 | s.outstandingServerRequests[flow.ID] = replyChan |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 131 | s.outstandingRequestLock.Unlock() |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 132 | |
Shyam Jayaraman | 7efedbe | 2015-03-05 12:57:18 -0800 | [diff] [blame] | 133 | var timeout vdltime.Deadline |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 134 | if deadline, ok := ctx.Deadline(); ok { |
Shyam Jayaraman | 7efedbe | 2015-03-05 12:57:18 -0800 | [diff] [blame] | 135 | timeout.Time = deadline |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 136 | } |
| 137 | |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 138 | errHandler := func(err error) <-chan *lib.ServerRpcReply { |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 139 | if ch := s.popServerRequest(flow.ID); ch != nil { |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 140 | stdErr := verror.Convert(verror.ErrInternal, ctx, err).(verror.E) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 141 | ch <- &lib.ServerRpcReply{nil, &stdErr, vtrace.Response{}} |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 142 | s.helper.CleanupFlow(flow.ID) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 143 | } |
| 144 | return replyChan |
Shyam Jayaraman | c96e1aa | 2014-11-12 16:42:39 -0800 | [diff] [blame] | 145 | } |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 146 | |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 147 | var grantedBlessings *principal.JsBlessings |
| 148 | if !call.GrantedBlessings().IsZero() { |
| 149 | grantedBlessings = convertBlessingsToHandle(s.helper, call.GrantedBlessings()) |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 150 | } |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 151 | |
| 152 | rpcCall := ServerRpcRequestCall{ |
| 153 | SecurityCall: securityCall, |
| 154 | Deadline: timeout, |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 155 | TraceRequest: vtrace.GetRequest(ctx), |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 156 | GrantedBlessings: grantedBlessings, |
| 157 | } |
| 158 | |
| 159 | var vdlValArgs []*vdl.Value = make([]*vdl.Value, len(args)) |
| 160 | for i, arg := range args { |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 161 | if blessings, ok := arg.(security.Blessings); ok { |
| 162 | arg = principal.ConvertBlessingsToHandle(blessings, s.helper.GetOrAddBlessingsHandle(blessings)) |
| 163 | } |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 164 | vdlValArgs[i] = vdl.ValueOf(arg) |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 165 | } |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 166 | |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 167 | // Send a invocation request to JavaScript |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 168 | message := ServerRpcRequest{ |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 169 | ServerId: s.id, |
| 170 | Handle: handle, |
| 171 | Method: lib.LowercaseFirstCharacter(methodName), |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 172 | Args: vdlValArgs, |
Shyam Jayaraman | 250aac3 | 2015-03-05 15:29:11 -0800 | [diff] [blame] | 173 | Call: rpcCall, |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 174 | } |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 175 | vomMessage, err := lib.VomEncode(message) |
Shyam Jayaraman | c96e1aa | 2014-11-12 16:42:39 -0800 | [diff] [blame] | 176 | if err != nil { |
| 177 | return errHandler(err) |
| 178 | } |
Shyam Jayaraman | 907219d | 2014-11-26 12:14:37 -0800 | [diff] [blame] | 179 | if err := flow.Writer.Send(lib.ResponseServerRequest, vomMessage); err != nil { |
Shyam Jayaraman | c96e1aa | 2014-11-12 16:42:39 -0800 | [diff] [blame] | 180 | return errHandler(err) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 181 | } |
| 182 | |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 183 | vlog.VI(3).Infof("calling method %q with args %v, MessageID %d assigned\n", methodName, args, flow.ID) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 184 | |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 185 | // Watch for cancellation. |
| 186 | go func() { |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 187 | <-ctx.Done() |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 188 | ch := s.popServerRequest(flow.ID) |
| 189 | if ch == nil { |
| 190 | return |
| 191 | } |
| 192 | |
| 193 | // Send a cancel message to the JS server. |
| 194 | flow.Writer.Send(lib.ResponseCancel, nil) |
| 195 | s.helper.CleanupFlow(flow.ID) |
| 196 | |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 197 | err := verror.Convert(verror.ErrAborted, ctx, ctx.Err()).(verror.E) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 198 | ch <- &lib.ServerRpcReply{nil, &err, vtrace.Response{}} |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 199 | }() |
| 200 | |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 201 | go proxyStream(call, flow.Writer, s.helper) |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 202 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 203 | return replyChan |
| 204 | } |
| 205 | } |
| 206 | |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 207 | type globStream struct { |
Todd Wang | 2331dd0 | 2015-03-17 15:38:39 -0700 | [diff] [blame] | 208 | ch chan naming.GlobReply |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 209 | ctx *context.T |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 210 | } |
| 211 | |
| 212 | func (g *globStream) Send(item interface{}) error { |
Todd Wang | 2331dd0 | 2015-03-17 15:38:39 -0700 | [diff] [blame] | 213 | if v, ok := item.(naming.GlobReply); ok { |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 214 | g.ch <- v |
| 215 | return nil |
| 216 | } |
Jiri Simsa | 94f68d0 | 2015-02-17 10:22:08 -0800 | [diff] [blame] | 217 | return verror.New(verror.ErrBadArg, g.ctx, item) |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 218 | } |
| 219 | |
| 220 | func (g *globStream) Recv(itemptr interface{}) error { |
Jiri Simsa | 94f68d0 | 2015-02-17 10:22:08 -0800 | [diff] [blame] | 221 | return verror.New(verror.ErrNoExist, g.ctx, "Can't call recieve on glob stream") |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 222 | } |
| 223 | |
| 224 | func (g *globStream) CloseSend() error { |
| 225 | close(g.ch) |
| 226 | return nil |
| 227 | } |
| 228 | |
| 229 | // remoteGlobFunc is a type of function that can invoke a remote glob and |
| 230 | // communicate the result back via the channel returned |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 231 | type remoteGlobFunc func(ctx *context.T, call rpc.ServerCall, pattern string) (<-chan naming.GlobReply, error) |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 232 | |
| 233 | func (s *Server) createRemoteGlobFunc(handle int32) remoteGlobFunc { |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 234 | return func(ctx *context.T, call rpc.ServerCall, pattern string) (<-chan naming.GlobReply, error) { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 235 | // Until the tests get fixed, we need to create a security context before creating the flow |
| 236 | // because creating the security context creates a flow and flow ids will be off. |
| 237 | // See https://github.com/veyron/release-issues/issues/1181 |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 238 | securityCall := ConvertSecurityCall(s.helper, ctx, call.Security(), true) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 239 | |
Todd Wang | 2331dd0 | 2015-03-17 15:38:39 -0700 | [diff] [blame] | 240 | globChan := make(chan naming.GlobReply, 1) |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 241 | flow := s.helper.CreateNewFlow(s, &globStream{ |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 242 | ch: globChan, |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 243 | ctx: ctx, |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 244 | }) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 245 | replyChan := make(chan *lib.ServerRpcReply, 1) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 246 | s.outstandingRequestLock.Lock() |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 247 | s.outstandingServerRequests[flow.ID] = replyChan |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 248 | s.outstandingRequestLock.Unlock() |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 249 | |
Shyam Jayaraman | 7efedbe | 2015-03-05 12:57:18 -0800 | [diff] [blame] | 250 | var timeout vdltime.Deadline |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 251 | if deadline, ok := ctx.Deadline(); ok { |
Shyam Jayaraman | 7efedbe | 2015-03-05 12:57:18 -0800 | [diff] [blame] | 252 | timeout.Time = deadline |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 253 | } |
| 254 | |
Todd Wang | 2331dd0 | 2015-03-17 15:38:39 -0700 | [diff] [blame] | 255 | errHandler := func(err error) (<-chan naming.GlobReply, error) { |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 256 | if ch := s.popServerRequest(flow.ID); ch != nil { |
| 257 | s.helper.CleanupFlow(flow.ID) |
| 258 | } |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 259 | return nil, verror.Convert(verror.ErrInternal, ctx, err).(verror.E) |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 260 | } |
| 261 | |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 262 | var grantedBlessings *principal.JsBlessings |
| 263 | if !call.GrantedBlessings().IsZero() { |
| 264 | grantedBlessings = convertBlessingsToHandle(s.helper, call.GrantedBlessings()) |
| 265 | } |
| 266 | |
| 267 | rpcCall := ServerRpcRequestCall{ |
| 268 | SecurityCall: securityCall, |
| 269 | Deadline: timeout, |
| 270 | GrantedBlessings: grantedBlessings, |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 271 | } |
| 272 | |
| 273 | // Send a invocation request to JavaScript |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 274 | message := ServerRpcRequest{ |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 275 | ServerId: s.id, |
| 276 | Handle: handle, |
| 277 | Method: "Glob__", |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 278 | Args: []*vdl.Value{vdl.ValueOf(pattern)}, |
Shyam Jayaraman | 250aac3 | 2015-03-05 15:29:11 -0800 | [diff] [blame] | 279 | Call: rpcCall, |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 280 | } |
| 281 | vomMessage, err := lib.VomEncode(message) |
| 282 | if err != nil { |
| 283 | return errHandler(err) |
| 284 | } |
| 285 | if err := flow.Writer.Send(lib.ResponseServerRequest, vomMessage); err != nil { |
| 286 | return errHandler(err) |
| 287 | } |
| 288 | |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 289 | vlog.VI(3).Infof("calling method 'Glob__' with args %v, MessageID %d assigned\n", []interface{}{pattern}, flow.ID) |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 290 | |
| 291 | // Watch for cancellation. |
| 292 | go func() { |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 293 | <-ctx.Done() |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 294 | ch := s.popServerRequest(flow.ID) |
| 295 | if ch == nil { |
| 296 | return |
| 297 | } |
| 298 | |
| 299 | // Send a cancel message to the JS server. |
| 300 | flow.Writer.Send(lib.ResponseCancel, nil) |
| 301 | s.helper.CleanupFlow(flow.ID) |
| 302 | |
Todd Wang | 54feabe | 2015-04-15 23:38:26 -0700 | [diff] [blame] | 303 | err := verror.Convert(verror.ErrAborted, ctx, ctx.Err()).(verror.E) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 304 | ch <- &lib.ServerRpcReply{nil, &err, vtrace.Response{}} |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 305 | }() |
| 306 | |
| 307 | return globChan, nil |
| 308 | } |
| 309 | } |
| 310 | |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 311 | func proxyStream(stream rpc.Stream, w lib.ClientWriter, blessingsCache HandleStore) { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 312 | var item interface{} |
| 313 | for err := stream.Recv(&item); err == nil; err = stream.Recv(&item) { |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 314 | if blessings, ok := item.(security.Blessings); ok { |
| 315 | item = principal.ConvertBlessingsToHandle(blessings, blessingsCache.GetOrAddBlessingsHandle(blessings)) |
| 316 | |
| 317 | } |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 318 | vomItem, err := lib.VomEncode(item) |
Shyam Jayaraman | c96e1aa | 2014-11-12 16:42:39 -0800 | [diff] [blame] | 319 | if err != nil { |
Jiri Simsa | 94f68d0 | 2015-02-17 10:22:08 -0800 | [diff] [blame] | 320 | w.Error(verror.Convert(verror.ErrInternal, nil, err)) |
Shyam Jayaraman | c96e1aa | 2014-11-12 16:42:39 -0800 | [diff] [blame] | 321 | return |
| 322 | } |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 323 | if err := w.Send(lib.ResponseStream, vomItem); err != nil { |
Jiri Simsa | 94f68d0 | 2015-02-17 10:22:08 -0800 | [diff] [blame] | 324 | w.Error(verror.Convert(verror.ErrInternal, nil, err)) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 325 | return |
| 326 | } |
| 327 | } |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 328 | if err := w.Send(lib.ResponseStreamClose, nil); err != nil { |
Jiri Simsa | 94f68d0 | 2015-02-17 10:22:08 -0800 | [diff] [blame] | 329 | w.Error(verror.Convert(verror.ErrInternal, nil, err)) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 330 | return |
| 331 | } |
| 332 | } |
| 333 | |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 334 | func convertBlessingsToHandle(helper ServerHelper, blessings security.Blessings) *principal.JsBlessings { |
| 335 | return principal.ConvertBlessingsToHandle(blessings, helper.GetOrAddBlessingsHandle(blessings)) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 336 | } |
| 337 | |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 338 | func makeListOfErrors(numErrors int, err error) []error { |
| 339 | errs := make([]error, numErrors) |
| 340 | for i := 0; i < numErrors; i++ { |
| 341 | errs[i] = err |
Shyam Jayaraman | a42622c | 2015-01-05 16:55:53 -0800 | [diff] [blame] | 342 | } |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 343 | return errs |
| 344 | } |
| 345 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 346 | // validateCavsInJavascript validates caveats in javascript. |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 347 | // It resolves each []security.Caveat in cavs to an error (or nil) and collects them in a slice. |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 348 | func (s *Server) validateCavsInJavascript(ctx *context.T, call security.Call, cavs [][]security.Caveat) []error { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 349 | flow := s.helper.CreateNewFlow(s, nil) |
| 350 | req := CaveatValidationRequest{ |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 351 | Call: ConvertSecurityCall(s.helper, ctx, call, false), |
Ankur | ef39ba8 | 2015-03-19 13:34:03 -0700 | [diff] [blame] | 352 | Cavs: cavs, |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 353 | } |
| 354 | |
| 355 | replyChan := make(chan []error, 1) |
| 356 | s.outstandingRequestLock.Lock() |
| 357 | s.outstandingValidationRequests[flow.ID] = replyChan |
| 358 | s.outstandingRequestLock.Unlock() |
| 359 | |
| 360 | defer func() { |
| 361 | s.outstandingRequestLock.Lock() |
| 362 | delete(s.outstandingValidationRequests, flow.ID) |
| 363 | s.outstandingRequestLock.Unlock() |
| 364 | s.cleanupFlow(flow.ID) |
| 365 | }() |
| 366 | |
| 367 | if err := flow.Writer.Send(lib.ResponseValidate, req); err != nil { |
| 368 | vlog.VI(2).Infof("Failed to send validate response: %v", err) |
| 369 | replyChan <- makeListOfErrors(len(cavs), err) |
| 370 | } |
| 371 | |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 372 | // TODO(bprosnitz) Consider using a different timeout than the standard rpc timeout. |
Todd Wang | f6a0688 | 2015-02-27 17:38:01 -0800 | [diff] [blame] | 373 | var timeoutChan <-chan time.Time |
Matt Rosencrantz | 317b0c5 | 2015-03-24 20:47:01 -0700 | [diff] [blame] | 374 | if deadline, ok := ctx.Deadline(); ok { |
Todd Wang | f6a0688 | 2015-02-27 17:38:01 -0800 | [diff] [blame] | 375 | timeoutChan = time.After(deadline.Sub(time.Now())) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 376 | } |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 377 | |
| 378 | select { |
| 379 | case <-timeoutChan: |
Matt Rosencrantz | 317b0c5 | 2015-03-24 20:47:01 -0700 | [diff] [blame] | 380 | return makeListOfErrors(len(cavs), NewErrCaveatValidationTimeout(ctx)) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 381 | case reply := <-replyChan: |
| 382 | if len(reply) != len(cavs) { |
| 383 | vlog.VI(2).Infof("Wspr caveat validator received %d results from javascript but expected %d", len(reply), len(cavs)) |
Matt Rosencrantz | 317b0c5 | 2015-03-24 20:47:01 -0700 | [diff] [blame] | 384 | return makeListOfErrors(len(cavs), NewErrInvalidValidationResponseFromJavascript(ctx)) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 385 | } |
| 386 | |
| 387 | return reply |
| 388 | } |
| 389 | } |
| 390 | |
Benjamin Prosnitz | 2c8c237 | 2015-03-13 12:03:08 -0700 | [diff] [blame] | 391 | // wsprCaveatValidator validates caveats for javascript. |
| 392 | // Certain caveats (PublicKeyThirdPartyCaveatX) are intercepted and handled in go. |
| 393 | // This call validateCavsInJavascript to process the remaining caveats in javascript. |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 394 | func (s *Server) wsprCaveatValidator(ctx *context.T, call security.Call, cavs [][]security.Caveat) []error { |
Benjamin Prosnitz | 2c8c237 | 2015-03-13 12:03:08 -0700 | [diff] [blame] | 395 | type validationStatus struct { |
| 396 | err error |
| 397 | isSet bool |
| 398 | } |
| 399 | valStatus := make([]validationStatus, len(cavs)) |
| 400 | |
| 401 | var caveatChainsToValidate [][]security.Caveat |
| 402 | nextCav: |
| 403 | for i, chainCavs := range cavs { |
| 404 | var newChainCavs []security.Caveat |
| 405 | for _, cav := range chainCavs { |
| 406 | switch cav.Id { |
| 407 | case security.PublicKeyThirdPartyCaveatX.Id: |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 408 | res := cav.Validate(ctx, call) |
Benjamin Prosnitz | 2c8c237 | 2015-03-13 12:03:08 -0700 | [diff] [blame] | 409 | if res != nil { |
| 410 | valStatus[i] = validationStatus{ |
| 411 | err: res, |
| 412 | isSet: true, |
| 413 | } |
| 414 | continue nextCav |
| 415 | } |
| 416 | default: |
| 417 | newChainCavs = append(newChainCavs, cav) |
| 418 | } |
| 419 | } |
| 420 | if len(newChainCavs) == 0 { |
| 421 | valStatus[i] = validationStatus{ |
| 422 | err: nil, |
| 423 | isSet: true, |
| 424 | } |
| 425 | } else { |
| 426 | caveatChainsToValidate = append(caveatChainsToValidate, newChainCavs) |
| 427 | } |
| 428 | } |
| 429 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 430 | jsRes := s.validateCavsInJavascript(ctx, call, caveatChainsToValidate) |
Benjamin Prosnitz | 2c8c237 | 2015-03-13 12:03:08 -0700 | [diff] [blame] | 431 | |
| 432 | outResults := make([]error, len(cavs)) |
| 433 | jsIndex := 0 |
| 434 | for i, status := range valStatus { |
| 435 | if status.isSet { |
| 436 | outResults[i] = status.err |
| 437 | } else { |
| 438 | outResults[i] = jsRes[jsIndex] |
| 439 | jsIndex++ |
| 440 | } |
| 441 | } |
| 442 | |
| 443 | return outResults |
| 444 | } |
| 445 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 446 | func ConvertSecurityCall(helper ServerHelper, ctx *context.T, call security.Call, includeBlessingStrings bool) SecurityCall { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 447 | var localEndpoint string |
Matt Rosencrantz | 9dce9b2 | 2015-03-02 10:48:37 -0800 | [diff] [blame] | 448 | if call.LocalEndpoint() != nil { |
| 449 | localEndpoint = call.LocalEndpoint().String() |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 450 | } |
| 451 | var remoteEndpoint string |
Matt Rosencrantz | 9dce9b2 | 2015-03-02 10:48:37 -0800 | [diff] [blame] | 452 | if call.RemoteEndpoint() != nil { |
| 453 | remoteEndpoint = call.RemoteEndpoint().String() |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 454 | } |
Benjamin Prosnitz | 23bf1a0 | 2015-03-30 16:17:04 -0700 | [diff] [blame] | 455 | var localBlessings principal.JsBlessings |
Matt Rosencrantz | 9dce9b2 | 2015-03-02 10:48:37 -0800 | [diff] [blame] | 456 | if !call.LocalBlessings().IsZero() { |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 457 | localBlessings = *convertBlessingsToHandle(helper, call.LocalBlessings()) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 458 | } |
Matt Rosencrantz | 9dce9b2 | 2015-03-02 10:48:37 -0800 | [diff] [blame] | 459 | anymtags := make([]*vdl.Value, len(call.MethodTags())) |
| 460 | for i, mtag := range call.MethodTags() { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 461 | anymtags[i] = mtag |
| 462 | } |
Matt Rosencrantz | 250558f | 2015-03-17 11:37:31 -0700 | [diff] [blame] | 463 | secCall := SecurityCall{ |
Matt Rosencrantz | 9dce9b2 | 2015-03-02 10:48:37 -0800 | [diff] [blame] | 464 | Method: lib.LowercaseFirstCharacter(call.Method()), |
| 465 | Suffix: call.Suffix(), |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 466 | MethodTags: anymtags, |
| 467 | LocalEndpoint: localEndpoint, |
| 468 | RemoteEndpoint: remoteEndpoint, |
| 469 | LocalBlessings: localBlessings, |
Benjamin Prosnitz | bf71e96 | 2015-04-14 16:43:07 -0700 | [diff] [blame] | 470 | RemoteBlessings: *convertBlessingsToHandle(helper, call.RemoteBlessings()), |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 471 | } |
| 472 | if includeBlessingStrings { |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 473 | secCall.LocalBlessingStrings = security.LocalBlessingNames(ctx, call) |
| 474 | secCall.RemoteBlessingStrings, _ = security.RemoteBlessingNames(ctx, call) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 475 | } |
Matt Rosencrantz | 250558f | 2015-03-17 11:37:31 -0700 | [diff] [blame] | 476 | return secCall |
Shyam Jayaraman | a42622c | 2015-01-05 16:55:53 -0800 | [diff] [blame] | 477 | } |
| 478 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 479 | type remoteAuth struct { |
| 480 | Func func(*context.T, security.Call, int32) error |
| 481 | Handle int32 |
| 482 | } |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 483 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 484 | func (r remoteAuth) Authorize(ctx *context.T, call security.Call) error { |
| 485 | return r.Func(ctx, call, r.Handle) |
| 486 | } |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 487 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 488 | func (s *Server) createRemoteAuthorizer(handle int32) security.Authorizer { |
| 489 | return remoteAuth{s.authorizeRemote, handle} |
| 490 | } |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 491 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 492 | func (s *Server) authorizeRemote(ctx *context.T, call security.Call, handle int32) error { |
| 493 | // Until the tests get fixed, we need to create a security context before |
| 494 | // creating the flow because creating the security context creates a flow and |
| 495 | // flow ids will be off. |
| 496 | securityCall := ConvertSecurityCall(s.helper, ctx, call, true) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 497 | |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 498 | flow := s.helper.CreateNewFlow(s, nil) |
| 499 | replyChan := make(chan error, 1) |
| 500 | s.outstandingRequestLock.Lock() |
| 501 | s.outstandingAuthRequests[flow.ID] = replyChan |
| 502 | s.outstandingRequestLock.Unlock() |
| 503 | message := AuthRequest{ |
| 504 | ServerId: s.id, |
| 505 | Handle: handle, |
| 506 | Call: securityCall, |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 507 | } |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 508 | vlog.VI(0).Infof("Sending out auth request for %v, %v", flow.ID, message) |
| 509 | |
| 510 | vomMessage, err := lib.VomEncode(message) |
| 511 | if err != nil { |
| 512 | replyChan <- verror.Convert(verror.ErrInternal, nil, err) |
| 513 | } else if err := flow.Writer.Send(lib.ResponseAuthRequest, vomMessage); err != nil { |
| 514 | replyChan <- verror.Convert(verror.ErrInternal, nil, err) |
| 515 | } |
| 516 | |
| 517 | err = <-replyChan |
| 518 | vlog.VI(0).Infof("going to respond with %v", err) |
| 519 | s.outstandingRequestLock.Lock() |
| 520 | delete(s.outstandingAuthRequests, flow.ID) |
| 521 | s.outstandingRequestLock.Unlock() |
| 522 | s.helper.CleanupFlow(flow.ID) |
| 523 | return err |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 524 | } |
| 525 | |
Shyam Jayaraman | c17abda | 2015-04-06 16:49:17 -0700 | [diff] [blame] | 526 | func (s *Server) readStatus() { |
| 527 | // A map of names to the last error message sent. |
| 528 | lastErrors := map[string]string{} |
| 529 | for { |
| 530 | status := s.server.Status() |
| 531 | for _, mountStatus := range status.Mounts { |
| 532 | var errMsg string |
| 533 | if mountStatus.LastMountErr != nil { |
| 534 | errMsg = mountStatus.LastMountErr.Error() |
| 535 | } |
| 536 | mountName := mountStatus.Name |
| 537 | if lastMessage, ok := lastErrors[mountName]; !ok || errMsg != lastMessage { |
| 538 | if errMsg == "" { |
| 539 | s.helper.SendLogMessage( |
| 540 | lib.LogLevelInfo, "serve: "+mountName+" successfully mounted ") |
| 541 | } else { |
| 542 | s.helper.SendLogMessage( |
| 543 | lib.LogLevelError, "serve: "+mountName+" failed with: "+errMsg) |
| 544 | } |
| 545 | } |
| 546 | lastErrors[mountName] = errMsg |
| 547 | } |
| 548 | select { |
| 549 | case <-time.After(10 * time.Second): |
| 550 | continue |
| 551 | case <-s.statusClose: |
| 552 | return |
| 553 | } |
| 554 | } |
| 555 | } |
| 556 | |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 557 | func (s *Server) Serve(name string) error { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 558 | s.serverStateLock.Lock() |
| 559 | defer s.serverStateLock.Unlock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 560 | |
| 561 | if s.dispatcher == nil { |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 562 | s.dispatcher = newDispatcher(s.id, s, s, s) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 563 | } |
| 564 | |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 565 | if !s.isListening { |
| 566 | _, err := s.server.Listen(*s.listenSpec) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 567 | if err != nil { |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 568 | return err |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 569 | } |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 570 | s.isListening = true |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 571 | } |
Cosmos Nicolaou | 89303d6 | 2014-11-02 12:58:11 -0800 | [diff] [blame] | 572 | if err := s.server.ServeDispatcher(name, s.dispatcher); err != nil { |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 573 | return err |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 574 | } |
Shyam Jayaraman | c17abda | 2015-04-06 16:49:17 -0700 | [diff] [blame] | 575 | s.statusClose = make(chan struct{}, 1) |
| 576 | go s.readStatus() |
Nicolas LaCasse | 27b57c7 | 2014-11-19 13:40:20 -0800 | [diff] [blame] | 577 | return nil |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 578 | } |
| 579 | |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 580 | func (s *Server) popServerRequest(id int32) chan *lib.ServerRpcReply { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 581 | s.outstandingRequestLock.Lock() |
| 582 | defer s.outstandingRequestLock.Unlock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 583 | ch := s.outstandingServerRequests[id] |
| 584 | delete(s.outstandingServerRequests, id) |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 585 | |
| 586 | return ch |
| 587 | } |
| 588 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 589 | func (s *Server) HandleServerResponse(id int32, data string) { |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 590 | ch := s.popServerRequest(id) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 591 | if ch == nil { |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 592 | vlog.Errorf("unexpected result from JavaScript. No channel "+ |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 593 | "for MessageId: %d exists. Ignoring the results.", id) |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 594 | // Ignore unknown responses that don't belong to any channel |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 595 | return |
| 596 | } |
Matt Rosencrantz | 4aabe57 | 2014-10-22 09:25:50 -0700 | [diff] [blame] | 597 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 598 | // Decode the result and send it through the channel |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 599 | var reply lib.ServerRpcReply |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 600 | if err := lib.VomDecode(data, &reply); err != nil { |
| 601 | reply.Err = err |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 602 | } |
| 603 | |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 604 | vlog.VI(0).Infof("response received from JavaScript server for "+ |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 605 | "MessageId %d with result %v", id, reply) |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 606 | s.helper.CleanupFlow(id) |
Shyam Jayaraman | 07136a7 | 2015-04-13 13:34:41 -0700 | [diff] [blame] | 607 | if reply.Err != nil { |
| 608 | ch <- &reply |
| 609 | return |
| 610 | } |
| 611 | jsBlessingsType := vdl.TypeOf(principal.JsBlessings{}) |
| 612 | for i, val := range reply.Results { |
| 613 | if val.Type() == jsBlessingsType { |
| 614 | var jsBlessings principal.JsBlessings |
| 615 | if err := vdl.Convert(&jsBlessings, val); err != nil { |
| 616 | reply.Err = err |
| 617 | break |
| 618 | } |
| 619 | reply.Results[i] = vdl.ValueOf( |
| 620 | s.helper.GetBlessings(jsBlessings.Handle)) |
| 621 | } |
| 622 | } |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 623 | ch <- &reply |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 624 | } |
| 625 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 626 | func (s *Server) HandleLookupResponse(id int32, data string) { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 627 | s.dispatcher.handleLookupResponse(id, data) |
| 628 | } |
| 629 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 630 | func (s *Server) HandleAuthResponse(id int32, data string) { |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 631 | s.outstandingRequestLock.Lock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 632 | ch := s.outstandingAuthRequests[id] |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 633 | s.outstandingRequestLock.Unlock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 634 | if ch == nil { |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 635 | vlog.Errorf("unexpected result from JavaScript. No channel "+ |
Shyam Jayaraman | e56df9a | 2014-11-20 17:38:54 -0800 | [diff] [blame] | 636 | "for MessageId: %d exists. Ignoring the results(%s)", id, data) |
Suharsh Sivakumar | 4cc7c2d | 2015-04-09 15:21:56 -0700 | [diff] [blame] | 637 | // Ignore unknown responses that don't belong to any channel |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 638 | return |
| 639 | } |
| 640 | // Decode the result and send it through the channel |
| 641 | var reply authReply |
| 642 | if decoderErr := json.Unmarshal([]byte(data), &reply); decoderErr != nil { |
Mike Burrows | 2ec2bb3 | 2015-02-26 15:14:43 -0800 | [diff] [blame] | 643 | err := verror.Convert(verror.ErrInternal, nil, decoderErr).(verror.E) |
Mike Burrows | b6689c2 | 2014-10-08 11:14:15 -0700 | [diff] [blame] | 644 | reply = authReply{Err: &err} |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 645 | } |
| 646 | |
Matt Rosencrantz | 99ed678 | 2015-01-27 19:58:34 -0800 | [diff] [blame] | 647 | vlog.VI(0).Infof("response received from JavaScript server for "+ |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 648 | "MessageId %d with result %v", id, reply) |
| 649 | s.helper.CleanupFlow(id) |
Mike Burrows | 2ec2bb3 | 2015-02-26 15:14:43 -0800 | [diff] [blame] | 650 | // A nil verror.E does not result in an nil error. Instead, we have create |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 651 | // a variable for the error interface and only set it's value if the struct is non- |
| 652 | // nil. |
| 653 | var err error |
| 654 | if reply.Err != nil { |
| 655 | err = reply.Err |
| 656 | } |
| 657 | ch <- err |
| 658 | } |
| 659 | |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 660 | func (s *Server) HandleCaveatValidationResponse(id int32, data string) { |
| 661 | s.outstandingRequestLock.Lock() |
| 662 | ch := s.outstandingValidationRequests[id] |
| 663 | s.outstandingRequestLock.Unlock() |
| 664 | if ch == nil { |
| 665 | vlog.Errorf("unexpected result from JavaScript. No channel "+ |
| 666 | "for validation response with MessageId: %d exists. Ignoring the results(%s)", id, data) |
Suharsh Sivakumar | 4cc7c2d | 2015-04-09 15:21:56 -0700 | [diff] [blame] | 667 | // Ignore unknown responses that don't belong to any channel |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 668 | return |
| 669 | } |
| 670 | |
| 671 | var reply CaveatValidationResponse |
| 672 | if err := lib.VomDecode(data, &reply); err != nil { |
| 673 | vlog.Errorf("failed to decode validation response %q: error %v", data, err) |
| 674 | ch <- []error{} |
| 675 | return |
| 676 | } |
| 677 | |
| 678 | ch <- reply.Results |
| 679 | } |
| 680 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 681 | func (s *Server) createFlow() *Flow { |
| 682 | return s.helper.CreateNewFlow(s, nil) |
| 683 | } |
| 684 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 685 | func (s *Server) cleanupFlow(id int32) { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 686 | s.helper.CleanupFlow(id) |
| 687 | } |
| 688 | |
Matt Rosencrantz | 94502cf | 2015-03-18 09:43:44 -0700 | [diff] [blame] | 689 | func (s *Server) createInvoker(handle int32, sig []signature.Interface, hasGlobber bool) (rpc.Invoker, error) { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 690 | remoteInvokeFunc := s.createRemoteInvokerFunc(handle) |
Shyam Jayaraman | eb10b9b | 2015-01-12 12:23:20 -0800 | [diff] [blame] | 691 | var globFunc remoteGlobFunc |
| 692 | if hasGlobber { |
| 693 | globFunc = s.createRemoteGlobFunc(handle) |
| 694 | } |
| 695 | return newInvoker(sig, remoteInvokeFunc, globFunc), nil |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 696 | } |
| 697 | |
Benjamin Prosnitz | 86d5228 | 2014-12-19 15:48:38 -0800 | [diff] [blame] | 698 | func (s *Server) createAuthorizer(handle int32, hasAuthorizer bool) (security.Authorizer, error) { |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 699 | if hasAuthorizer { |
Todd Wang | 4264e4b | 2015-04-16 22:43:40 -0700 | [diff] [blame^] | 700 | return s.createRemoteAuthorizer(handle), nil |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 701 | } |
Asim Shankar | 8572f6c | 2014-10-28 15:24:17 -0700 | [diff] [blame] | 702 | return nil, nil |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 703 | } |
| 704 | |
| 705 | func (s *Server) Stop() { |
Mike Burrows | 2ec2bb3 | 2015-02-26 15:14:43 -0800 | [diff] [blame] | 706 | stdErr := verror.New(verror.ErrTimeout, nil).(verror.E) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 707 | result := lib.ServerRpcReply{ |
Benjamin Prosnitz | a2ac3b3 | 2014-12-12 11:40:31 -0800 | [diff] [blame] | 708 | Results: nil, |
Mike Burrows | b6689c2 | 2014-10-08 11:14:15 -0700 | [diff] [blame] | 709 | Err: &stdErr, |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 710 | } |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 711 | s.serverStateLock.Lock() |
Nicolas LaCasse | e3867dc | 2015-02-05 14:44:53 -0800 | [diff] [blame] | 712 | |
Shyam Jayaraman | c17abda | 2015-04-06 16:49:17 -0700 | [diff] [blame] | 713 | if s.statusClose != nil { |
| 714 | close(s.statusClose) |
| 715 | } |
Nicolas LaCasse | e3867dc | 2015-02-05 14:44:53 -0800 | [diff] [blame] | 716 | if s.dispatcher != nil { |
| 717 | s.dispatcher.Cleanup() |
| 718 | } |
| 719 | |
| 720 | for _, ch := range s.outstandingAuthRequests { |
| 721 | ch <- fmt.Errorf("Cleaning up server") |
| 722 | } |
Nicolas LaCasse | e3867dc | 2015-02-05 14:44:53 -0800 | [diff] [blame] | 723 | |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 724 | for _, ch := range s.outstandingServerRequests { |
| 725 | select { |
| 726 | case ch <- &result: |
| 727 | default: |
| 728 | } |
| 729 | } |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 730 | s.outstandingRequestLock.Lock() |
| 731 | s.outstandingAuthRequests = make(map[int32]chan error) |
Todd Wang | baf1684 | 2015-03-16 14:12:29 -0700 | [diff] [blame] | 732 | s.outstandingServerRequests = make(map[int32]chan *lib.ServerRpcReply) |
Benjamin Prosnitz | e8e2b9b | 2015-02-24 12:55:25 -0800 | [diff] [blame] | 733 | s.outstandingRequestLock.Unlock() |
| 734 | s.serverStateLock.Unlock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 735 | s.server.Stop() |
Matt Rosencrantz | 317b0c5 | 2015-03-24 20:47:01 -0700 | [diff] [blame] | 736 | |
Suharsh Sivakumar | 4cc7c2d | 2015-04-09 15:21:56 -0700 | [diff] [blame] | 737 | // Only clear the validation requests map after stopping. Clearing them before |
| 738 | // can cause the publisher to get stuck waiting for a caveat validation that |
| 739 | // will never be answered, which prevents the server from stopping. |
Matt Rosencrantz | 317b0c5 | 2015-03-24 20:47:01 -0700 | [diff] [blame] | 740 | s.serverStateLock.Lock() |
| 741 | s.outstandingRequestLock.Lock() |
| 742 | s.outstandingValidationRequests = make(map[int32]chan []error) |
| 743 | s.outstandingRequestLock.Unlock() |
| 744 | s.serverStateLock.Unlock() |
Jiri Simsa | 78b646f | 2014-10-08 10:23:05 -0700 | [diff] [blame] | 745 | } |
Ali Ghassemi | 1008bbe | 2014-11-07 16:36:08 -0800 | [diff] [blame] | 746 | |
| 747 | func (s *Server) AddName(name string) error { |
| 748 | return s.server.AddName(name) |
| 749 | } |
| 750 | |
Cosmos Nicolaou | b1a41af | 2015-01-25 22:13:40 -0800 | [diff] [blame] | 751 | func (s *Server) RemoveName(name string) { |
| 752 | s.server.RemoveName(name) |
Ali Ghassemi | 1008bbe | 2014-11-07 16:36:08 -0800 | [diff] [blame] | 753 | } |