From 36944ca8180a818a572a81bb7f7ef40f459095e4 Mon Sep 17 00:00:00 2001 From: mpl Date: Tue, 29 Mar 2016 16:43:20 +0200 Subject: [PATCH] server/camlistored: upload gpg key blob on startup Fixes Issue #700 Change-Id: Ica92c321666220043e9c157de38e67a043250afe --- pkg/jsonsign/signhandler/sig.go | 8 +++++--- pkg/serverinit/serverinit.go | 17 +++++++++++++++++ server/camlistored/camlistored.go | 4 ++++ 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/pkg/jsonsign/signhandler/sig.go b/pkg/jsonsign/signhandler/sig.go index eb6767f4a..46a222183 100644 --- a/pkg/jsonsign/signhandler/sig.go +++ b/pkg/jsonsign/signhandler/sig.go @@ -125,7 +125,9 @@ func newJSONSignFromConfig(ld blobserver.Loader, conf jsonconfig.Obj) (http.Hand return h, nil } -func (h *Handler) uploadPublicKey() error { +// UploadPublicKey writes the public key to the destination blobserver +// defined for the handler, if needed. +func (h *Handler) UploadPublicKey() error { h.pubKeyUploadMu.RLock() if h.pubKeyUploaded { h.pubKeyUploadMu.RUnlock() @@ -256,7 +258,7 @@ func (h *Handler) handleSign(rw http.ResponseWriter, req *http.Request) { badReq(fmt.Sprintf("%v", err)) return } - if err := h.uploadPublicKey(); err != nil { + if err := h.UploadPublicKey(); err != nil { log.Printf("signing handler failed to upload public key: %v", err) } rw.Write([]byte(signedJSON)) @@ -282,7 +284,7 @@ func (h *Handler) Sign(bb *schema.Builder) (string, error) { } else { sreq.SignatureTime = claimTime } - if err := h.uploadPublicKey(); err != nil { + if err := h.UploadPublicKey(); err != nil { log.Printf("signing handler failed to upload public key: %v", err) } return sreq.Sign() diff --git a/pkg/serverinit/serverinit.go b/pkg/serverinit/serverinit.go index d514c8776..3e628730d 100644 --- a/pkg/serverinit/serverinit.go +++ b/pkg/serverinit/serverinit.go @@ -42,6 +42,7 @@ import ( "camlistore.org/pkg/blobserver/handlers" "camlistore.org/pkg/httputil" "camlistore.org/pkg/index" + "camlistore.org/pkg/jsonsign/signhandler" "camlistore.org/pkg/osutil" "camlistore.org/pkg/server" "camlistore.org/pkg/server/app" @@ -400,6 +401,10 @@ type Config struct { // apps is the list of server apps configured during InstallHandlers, // and that should be started after camlistored has started serving. apps []*app.Handler + // signHandler is found and configured during InstallHandlers, or nil. + // It is stored in the Config, so we can call UploadPublicKey on on it as + // soon as camlistored is ready for it. + signHandler *signhandler.Handler } // detectConfigChange returns an informative error if conf contains obsolete keys. @@ -587,6 +592,9 @@ func (config *Config) InstallHandlers(hi HandlerInstaller, baseURL string, reind if helpHandler, ok := handler.(*server.HelpHandler); ok { helpHandler.SetServerConfig(config.Obj) } + if signHandler, ok := handler.(*signhandler.Handler); ok { + config.signHandler = signHandler + } if in, ok := handler.(blobserver.HandlerIniter); ok { if err := in.InitHandler(hl); err != nil { return nil, fmt.Errorf("Error calling InitHandler on %s: %v", pfx, err) @@ -618,6 +626,15 @@ func (config *Config) StartApps() error { return nil } +// UploadPublicKey uploads the public key blob with the sign handler that was +// configured during InstallHandlers. +func (config *Config) UploadPublicKey() error { + if config.signHandler == nil { + return nil + } + return config.signHandler.UploadPublicKey() +} + // AppURL returns a map of app name to app base URL for all the configured // server apps. func (config *Config) AppURL() map[string]string { diff --git a/server/camlistored/camlistored.go b/server/camlistored/camlistored.go index e9790bb38..a01357df7 100644 --- a/server/camlistored/camlistored.go +++ b/server/camlistored/camlistored.go @@ -400,6 +400,10 @@ func Main(up chan<- struct{}, down <-chan struct{}) { osutil.DieOnParentDeath() } + if err := config.UploadPublicKey(); err != nil { + exitf("Error uploading public key on startup: %v", err) + } + if err := config.StartApps(); err != nil { exitf("StartApps: %v", err) }