NEO VM uses little-endian format for integers,
however the resulting byte slice can contain less than 8 bytes.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Session token and signature isn't presented in `Container` and
`EACLTable` messages of NeoFS API V2 protocol. These entities are needed
for access control and doesn't carry payload of these messages.
Remove `SetSessionToken` / `SessionToken` methods of
`container.Container` and `eacl.Table` types. Provide methods to specify
these components in corresponding `Client` operations.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Support preprocessing within the `NodeInfo` type. Provide methods for
placement directly from the `NodeInfo` type. Returns slice of slices of
`NodeInfo` from placement methods of `Netmap`. Remove no longer needed
`Node` and `Nodes` types.
```
name old time/op new time/op delta
ManySelects-12 19.7µs ±14% 15.8µs ±15% -19.70% (p=0.000 n=20+20)
name old alloc/op new alloc/op delta
ManySelects-12 8.65kB ± 0% 6.22kB ± 0% -28.03% (p=0.000 n=20+20)
name old allocs/op new allocs/op delta
ManySelects-12 82.0 ± 0% 81.0 ± 0% -1.22% (p=0.000 n=20+20)
```
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
After 85e3c7b087 `processResponse` method
sets `err` field or sets status in `statusRes` field of `contextCall`.
In previous implementation `ObjectWriter.Close` method returned
`ctxCall.err` on `false` return of `processResponse` method. This could
cause NPE-panic if status failure resolving was disabled.
Make `ObjectWriter.Close` to return internal `err` field only if it is
set, otherwise return status response.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
It panicked when the previous members slice had capacity more than a new one
because of incorrect slicing that led to `out of range`.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
There is a need to verify session data signatures calculated using
private session key. `Container` token encapsulates public session key,
so we need to provide method for signature check.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This reverts commit 458c882ff4.
If `issuerSet` is set after signature calculation then issuer ID isn't
written to signed data, in other words not signed.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `Sign` method implementation to not modify `issuerSet` state
variable after signature calculation's failures.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
`Container` and `Object` types are transmitted in single `session.Token`
message. They differ only by session context.
Share common parts of the message in `commonData` struct. Embed struct
into `Container` and `Object`. Make `ReadFromV2` methods to check
protocol compliance. Make `Unmarshal`/`UmarshalJSON` to check field
format in case of presence only.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Sync lifetime names with `session` package. Add `AssertContainer` and
`AssertUser` methods which cover specific cases describe in protocol.
Increase test coverage.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation `processResponse` returned `true` if
`resolveAPIFailures` is set and status failure is received. This led to
post-processing of the results, which no longer pays attention to the
status. For example, `ObjectHead` returned `unexpected header type`
error due to empty body.
Make `contextCall.processResponse` to return success flag regardless of
`resolveAPIFailures` setting. Make `contextCall.processCall` to return
`err` field presence flag on `processResponse` false return.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Merge `address` package into `oid` one. Bring `session.Object`
implementation into conformity with the NeoFS API protocol.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to duplicate session token owner, e.g. in container
created within the session. For such cases we need to have the ability
to receive session issuer.
Add `Container.Issuer` method. Transform `IssuedBy` to helper function.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Container contract expects signature of container ID value,
which is SHA256 of container body. Not the signature of stable
marshaled container.ID structure.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Make `createSessionTokenForDuration` to accept a pointer to
`session.Object` and write the response on session creation request
through the pointer. Rename function to `initSessionForDuration`. As a
consequence, problem in `openDefaultSession` with uncached sessions is
fixed.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
`owner.ID` parameter of `createSessionTokenForDuration` function is no
longer used since session owner is set automatically during the sign
operation. As a consequence, remove `Pool.sessionOwner` field and its
getter.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
