Permalink
Browse files

Rename "domain" to "directory" (#1077) (#1079)

* Rename "domain" to "directory" (#1077)

"Domain" can be conflated with the domain name of the KT server. "Directory" is meaningful as a namespace over user identifiers, e.g. a telephone directory.

* Fix indentation inside SQL commands.

* Fix erroneous replacement in README.md

* Fix long lines and error messages

* Fix monitor_test build

* Make use of opts in setupHistory
  • Loading branch information...
jtoohill authored and gdbelvin committed Oct 24, 2018
1 parent d9274a7 commit 95963a3f82351704ee86cf6cec394e5d9c04449b
Showing with 1,780 additions and 1,795 deletions.
  1. +4 −4 README.md
  2. +9 −9 cmd/gen-test-vectors/main.go
  3. +3 −3 cmd/keytransparency-client/cmd/hammer.go
  4. +1 −1 cmd/keytransparency-client/cmd/post.go
  5. +7 −7 cmd/keytransparency-client/cmd/root.go
  6. +5 −5 cmd/keytransparency-monitor/main.go
  7. +9 −9 cmd/keytransparency-sequencer/main.go
  8. +4 −4 cmd/keytransparency-server/main.go
  9. +74 −71 core/adminserver/admin_server.go
  10. +69 −69 core/adminserver/admin_server_test.go
  11. +8 −8 core/api/monitor/v1/monitor.proto
  12. +59 −61 core/api/monitor/v1/monitor_go_proto/monitor.pb.go
  13. +11 −11 core/api/monitor/v1/monitor_go_proto/monitor.pb.gw.go
  14. +2 −2 core/api/type/type.proto
  15. +36 −39 core/api/type/type_go_proto/type.pb.go
  16. +15 −15 core/api/usermanager/v1/usermanager.proto
  17. +77 −82 core/api/usermanager/v1/usermanager_go_proto/usermanager.pb.go
  18. +22 −22 core/api/usermanager/v1/usermanager_go_proto/usermanager.pb.gw.go
  19. +49 −49 core/api/v1/admin.proto
  20. +35 −35 core/api/v1/keytransparency.proto
  21. +331 −340 core/api/v1/keytransparency_go_proto/admin.pb.go
  22. +56 −56 core/api/v1/keytransparency_go_proto/admin.pb.gw.go
  23. +191 −203 core/api/v1/keytransparency_go_proto/keytransparency.pb.go
  24. +61 −61 core/api/v1/keytransparency_go_proto/keytransparency.pb.gw.go
  25. +18 −17 core/client/client.go
  26. +4 −3 core/client/client_test.go
  27. +6 −6 core/client/get_and_verify.go
  28. +7 −6 core/client/gobindclient/client.go
  29. +6 −6 core/client/hammer/hammer.go
  30. +7 −7 core/client/mutations.go
  31. +6 −6 core/client/verify.go
  32. +8 −8 core/client/verify_test.go
  33. +6 −6 core/crypto/vrf/p256/p256_test.go
  34. +1 −1 core/crypto/vrf/vrf.go
  35. +16 −16 core/{domain/storage.go → directory/directory.go}
  36. +29 −29 core/fake/domain_storage.go
  37. +28 −28 core/fake/domain_storage_test.go
  38. +12 −10 core/fake/mutation_storage.go
  39. +8 −8 core/fake/usermanager.go
  40. +1 −1 core/integration/alltests.go
  41. +11 −11 core/integration/client_tests.go
  42. +8 −7 core/integration/monitor_tests.go
  43. +20 −17 core/keyserver/epochs.go
  44. +6 −6 core/keyserver/epochs_test.go
  45. +66 −65 core/keyserver/keyserver.go
  46. +10 −10 core/keyserver/keyserver_test.go
  47. +5 −5 core/managementserver/server.go
  48. +6 −6 core/monitor/monitor.go
  49. +9 −9 core/mutator/entry/mutation.go
  50. +3 −3 core/mutator/entry/mutation_test.go
  51. +4 −4 core/mutator/mutator.go
  52. +13 −13 core/sequencer/sequencer.go
  53. +6 −6 core/sequencer/sequencer_api.proto
  54. +14 −13 core/sequencer/sequencer_go_proto/sequencer_api.pb.go
  55. +45 −45 core/sequencer/server.go
  56. +3 −3 core/sequencer/server_test.go
  57. +4 −4 core/testdata/{domain.json → directory.json}
  58. +2 −2 deploy/kubernetes/init-pod.yaml
  59. +1 −1 deploy/kubernetes/monitor-deployment.yaml
  60. +11 −11 docker-compose.yml
  61. +10 −10 docs/verification.md
  62. +7 −7 impl/authorization/authorization.go
  63. +29 −29 impl/authorization/authorization_test.go
  64. +2 −2 impl/authorization/authz.proto
  65. +4 −4 impl/authorization/authz_go_proto/authz.pb.go
  66. +17 −17 impl/integration/env.go
  67. +35 −35 impl/sql/{domain → directory}/storage.go
  68. +37 −36 impl/sql/{domain → directory}/storage_test.go
  69. +19 −19 impl/sql/keysets/keysets.go
  70. +11 −11 impl/sql/keysets/keysets_test.go
  71. +22 −21 impl/sql/mutationstorage/mutations.go
  72. +3 −3 impl/sql/mutationstorage/mutations_test.go
  73. +26 −26 impl/sql/mutationstorage/queue.go
  74. +10 −10 impl/sql/mutationstorage/queue_test.go
@@ -106,8 +106,8 @@ Creating keytransparency_monitor_1 ... done
2. Watch it Run
- `docker-compose logs --tail=0 --follow`
- [Proof for app1/foo@bar.com](https://35.202.56.9/v1/domains/default/apps/appID/users/foo@bar.com)
- [Server configuration info](https://35.202.56.9/v1/domains/default)
- [Proof for app1/foo@bar.com](https://35.202.56.9/v1/directories/default/apps/appID/users/foo@bar.com)
- [Server configuration info](https://35.202.56.9/v1/directories/default)
## Development and Testing
Key Transparency and its [Trillian](https://github.com/google/trillian) backend
@@ -124,10 +124,10 @@ The directory structure of Key Transparency is as follows:
* [keytransparency-sequencer](cmd/keytransparency-sequencer): Key Transparency backend.
* [keytransparency-server](cmd/keytransparency-sequencer): Key Transparency frontend.
* [**core**](core): main library source code. Core libraries do not import [impl](impl).
* [adminserver](core/adminserver): private api for creating new domains and apps.
* [adminserver](core/adminserver): private api for creating new directories and apps.
* [**api**](core/api): gRPC API definitions.
* [**crypto**](core/crypto): verifiable random function and commitment implementations.
* [domain](core/domain): interface for retrieving domain info from storage.
* [directory](core/directory): interface for retrieving directory info from storage.
* [keyserver](core/keyserver): keyserver implementation.
* [**mutator**](core/mutator): "smart contract" implementation.
* [sequencer](core/sequencer): mutation executor.
@@ -86,8 +86,8 @@ func GenerateTestVectors(ctx context.Context, env *integration.Env) error {
if err := sequencer.PeriodicallyRun(ctx, ticker.C,
func(ctx context.Context) error {
_, err := env.Sequencer.RunBatch(ctx, &spb.RunBatchRequest{
DomainId: env.Domain.DomainId,
MinBatch: 1,
DirectoryId: env.Directory.DirectoryId,
MinBatch: 1,
})
return err
}); err != nil {
@@ -163,16 +163,16 @@ func GenerateTestVectors(ctx context.Context, env *integration.Env) error {
} {
// Check profile.
e, err := env.Cli.GetEntry(ctx, &pb.GetEntryRequest{
DomainId: env.Domain.DomainId,
DirectoryId: env.Directory.DirectoryId,
UserId: tc.userID,
AppId: appID,
FirstTreeSize: int64(slr.TreeSize),
})
if err != nil {
return fmt.Errorf("gen-test-vectors: GetEntry(): %v", err)
}
var newslr *types.LogRootV1
if _, newslr, err = env.Client.VerifyGetEntryResponse(ctx, env.Domain.DomainId, appID, tc.userID, *slr, e); err != nil {
_, newslr, err := env.Client.VerifyGetEntryResponse(ctx, env.Directory.DirectoryId, appID, tc.userID, *slr, e)
if err != nil {
return fmt.Errorf("gen-test-vectors: VerifyGetEntryResponse(): %v", err)
}
@@ -197,7 +197,7 @@ func GenerateTestVectors(ctx context.Context, env *integration.Env) error {
// Update profile.
if tc.setProfile != nil {
u := &tpb.User{
DomainId: env.Domain.DomainId,
DirectoryId: env.Directory.DirectoryId,
AppId: appID,
UserId: tc.userID,
PublicKeyData: tc.setProfile,
@@ -224,13 +224,13 @@ func SaveTestVectors(dir string, env *integration.Env, resps []testdata.GetEntry
Indent: "\t",
}
// Output all key material needed to verify the test vectors.
domainFile := dir + "/domain.json"
f, err := os.Create(domainFile)
directoryFile := dir + "/directory.json"
f, err := os.Create(directoryFile)
if err != nil {
return err
}
defer f.Close()
if err := marshaler.Marshal(f, env.Domain); err != nil {
if err := marshaler.Marshal(f, env.Directory); err != nil {
return fmt.Errorf("gen-test-vectors: jsonpb.Marshal(): %v", err)
}
@@ -69,15 +69,15 @@ var hammerCmd = &cobra.Command{
},
RunE: func(cmd *cobra.Command, args []string) error {
ktURL := viper.GetString("kt-url")
domainID := viper.GetString("domain")
directoryID := viper.GetString("directory")
timeout := viper.GetDuration("timeout")
log.Printf("Hammering %v/domains/%v: with %v timeout", ktURL, domainID, timeout)
log.Printf("Hammering %v/directories/%v: with %v timeout", ktURL, directoryID, timeout)
ctx := context.Background()
h, err := hammer.New(ctx, dial, callOptions,
ktURL, domainID, timeout, keyset)
ktURL, directoryID, timeout, keyset)
if err != nil {
return err
}
@@ -91,7 +91,7 @@ User email MUST match the OAuth account used to authorize the update.
return fmt.Errorf("updateKeys() failed: %v", err)
}
u := &tpb.User{
DomainId: viper.GetString("domain"),
DirectoryId: viper.GetString("directory"),
AppId: appID,
UserId: userID,
PublicKeyData: profileData,
@@ -73,10 +73,10 @@ func init() {
cobra.OnInitialize(initConfig)
RootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.keytransparency.yaml)")
RootCmd.PersistentFlags().String("domain", "default", "Domain within the KT server")
RootCmd.PersistentFlags().String("directory", "default", "Directory within the KT server")
RootCmd.PersistentFlags().String("kt-url", "35.202.56.9:443", "URL of Key Transparency server")
RootCmd.PersistentFlags().String("kt-cert", "genfiles/server.crt", "Path to public key for Key Transparency")
RootCmd.PersistentFlags().Bool("autoconfig", true, "Fetch config info from the server's /v1/domain/info")
RootCmd.PersistentFlags().Bool("autoconfig", true, "Fetch config info from the server's /v1/directory/info")
RootCmd.PersistentFlags().Bool("insecure", true, "Skip TLS checks")
RootCmd.PersistentFlags().String("vrf", "genfiles/vrf-pubkey.pem", "path to vrf public key")
@@ -225,18 +225,18 @@ func GetClient(ctx context.Context) (*client.Client, error) {
}
// config selects a source for and returns the client configuration.
func config(ctx context.Context, client pb.KeyTransparencyClient) (*pb.Domain, error) {
func config(ctx context.Context, client pb.KeyTransparencyClient) (*pb.Directory, error) {
autoConfig := viper.GetBool("autoconfig")
domain := viper.GetString("domain")
directory := viper.GetString("directory")
switch {
case autoConfig:
return client.GetDomain(ctx, &pb.GetDomainRequest{DomainId: domain})
return client.GetDirectory(ctx, &pb.GetDirectoryRequest{DirectoryId: directory})
default:
return readConfigFromDisk()
}
}
func readConfigFromDisk() (*pb.Domain, error) {
func readConfigFromDisk() (*pb.Directory, error) {
vrfPubFile := viper.GetString("vrf")
logPEMFile := viper.GetString("log-key")
mapPEMFile := viper.GetString("map-key")
@@ -271,7 +271,7 @@ func readConfigFromDisk() (*pb.Domain, error) {
return nil, fmt.Errorf("error seralizeing map public key: %v", err)
}
return &pb.Domain{
return &pb.Directory{
Log: &trillian.Tree{
HashStrategy: trillian.HashStrategy_OBJECT_RFC6962_SHA256,
PublicKey: logPubPB,
@@ -50,7 +50,7 @@ var (
signingKeyPassword = flag.String("password", "towel", "Password of the private key PEM file for SMH signing")
ktURL = flag.String("kt-url", "localhost:8080", "URL of key-server.")
insecure = flag.Bool("insecure", false, "Skip TLS checks")
domainID = flag.String("domainid", "", "KT Domain identifier to monitor")
directoryID = flag.String("directoryid", "", "KT Directory identifier to monitor")
// TODO(ismail): expose prometheus metrics: a variable that tracks valid/invalid MHs
// metricsAddr = flag.String("metrics-addr", ":8081", "The ip:port to publish metrics on")
@@ -67,9 +67,9 @@ func main() {
}
ktClient := pb.NewKeyTransparencyClient(cc)
config, err := ktClient.GetDomain(ctx, &pb.GetDomainRequest{DomainId: *domainID})
config, err := ktClient.GetDirectory(ctx, &pb.GetDirectoryRequest{DirectoryId: *directoryID})
if err != nil {
glog.Exitf("Could not read domain info %v:", err)
glog.Exitf("Could not read directory info %v:", err)
}
// Read signing key:
@@ -81,15 +81,15 @@ func main() {
store := fake.NewMonitorStorage()
// Create monitoring background process.
mon, err := monitor.NewFromDomain(ktClient, config, signer, store)
mon, err := monitor.NewFromDirectory(ktClient, config, signer, store)
if err != nil {
glog.Exitf("Failed to initialize monitor: %v", err)
}
// TODO(gbelvin): persist trusted roots
trusted := types.LogRootV1{}
go func() {
if err := mon.ProcessLoop(ctx, *domainID, trusted); err != nil {
if err := mon.ProcessLoop(ctx, *directoryID, trusted); err != nil {
glog.Errorf("ProcessLoop: %v", err)
}
}()
@@ -22,7 +22,7 @@ import (
"github.com/google/keytransparency/core/adminserver"
"github.com/google/keytransparency/core/sequencer"
"github.com/google/keytransparency/impl/sql/domain"
"github.com/google/keytransparency/impl/sql/directory"
"github.com/google/keytransparency/impl/sql/engine"
"github.com/google/keytransparency/impl/sql/mutationstorage"
@@ -42,7 +42,7 @@ var (
// Info to connect to the trillian map and log.
mapURL = flag.String("map-url", "", "URL of Trillian Map Server")
logURL = flag.String("log-url", "", "URL of Trillian Log Server for Signed Map Heads")
refresh = flag.Duration("domain-refresh", 5*time.Second, "Time to detect new domain")
refresh = flag.Duration("directory-refresh", 5*time.Second, "Time to detect new directory")
batchSize = flag.Int("batch-size", 100, "Maximum number of mutations to process per map revision")
)
@@ -83,14 +83,14 @@ func main() {
if err != nil {
glog.Exitf("Failed to create mutations object: %v", err)
}
domainStorage, err := domain.NewStorage(sqldb)
directoryStorage, err := directory.NewStorage(sqldb)
if err != nil {
glog.Exitf("Failed to create domain storage object: %v", err)
glog.Exitf("Failed to create directory storage object: %v", err)
}
// Create server
sequencerServer := sequencer.NewServer(
domainStorage,
directoryStorage,
logAdmin, mapAdmin,
tlog, tmap,
mutations, mutations,
@@ -106,14 +106,14 @@ func main() {
signer := sequencer.New(
sequencerClient,
mapAdmin,
domainStorage,
directoryStorage,
mutations,
*batchSize)
keygen := func(ctx context.Context, spec *keyspb.Specification) (proto.Message, error) {
return der.NewProtoFromSpec(spec)
}
adminServer := adminserver.New(tlog, tmap, logAdmin, mapAdmin, domainStorage, mutations, keygen)
adminServer := adminserver.New(tlog, tmap, logAdmin, mapAdmin, directoryStorage, mutations, keygen)
glog.Infof("Signer starting")
// Run servers
@@ -122,8 +122,8 @@ func main() {
cctx, cancel := context.WithCancel(context.Background())
defer cancel()
if err := sequencer.PeriodicallyRun(ctx, time.Tick(*refresh),
signer.RunBatchForAllDomains); err != nil {
glog.Errorf("PeriodicallyRun(RunBatchForAllDomains): %v", err)
signer.RunBatchForAllDirectories); err != nil {
glog.Errorf("PeriodicallyRun(RunBatchForAllDirectories): %v", err)
}
httpServer.Shutdown(cctx)
glog.Errorf("Signer exiting")
@@ -24,7 +24,7 @@ import (
"github.com/google/keytransparency/core/mutator/entry"
"github.com/google/keytransparency/impl/authentication"
"github.com/google/keytransparency/impl/authorization"
"github.com/google/keytransparency/impl/sql/domain"
"github.com/google/keytransparency/impl/sql/directory"
"github.com/google/keytransparency/impl/sql/engine"
"github.com/google/keytransparency/impl/sql/mutationstorage"
@@ -95,9 +95,9 @@ func main() {
}
// Create database and helper objects.
domains, err := domain.NewStorage(sqldb)
directories, err := directory.NewStorage(sqldb)
if err != nil {
glog.Exitf("Failed to create domain storage: %v", err)
glog.Exitf("Failed to create directory storage: %v", err)
}
logs, err := mutationstorage.New(sqldb)
if err != nil {
@@ -120,7 +120,7 @@ func main() {
// Create gRPC server.
ksvr := keyserver.New(tlog, tmap, logAdmin, mapAdmin,
entry.New(), domains, logs, logs)
entry.New(), directories, logs, logs)
grpcServer := grpc.NewServer(
grpc.Creds(creds),
grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
Oops, something went wrong.

0 comments on commit 95963a3

Please sign in to comment.