JakeHillion/storj
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9a871bf3bc
storj/storagenode/piecestore/verification.go

160 lines
6.2 KiB
Go
Raw Normal View History

Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.
package piecestore
import (
"bytes"
"context"
"time"
"github.com/zeebo/errs"
common: separate repository Change-Id: Ibb89c42060450e3839481a7e495bbe3ad940610a
2019-12-27 11:48:47 +00:00
"storj.io/common/errs2"
"storj.io/common/pb"
"storj.io/common/rpc/rpcstatus"
"storj.io/common/signing"
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
)
var (
// ErrVerifyNotAuthorized is returned when the one submitting the action is not authorized to perform that action.
ErrVerifyNotAuthorized = errs.Class("not authorized")
// ErrVerifyUntrusted is returned when action is not trusted.
ErrVerifyUntrusted = errs.Class("untrusted")
// ErrVerifyDuplicateRequest is returned when serial number has been already used to submit an action.
ErrVerifyDuplicateRequest = errs.Class("duplicate request")
)
// VerifyOrderLimit verifies that the order limit is properly signed and has sane values.
// It also verifies that the serial number has not been used.
storagenode: Report gRPC error when satellite is untrusted (#2658) * storagenode/piecestore: Unexport endpoint method Make an exported endpoint method to be unexported because it's only used by the same package and makes easy to change without thinking in breaking changes. * uplink/ecclient: Use structured logger Swap sugared logger by the normal structured logger for having the full stack traces of the error in the debug message. * storagenode/piecestore: Send gRPC error codes upload Refactoring in the storagenode/piecestore to send gRPC status error codes when some of the methods involved by upload return an error. The uplink related to uploads has also been modified to retrieve the gRPC status code when an error is returned by the server.
2019-07-30 17:58:08 +01:00
func (endpoint *Endpoint) verifyOrderLimit(ctx context.Context, limit *pb.OrderLimit) (err error) {
storagenode: add monkit task to missing places (#2107)
2019-06-04 13:31:39 +01:00
defer mon.Task()(&ctx)(&err)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
// sanity checks
storagenode: use minimum time in the order for expiration (#2504)
2019-07-09 22:16:30 +01:00
now := time.Now()
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
switch {
case limit.Limit < 0:
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Error(rpcstatus.InvalidArgument, "order limit is negative")
storagenode/piecestore: return node certificate chain at upload conclusion uplinks currently get the node's certificate chain over TLS. once Noise is in use, uplinks will no longer be able to do this. we should start having the upload request return the certificate chain in the same release that starts supporting noise. Change-Id: I619b23cb8e25691bcc62d760f884403a4ccd64a0
2023-01-30 20:44:45 +00:00
case endpoint.ident.ID != limit.StorageNodeId:
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "order intended for other storagenode: %v", limit.StorageNodeId)
Change protobuf expirations to use time.Time (#2509) * Change protobuf expirations to use time.Time instead of timestamp.Timestamp
2019-07-09 22:54:00 +01:00
case endpoint.IsExpired(limit.PieceExpiration):
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "piece expired: %v", limit.PieceExpiration)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
case endpoint.IsExpired(limit.OrderExpiration):
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "order expired: %v", limit.OrderExpiration)
storagenode: use minimum time in the order for expiration (#2504)
2019-07-09 22:16:30 +01:00
case now.Sub(limit.OrderCreation) > endpoint.config.OrderLimitGracePeriod:
storagenode/signature: Reject uploads with a timestamp too far in the future (#3194)
2019-10-08 12:09:46 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "order created too long ago: OrderCreation %v < SystemClock %v", limit.OrderCreation, now)
case limit.OrderCreation.Sub(now) > endpoint.config.OrderLimitGracePeriod:
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "order created too far in the future: OrderCreation %v > SystemClock %v", limit.OrderCreation, now)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
case limit.SatelliteId.IsZero():
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "missing satellite id")
protocol: implement new piece signing and verification (#2525)
2019-07-11 21:51:40 +01:00
case limit.UplinkPublicKey.IsZero():
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "missing uplink public key")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
case len(limit.SatelliteSignature) == 0:
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "missing satellite signature")
Move psserver tests (#1522)
2019-03-20 21:12:00 +00:00
case limit.PieceId.IsZero():
all: use pkg/rpc instead of pkg/transport all of the packages and tests work with both grpc and drpc. we'll probably need to do some jenkins pipelines to run the tests with drpc as well. most of the changes are really due to a bit of cleanup of the pkg/transport.Client api into an rpc.Dialer in the spirit of a net.Dialer. now that we don't need observers, we can pass around stateless configuration to everything rather than stateful things that issue observations. it also adds a DialAddressID for the case where we don't have a pb.Node, but we do have an address and want to assert some ID. this happened pretty frequently, and now there's no more weird contortions creating custom tls options, etc. a lot of the other changes are being consistent/using the abstractions in the rpc package to do rpc style things like finding peer information, or checking status codes. Change-Id: Ief62875e21d80a21b3c56a5a37f45887679f9412
2019-09-19 05:46:39 +01:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument, "missing piece id")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
if err := endpoint.trust.VerifySatelliteID(ctx, limit.SatelliteId); err != nil {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.PermissionDenied, err)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
if err := endpoint.VerifyOrderLimitSignature(ctx, limit); err != nil {
storagenode: Report gRPC error when satellite is untrusted (#2658) * storagenode/piecestore: Unexport endpoint method Make an exported endpoint method to be unexported because it's only used by the same package and makes easy to change without thinking in breaking changes. * uplink/ecclient: Use structured logger Swap sugared logger by the normal structured logger for having the full stack traces of the error in the debug message. * storagenode/piecestore: Send gRPC error codes upload Refactoring in the storagenode/piecestore to send gRPC status error codes when some of the methods involved by upload return an error. The uplink related to uploads has also been modified to retrieve the gRPC status code when an error is returned by the server.
2019-07-30 17:58:08 +01:00
if errs2.IsCanceled(err) {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Canceled, err)
don't cache failed satellite certificate fetch attempt (#1745) * don't cache failing error * fix test * fix linter errors
2019-04-12 15:28:27 +01:00
}
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Unauthenticated, err)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
Change protobuf expirations to use time.Time (#2509) * Change protobuf expirations to use time.Time instead of timestamp.Timestamp
2019-07-09 22:54:00 +01:00
serialExpiration := limit.OrderExpiration
storagenode: use minimum time in the order for expiration (#2504)
2019-07-09 22:16:30 +01:00
// Expire the serial earlier if the grace period is smaller than the serial expiration.
if graceExpiration := now.Add(endpoint.config.OrderLimitGracePeriod); graceExpiration.Before(serialExpiration) {
serialExpiration = graceExpiration
}
storagenode/piecestore: switch usedserials db for in-memory usedserials store Part 2 of moving usedserials in memory * Drop usedserials table in storagenodedb * Use in-memory usedserials store in place of db for order limit verification * Update order limit grace period to be only one hour - this means uplinks must send their order limits to storagenodes within an hour of receiving them Change-Id: I37a0e1d2ca6cb80854a3ef495af2d1d1f92e9f03
2020-05-27 22:07:24 +01:00
if err := endpoint.usedSerials.Add(limit.SatelliteId, limit.SerialNumber, serialExpiration); err != nil {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Unauthenticated, err)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
return nil
}
// VerifyOrder verifies that the order corresponds to the order limit and has all the necessary fields.
protocol: implement new piece signing and verification (#2525)
2019-07-11 21:51:40 +01:00
func (endpoint *Endpoint) VerifyOrder(ctx context.Context, limit *pb.OrderLimit, order *pb.Order, largestOrderAmount int64) (err error) {
storagenode: add monkit task to missing places (#2107)
2019-06-04 13:31:39 +01:00
defer mon.Task()(&ctx)(&err)
Add serial number type (#1508)
2019-03-18 13:08:24 +00:00
if order.SerialNumber != limit.SerialNumber {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Error(rpcstatus.InvalidArgument, "order serial number changed during upload")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
// TODO: add check for minimum allocation step
if order.Amount < largestOrderAmount {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument,
"order contained smaller amount=%v, previous=%v",
order.Amount, largestOrderAmount)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
if order.Amount > limit.Limit {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Errorf(rpcstatus.InvalidArgument,
"order exceeded allowed amount=%v, limit=%v",
order.Amount, limit.Limit)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
protocol: implement new piece signing and verification (#2525)
2019-07-11 21:51:40 +01:00
if err := signing.VerifyUplinkOrderSignature(ctx, limit.UplinkPublicKey, order); err != nil {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Unauthenticated, err)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
return nil
}
// VerifyPieceHash verifies whether the piece hash is properly signed and matches the locally computed hash.
protocol: implement new piece signing and verification (#2525)
2019-07-11 21:51:40 +01:00
func (endpoint *Endpoint) VerifyPieceHash(ctx context.Context, limit *pb.OrderLimit, hash *pb.PieceHash, expectedHash []byte) (err error) {
storagenode: add monkit task to missing places (#2107)
2019-06-04 13:31:39 +01:00
defer mon.Task()(&ctx)(&err)
protocol: implement new piece signing and verification (#2525)
2019-07-11 21:51:40 +01:00
if limit == nil || hash == nil || len(expectedHash) == 0 {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Error(rpcstatus.InvalidArgument, "invalid arguments")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
if limit.PieceId != hash.PieceId {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Error(rpcstatus.InvalidArgument, "piece id changed")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
if !bytes.Equal(hash.Hash, expectedHash) {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Error(rpcstatus.InvalidArgument, "hashes don't match")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
protocol: implement new piece signing and verification (#2525)
2019-07-11 21:51:40 +01:00
if err := signing.VerifyUplinkPieceHashSignature(ctx, limit.UplinkPublicKey, hash); err != nil {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Error(rpcstatus.Unauthenticated, "invalid piece hash signature")
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
return nil
}
// VerifyOrderLimitSignature verifies that the order limit signature is valid.
pkg/pb: rename Order2 to Order, OrderLimit2 to OrderLimit (#2406)
2019-07-01 16:54:11 +01:00
func (endpoint *Endpoint) VerifyOrderLimitSignature(ctx context.Context, limit *pb.OrderLimit) (err error) {
storagenode: add monkit task to missing places (#2107)
2019-06-04 13:31:39 +01:00
defer mon.Task()(&ctx)(&err)
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
signee, err := endpoint.trust.GetSignee(ctx, limit.SatelliteId)
if err != nil {
Fix TestGetSignee flakiness (#2350) * add IsCanceled * fixes to error handling * fix imports * retrigger jenkins
2019-06-26 16:30:37 +01:00
if errs2.IsCanceled(err) {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Canceled, err)
don't cache failed satellite certificate fetch attempt (#1745) * don't cache failing error * fix test * fix linter errors
2019-04-12 15:28:27 +01:00
}
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Unauthenticated,
ErrVerifyUntrusted.New("unable to get signee: %w", err))
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
pkg/auth: add monkit task to missing places (#2123) What: add monkit.Task to a bunch of functions that are missing it Why: this will significantly help our instrumentation, data collection, and tracing about what's going on in the network
2019-06-05 14:47:01 +01:00
if err := signing.VerifyOrderLimitSignature(ctx, signee, limit); err != nil {
storagenode/piecestore: add large timeouts to read/write operations this is to help protect against intentional or unintentional slowloris style problems where a client keeps a tcp connection alive but never sends any data. because grpc is great, we have to spawn a separate goroutine for every read/write to the stream so that we can return from the server handler to cancel it if necessary. yep. really. additionally, we update the rpcstatus package to do some stack trace capture and add a Wrap method for the times where we want to just use the existing error. also fixes a number of TODOs where we attach status codes to the returned errors in the endpoints. Change-Id: Id8bb8ff84aa34e0f711b0cf9bce3908b36a1d3c1
2019-11-19 01:50:56 +00:00
return rpcstatus.Wrap(rpcstatus.Unauthenticated,
ErrVerifyUntrusted.New("invalid order limit signature: %w", err))
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
return nil
}
// IsExpired checks whether the date has already expired (with a threshold) at the time of calling this function.
Change protobuf expirations to use time.Time (#2509) * Change protobuf expirations to use time.Time instead of timestamp.Timestamp
2019-07-09 22:54:00 +01:00
func (endpoint *Endpoint) IsExpired(expiration time.Time) bool {
if expiration.IsZero() {
return false
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
// TODO: return specific error about either exceeding the expiration completely or just the grace period
Change protobuf expirations to use time.Time (#2509) * Change protobuf expirations to use time.Time instead of timestamp.Timestamp
2019-07-09 22:54:00 +01:00
return expiration.Before(time.Now().Add(-endpoint.config.ExpirationGracePeriod))
Storage node and upload/download protocol refactor (#1422) refactor storage node server refactor upload and download protocol
2019-03-18 10:55:06 +00:00
}
Reference in New Issue Copy Permalink