Skip to content
This repository has been archived by the owner on Mar 3, 2020. It is now read-only.

Commit

Permalink
Cleaning up add_peer functionality
Browse files Browse the repository at this point in the history
  • Loading branch information
rnistuk committed Sep 4, 2018
1 parent 5c3b0fb commit 04738f1
Show file tree
Hide file tree
Showing 8 changed files with 17 additions and 27 deletions.
1 change: 0 additions & 1 deletion bootstrap/bootstrap_peers.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.


#include <utils/blacklist.hpp>
#include <utils/crypto.hpp>
#include <utils/http_get.hpp>
Expand Down
2 changes: 2 additions & 0 deletions raft/raft.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -488,13 +488,15 @@ raft::handle_add_peer(std::shared_ptr<bzn::session_base> session, const bzn::mes

if (this->security_enabled && !this->validate_new_peer(session, peer))
{
// Note: failure messages sent from within validate_new_peer
return;
}

this->peer_match_index[peer["uuid"].asString()] = 1;
this->append_log_unsafe(this->create_joint_quorum_by_adding_peer(last_quorum_entry.msg, peer),
bzn::log_entry_type::joint_quorum);

// The add peer has succeded, let's send a message back to the requester
bzn::message msg;
msg["bzn-api"] = "raft";
msg["cmd"] = "add_peer";
Expand Down
8 changes: 4 additions & 4 deletions raft/raft_base.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -138,13 +138,13 @@ namespace bzn
*/
virtual void register_commit_handler(bzn::raft_base::commit_handler handler) = 0;


/**
* Returns the state of ht esecurity enabled flag. True if a peer added to the swarm via
* Returns the state of the security enabled flag. True if a peer added to the swarm via
* the add_peer ws command will be validated against the Bluzelle Private Key and node
* blacklist.
*
* @return boolean, state of security validation
*
* @return boolean, state of security validation
*/
virtual bool get_security_enabled() = 0;

Expand Down
5 changes: 1 addition & 4 deletions raft/raft_log.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,11 @@ namespace bzn {
const std::string MSG_UNABLE_TO_CREATE_LOG_PATH_NAMED{"Unable to create log path: "};
const std::string MSG_EXITING_DUE_TO_LOG_PATH_CREATION_FAILURE{"MSG_EXITING_DUE_TO_LOG_PATH_CREATION_FAILURE"};
const std::string MSG_ERROR_MAXIMUM_STORAGE_EXCEEDED{"Maximum storage has been exceeded, please update the options file."};
const size_t DEFAULT_MAX_STORAGE_SIZE{2147483648};
const size_t DEFAULT_MAX_STORAGE_SIZE{2147483648}; // The default maximum allowed storage for a node is 2G

class raft_log
{
public:
// The default maximum allowed storage for a node is 2G
//const size_t DEFAULT_MAX_STORAGE_SIZE = 2147483648;

raft_log(const std::string& log_path, const size_t max_storage = bzn::DEFAULT_MAX_STORAGE_SIZE);

const bzn::log_entry& entry_at(size_t i) const;
Expand Down
7 changes: 1 addition & 6 deletions raft/test/raft_test.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,6 @@ namespace

const std::string TEST_STATE_DIR = "./.raft_test_state/";

// note the \x0a appended to the end of the uuid's. Since the OpenSSL signing
// is done on the command line with text files, the \x0a is the new line
// marker and may need to be appended for the signing to work.
const std::string valid_uuid {"9dc2f619-2e77-49f7-9b20-5b55fd87ea44"};
const std::string invalid_uuid {"8eb1e708-2e77-49f7-9b20-5b55fd87ea44"};

Expand Down Expand Up @@ -1663,7 +1660,6 @@ namespace bzn
EXPECT_EQ(root["response"]["msg"].asString(), SUCCESS_PEER_ADDED_TO_SWARM);
}));


EXPECT_EQ(bzn::log_entry_type::single_quorum, raft.raft_log->last_quorum_entry().entry_type);

auto active_list = raft.get_active_quorum();
Expand Down Expand Up @@ -1731,7 +1727,6 @@ namespace bzn
EXPECT_EQ(root["response"]["msg"].asString(), SUCCESS_PEER_ADDED_TO_SWARM);
}));


EXPECT_EQ(bzn::log_entry_type::single_quorum, raft.raft_log->last_quorum_entry().entry_type);

std::set<bzn::uuid_t> yes_votes;
Expand Down Expand Up @@ -1985,7 +1980,7 @@ namespace bzn
mh(bad_add_peer, this->mock_session);
}

// Adding a valid peer that has a valid signature must be added.
// Adding a valid peer that has a valid signature must suceed.
{
bzn::message msg = make_secure_add_peer_request(valid_uuid);
mh(msg,this->mock_session);
Expand Down
2 changes: 1 addition & 1 deletion scripts/sign_uuid.sh
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
#!/usr/bin/env bash



usage()
{
echo "usage: sign_uuid -k path/to/private.pem -u <uuid_of_node>"
Expand Down Expand Up @@ -69,6 +68,7 @@ use_private_pem_to_sign_uuid()
private_key_file_name=
uuid_file_name=/tmp/uuid.txt

# TODO Move the while block into it's own function
while [ "$1" != "" ]; do
case $1 in
-k | --key ) shift
Expand Down
17 changes: 8 additions & 9 deletions utils/crypto.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@
#include <iostream>
#include <memory>


namespace
{
/**
Expand Down Expand Up @@ -92,7 +91,7 @@ namespace
* Given the public key string in PEM format, this function will return the
* RSA public key structure that OpenSSL functions use.
*
* @param key a const std::string containing the public key in PEM format
* @param key a const std::string reference containing the public key in PEM format
* @return a pointer to the RSA structure contqining the public key
*/
RSA* create_public_RSA(const std::string& key)
Expand All @@ -117,13 +116,13 @@ namespace
* that the signature is valid.
*
* @param rsa a pointer to the public key structure
* @param signature a const vector containing the signature associated with the uuid
* @param uuid a const string containing the nodes' uuid
* @param is_authentic an in out pointer to a bool that will be set to true if the signature is valid, false otherwise.
* @param signature a const vector reference to the signature associated with the uuid
* @param uuid a const string reference to the nodes' uuid
* @param is_authentic an reference to a bool that will be set to true if the signature is valid, false otherwise.
* @return a bool that returns true if the validation process was successful.
*/
bool
RSA_verify_signature(const RSA* rsa, const std::vector<unsigned char>& signature, const std::string& uuid, bool* is_authentic)
RSA_verify_signature(const RSA* rsa, const std::vector<unsigned char>& signature, const std::string& uuid, bool& is_authentic)
{
std::unique_ptr<EVP_PKEY, std::function<void(EVP_PKEY*)>> public_key{EVP_PKEY_new(), EVP_PKEY_free};
std::unique_ptr<EVP_MD_CTX, std::function<void(EVP_MD_CTX*)>> RSA_verification_context{EVP_MD_CTX_create(), EVP_MD_CTX_destroy};
Expand All @@ -134,7 +133,7 @@ namespace
// the following as a raw pointer.
const EVP_MD* sha256_message_digest = EVP_sha256();

*is_authentic = false;
is_authentic = false;
EVP_PKEY_assign_RSA(public_key.get(), rsa);

EVP_DigestInit_ex( RSA_verification_context.get(), sha256_message_digest, nullptr);
Expand All @@ -158,7 +157,7 @@ namespace
// validation process.
if ( auth_status==0 || auth_status==1)
{
*is_authentic = (auth_status==1);
is_authentic = (auth_status==1);
return true;
}
else
Expand Down Expand Up @@ -230,7 +229,7 @@ namespace bzn::utils::crypto
base64_decode(signature, binary_signature);

bool authentic{false};
bool ret_val = RSA_verify_signature( public_rsa, binary_signature, uuid, &authentic);
bool ret_val = RSA_verify_signature( public_rsa, binary_signature, uuid, authentic);

return ret_val & authentic;
}
Expand Down
2 changes: 0 additions & 2 deletions utils/test/utils_test.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,8 @@
#include "utils/blacklist.hpp"
#include "../crypto.hpp"


using namespace::testing;


namespace
{
const char* BLACKLISTED_UUID {"12345678-0900-0000-0000-000000000000"};
Expand Down

0 comments on commit 04738f1

Please sign in to comment.