forked from TrueCloudLab/frostfs-node
[#1083] objsvc/v2: Unify response verification after forwarding
1. Use the same routine for HEAD/GET_RANGE methods. 2. Make error message similar. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This commit is contained in:
parent
300654b045
commit
0924b62a95
4 changed files with 21 additions and 36 deletions
|
|
@ -63,10 +63,6 @@ func errCouldNotWriteObjChunk(forwarder string, err error) error {
|
|||
return fmt.Errorf("could not write object chunk in %s forwarder: %w", forwarder, err)
|
||||
}
|
||||
|
||||
func errCouldNotVerifyRangeResponse(resp *objectV2.GetRangeResponse, err error) error {
|
||||
return fmt.Errorf("could not verify %T: %w", resp, err)
|
||||
}
|
||||
|
||||
func errCouldNotCreateGetRangeStream(err error) error {
|
||||
return fmt.Errorf("could not create Get payload range stream: %w", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ import (
|
|||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/signature"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/client"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/internal"
|
||||
internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/internal/client"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
|
||||
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
|
|
@ -64,20 +63,6 @@ func (f *getRangeRequestForwarder) forwardRequestToNode(ctx context.Context, add
|
|||
return nil, f.readStream(ctx, rangeStream, c, pubkey)
|
||||
}
|
||||
|
||||
func (f *getRangeRequestForwarder) verifyResponse(resp *objectV2.GetRangeResponse, pubkey []byte) error {
|
||||
// verify response key
|
||||
if err := internal.VerifyResponseKeyV2(pubkey, resp); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// verify response structure
|
||||
if err := signature.VerifyServiceMessage(resp); err != nil {
|
||||
return errCouldNotVerifyRangeResponse(resp, err)
|
||||
}
|
||||
|
||||
return checkStatus(resp.GetMetaHeader().GetStatus())
|
||||
}
|
||||
|
||||
func (f *getRangeRequestForwarder) openStream(ctx context.Context, addr network.Address, c client.MultiAddressClient) (*rpc.ObjectRangeResponseReader, error) {
|
||||
// open stream
|
||||
var rangeStream *rpc.ObjectRangeResponseReader
|
||||
|
|
@ -107,7 +92,7 @@ func (f *getRangeRequestForwarder) readStream(ctx context.Context, rangeStream *
|
|||
return errReadingResponseFailed(err)
|
||||
}
|
||||
|
||||
if err := f.verifyResponse(resp, pubkey); err != nil {
|
||||
if err := verifyResponse(resp, pubkey); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ import (
|
|||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/signature"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/client"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/internal"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
|
||||
frostfscrypto "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto"
|
||||
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
|
|
@ -60,7 +59,7 @@ func (f *headRequestForwarder) forwardRequestToNode(ctx context.Context, addr ne
|
|||
return nil, err
|
||||
}
|
||||
|
||||
if err := f.verifyResponse(headResp, pubkey); err != nil {
|
||||
if err := verifyResponse(headResp, pubkey); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -159,17 +158,3 @@ func (f *headRequestForwarder) sendHeadRequest(ctx context.Context, addr network
|
|||
}
|
||||
return headResp, nil
|
||||
}
|
||||
|
||||
func (f *headRequestForwarder) verifyResponse(headResp *objectV2.HeadResponse, pubkey []byte) error {
|
||||
// verify response key
|
||||
if err := internal.VerifyResponseKeyV2(pubkey, headResp); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// verify response structure
|
||||
if err := signature.VerifyServiceMessage(headResp); err != nil {
|
||||
return errResponseVerificationFailed(err)
|
||||
}
|
||||
|
||||
return checkStatus(headResp.GetMetaHeader().GetStatus())
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,11 +8,13 @@ import (
|
|||
objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/signature"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/status"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/client"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
|
||||
objectSvc "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object"
|
||||
getsvc "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/get"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/internal"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/util"
|
||||
clientSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
|
||||
apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
|
||||
|
|
@ -408,3 +410,20 @@ func chunkToSend(global, local int, chunk []byte) []byte {
|
|||
|
||||
return chunk[global-local:]
|
||||
}
|
||||
|
||||
type apiResponse interface {
|
||||
GetMetaHeader() *session.ResponseMetaHeader
|
||||
GetVerificationHeader() *session.ResponseVerificationHeader
|
||||
}
|
||||
|
||||
func verifyResponse(resp apiResponse, pubkey []byte) error {
|
||||
if err := internal.VerifyResponseKeyV2(pubkey, resp); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := signature.VerifyServiceMessage(resp); err != nil {
|
||||
return errResponseVerificationFailed(err)
|
||||
}
|
||||
|
||||
return checkStatus(resp.GetMetaHeader().GetStatus())
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue