From 10c855efef0c40ccac5cd1b47e1d6e5cf6eb4fc3 Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Fri, 22 Jul 2022 17:04:37 +0300 Subject: [PATCH] [#1624] go.mod: Update dependencies Signed-off-by: Evgenii Stratonikov --- cmd/neofs-cli/modules/control/util.go | 2 +- docs/release-instruction.md | 8 +++---- go.mod | 4 ++-- go.sum | 10 ++++----- pkg/morph/client/container/eacl.go | 5 ++--- pkg/morph/client/container/get.go | 7 ++---- pkg/services/container/morph/executor.go | 12 +++++++--- pkg/services/container/morph/executor_test.go | 22 ++++++++++++++++++- pkg/services/control/ir/server/sign.go | 4 +++- pkg/services/control/server/sign.go | 4 +++- pkg/services/netmap/executor.go | 9 ++++++-- pkg/services/object/get/v2/util.go | 4 +++- pkg/services/tree/signature.go | 4 +++- 13 files changed, 64 insertions(+), 31 deletions(-) diff --git a/cmd/neofs-cli/modules/control/util.go b/cmd/neofs-cli/modules/control/util.go index 38925121b..d700d6aa0 100644 --- a/cmd/neofs-cli/modules/control/util.go +++ b/cmd/neofs-cli/modules/control/util.go @@ -38,7 +38,7 @@ func verifyResponse(cmd *cobra.Command, sigV2.SetSign(sigControl.GetSign()) var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) + common.ExitOnErr(cmd, "can't read signature: %w", sig.ReadFromV2(sigV2)) if !sig.Verify(body.StableMarshal(nil)) { common.ExitOnErr(cmd, "", errors.New("invalid response signature")) diff --git a/docs/release-instruction.md b/docs/release-instruction.md index 82dab329c..242a61ace 100644 --- a/docs/release-instruction.md +++ b/docs/release-instruction.md @@ -12,14 +12,14 @@ These should run successfully: ## Writing changelog -Add an entry to the `CHANGELOG.md` following the style established there. Add an +Add an entry to the `CHANGELOG.md` following the style established there. Add an optional codename, version and release date in the heading. Write a paragraph describing the most significant changes done in this release. Add `Fixed`, `Added`, `Removed` and `Updated` sections with fixed bug descriptions and changes. Describe each change in detail with a reference to GitHub issues if -possible. +possible. -Update the supported version of neofs-contract in `README.md` if there were +Update the supported version of neofs-contract in `README.md` if there were changes in releases. ## Tag the release @@ -66,7 +66,7 @@ Close corresponding vX.Y.Z GitHub milestone. ## Post-release -Prepare pull-request for +Prepare pull-request for [neofs-devenv](https://github.com/nspcc-dev/neofs-devenv). Rebuild NeoFS LOCODE database via CLI `util locode generate` command (if needed). diff --git a/go.mod b/go.mod index adfcca31f..ae821b7ff 100644 --- a/go.mod +++ b/go.mod @@ -18,8 +18,8 @@ require ( github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 // indirect github.com/nspcc-dev/neofs-api-go/v2 v2.13.0 - github.com/nspcc-dev/neofs-contract v0.15.1 - github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4 + github.com/nspcc-dev/neofs-contract v0.15.3 + github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77 github.com/nspcc-dev/tzhash v1.6.1 github.com/panjf2000/ants/v2 v2.4.0 github.com/paulmach/orb v0.2.2 diff --git a/go.sum b/go.sum index ffdf4dd5c..c7b4a7e38 100644 --- a/go.sum +++ b/go.sum @@ -373,26 +373,24 @@ github.com/nspcc-dev/hrw v1.0.9 h1:17VcAuTtrstmFppBjfRiia4K2wA/ukXZhLFS8Y8rz5Y= github.com/nspcc-dev/hrw v1.0.9/go.mod h1:l/W2vx83vMQo6aStyx2AuZrJ+07lGv2JQGlVkPG06MU= github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:pPYwPZ2ks+uMnlRLUyXOpLieaDQSEaf4NM3zHVbRjmg= github.com/nspcc-dev/neo-go v0.98.0/go.mod h1:E3cc1x6RXSXrJb2nDWXTXjnXk3rIqVN8YdFyWv+FrqM= -github.com/nspcc-dev/neo-go v0.98.2/go.mod h1:KXKqJwfTyVJzDarSCDqFaKrVbg/qz0ZBk2c3AtzqS5M= github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e h1:sjl8sniYkjoOsD8F+wzkpRfm9RzZSLQlh5Z/SMyf4A8= github.com/nspcc-dev/neo-go v0.99.1-pre.0.20220714084516-54849ef3e58e/go.mod h1:/y5Sl8p3YheTygriBtCCMWKkDOek8HcvSo5ds2rJtKI= -github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220321113211-526c423a6152/go.mod h1:QBE0I30F2kOAISNpT5oks82yF4wkkUq3SCfI3Hqgx/Y= github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42 h1:Krhg2cD5mqvC+lin7irw6hj0M+x4ZOZrRGzrZQB+wcQ= github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220713145417-4f184498bc42/go.mod h1:QBE0I30F2kOAISNpT5oks82yF4wkkUq3SCfI3Hqgx/Y= github.com/nspcc-dev/neofs-api-go/v2 v2.11.0-pre.0.20211201134523-3604d96f3fe1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs= github.com/nspcc-dev/neofs-api-go/v2 v2.11.1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs= github.com/nspcc-dev/neofs-api-go/v2 v2.13.0 h1:7BcBiSjmWqJx0SPFlGRYt9ZFbMjucRIz9+Mv8UBLeq8= github.com/nspcc-dev/neofs-api-go/v2 v2.13.0/go.mod h1:73j09Xa7I2zQbM3HCvAHnDHPYiiWnEHa1d6Z6RDMBLU= -github.com/nspcc-dev/neofs-contract v0.15.1 h1:1r27t4SGKF7W1PRPOIfircEXHvALThNYNagT+SIabcA= -github.com/nspcc-dev/neofs-contract v0.15.1/go.mod h1:kxO5ZTqdzFnRM5RMvM+Fhd+3GGrJo6AmG2ZyA9OCqqQ= +github.com/nspcc-dev/neofs-contract v0.15.3 h1:7+NwyTtxFAnIevz0hR/XxQf6R2Ej2scjVR2bnnJnhBM= +github.com/nspcc-dev/neofs-contract v0.15.3/go.mod h1:BXVZUZUJxrmmDETglXHI8+5DSgn84B9y5DoSWqEjYCs= github.com/nspcc-dev/neofs-crypto v0.2.0/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA= github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/neofs-crypto v0.3.0 h1:zlr3pgoxuzrmGCxc5W8dGVfA9Rro8diFvVnBg0L4ifM= github.com/nspcc-dev/neofs-crypto v0.3.0/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211201182451-a5b61c4f6477/go.mod h1:dfMtQWmBHYpl9Dez23TGtIUKiFvCIxUZq/CkSIhEpz4= github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220113123743-7f3162110659/go.mod h1:/jay1lr3w7NQd/VDBkEhkJmDmyPNsu4W+QV2obsUV40= -github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4 h1:HA56Q5Wk6jv0N+/5y9kk2u0LEV/P7nLsCP7pjT50gpA= -github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220706151041-0d862d8568a4/go.mod h1:KqyyYJT/Wyb5kQrIA6k6XIToSeqGkGPjYOilVCKFaEA= +github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77 h1:C8QL3pUN/QZ7OdXONEV2FQ+JamXoBbovvZiylWOCfBo= +github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.5.0.20220725101411-90f1cc7a1a77/go.mod h1:39SbCo+QUI0WJS47VsW4SCWhOwnJNpQSy8rGEG/b5vc= github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE= github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= diff --git a/pkg/morph/client/container/eacl.go b/pkg/morph/client/container/eacl.go index 8d8bd5958..c65c0cffc 100644 --- a/pkg/morph/client/container/eacl.go +++ b/pkg/morph/client/container/eacl.go @@ -87,7 +87,6 @@ func (c *Client) GetEACL(cnr cid.ID) (*container.EACL, error) { sigV2.SetSign(sig) sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256) - res.Signature.ReadFromV2(sigV2) - - return &res, nil + err = res.Signature.ReadFromV2(sigV2) + return &res, err } diff --git a/pkg/morph/client/container/get.go b/pkg/morph/client/container/get.go index 3ebb57a55..9649c51a5 100644 --- a/pkg/morph/client/container/get.go +++ b/pkg/morph/client/container/get.go @@ -12,7 +12,6 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/morph/client" apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" "github.com/nspcc-dev/neofs-sdk-go/session" ) @@ -109,8 +108,6 @@ func (c *Client) Get(cid []byte) (*containercore.Container, error) { sigV2.SetSign(sigBytes) sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256) - var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) - - return &cnr, nil + err = cnr.Signature.ReadFromV2(sigV2) + return &cnr, err } diff --git a/pkg/services/container/morph/executor.go b/pkg/services/container/morph/executor.go index 79923201f..dd7dc072d 100644 --- a/pkg/services/container/morph/executor.go +++ b/pkg/services/container/morph/executor.go @@ -69,7 +69,10 @@ func (s *morphExecutor) Put(_ context.Context, tokV2 *sessionV2.Token, body *con return nil, fmt.Errorf("invalid container: %w", err) } - cnr.Signature.ReadFromV2(*sigV2) + err = cnr.Signature.ReadFromV2(*sigV2) + if err != nil { + return nil, fmt.Errorf("can't read signature: %w", err) + } if tokV2 != nil { cnr.Session = new(session.Container) @@ -214,7 +217,10 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok Value: eaclSDK.NewTableFromV2(body.GetEACL()), } - eaclInfo.Signature.ReadFromV2(*sigV2) + err := eaclInfo.Signature.ReadFromV2(*sigV2) + if err != nil { + return nil, fmt.Errorf("can't read signature: %w", err) + } if tokV2 != nil { eaclInfo.Session = new(session.Container) @@ -225,7 +231,7 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok } } - err := s.wrt.PutEACL(eaclInfo) + err = s.wrt.PutEACL(eaclInfo) if err != nil { return nil, err } diff --git a/pkg/services/container/morph/executor_test.go b/pkg/services/container/morph/executor_test.go index bb6e0a973..52b0da947 100644 --- a/pkg/services/container/morph/executor_test.go +++ b/pkg/services/container/morph/executor_test.go @@ -4,6 +4,7 @@ import ( "context" "testing" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neofs-api-go/v2/container" "github.com/nspcc-dev/neofs-api-go/v2/refs" "github.com/nspcc-dev/neofs-api-go/v2/session" @@ -13,6 +14,8 @@ import ( cid "github.com/nspcc-dev/neofs-sdk-go/container/id" cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test" containertest "github.com/nspcc-dev/neofs-sdk-go/container/test" + neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" + neofsecdsa "github.com/nspcc-dev/neofs-sdk-go/crypto/ecdsa" sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test" "github.com/stretchr/testify/require" ) @@ -42,6 +45,22 @@ func TestInvalidToken(t *testing.T) { var cnrV2 refs.ContainerID cnr.WriteToV2(&cnrV2) + priv, err := keys.NewPrivateKey() + require.NoError(t, err) + + sign := func(reqBody interface { + StableMarshal([]byte) []byte + SetSignature(signature *refs.Signature) + }) { + signer := neofsecdsa.Signer(priv.PrivateKey) + var sig neofscrypto.Signature + require.NoError(t, sig.Calculate(signer, reqBody.StableMarshal(nil))) + + var sigV2 refs.Signature + sig.WriteToV2(&sigV2) + reqBody.SetSignature(&sigV2) + } + var tokV2 session.Token sessiontest.ContainerSigned().WriteToV2(&tokV2) @@ -53,7 +72,6 @@ func TestInvalidToken(t *testing.T) { name: "put", op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) { var reqBody container.PutRequestBody - reqBody.SetSignature(new(refs.Signature)) cnr := containertest.Container() @@ -61,6 +79,7 @@ func TestInvalidToken(t *testing.T) { cnr.WriteToV2(&cnrV2) reqBody.SetContainer(&cnrV2) + sign(&reqBody) _, err = e.Put(context.TODO(), tokV2, &reqBody) return @@ -81,6 +100,7 @@ func TestInvalidToken(t *testing.T) { op: func(e containerSvc.ServiceExecutor, tokV2 *session.Token) (err error) { var reqBody container.SetExtendedACLRequestBody reqBody.SetSignature(new(refs.Signature)) + sign(&reqBody) _, err = e.SetExtendedACL(context.TODO(), tokV2, &reqBody) return diff --git a/pkg/services/control/ir/server/sign.go b/pkg/services/control/ir/server/sign.go index bb9625dea..ad2b18e9e 100644 --- a/pkg/services/control/ir/server/sign.go +++ b/pkg/services/control/ir/server/sign.go @@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error { sigV2.SetScheme(refs.ECDSA_SHA512) var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) + if err := sig.ReadFromV2(sigV2); err != nil { + return fmt.Errorf("can't read signature: %w", err) + } if !sig.Verify(binBody) { // TODO(@cthulhu-rider): #1387 use "const" error diff --git a/pkg/services/control/server/sign.go b/pkg/services/control/server/sign.go index 5d6c5d4da..b6e36b244 100644 --- a/pkg/services/control/server/sign.go +++ b/pkg/services/control/server/sign.go @@ -57,7 +57,9 @@ func (s *Server) isValidRequest(req SignedMessage) error { sigV2.SetScheme(refs.ECDSA_SHA512) var sig neofscrypto.Signature - sig.ReadFromV2(sigV2) + if err := sig.ReadFromV2(sigV2); err != nil { + return fmt.Errorf("can't read signature: %w", err) + } if !sig.Verify(binBody) { // TODO(@cthulhu-rider): #1387 use "const" error diff --git a/pkg/services/netmap/executor.go b/pkg/services/netmap/executor.go index 132556bb8..797478090 100644 --- a/pkg/services/netmap/executor.go +++ b/pkg/services/netmap/executor.go @@ -3,6 +3,7 @@ package netmap import ( "context" "errors" + "fmt" "github.com/nspcc-dev/neofs-api-go/v2/netmap" "github.com/nspcc-dev/neofs-api-go/v2/refs" @@ -61,7 +62,9 @@ func (s *executorSvc) LocalNodeInfo( } var ver versionsdk.Version - ver.ReadFromV2(*verV2) + if err := ver.ReadFromV2(*verV2); err != nil { + return nil, fmt.Errorf("can't read version: %w", err) + } ni, err := s.state.LocalNodeInfo() if err != nil { @@ -100,7 +103,9 @@ func (s *executorSvc) NetworkInfo( } var ver versionsdk.Version - ver.ReadFromV2(*verV2) + if err := ver.ReadFromV2(*verV2); err != nil { + return nil, fmt.Errorf("can't read version: %w", err) + } ni, err := s.netInfo.Dump(ver) if err != nil { diff --git a/pkg/services/object/get/v2/util.go b/pkg/services/object/get/v2/util.go index 1c736667f..17ac8d638 100644 --- a/pkg/services/object/get/v2/util.go +++ b/pkg/services/object/get/v2/util.go @@ -507,7 +507,9 @@ func (s *Service) toHeadPrm(ctx context.Context, req *objectV2.HeadRequest, resp } var sig neofscrypto.Signature - sig.ReadFromV2(*idSig) + if err := sig.ReadFromV2(*idSig); err != nil { + return nil, fmt.Errorf("can't read signature: %w", err) + } if !sig.Verify(binID) { return nil, errors.New("invalid object ID signature") diff --git a/pkg/services/tree/signature.go b/pkg/services/tree/signature.go index 65f164b37..8f97929b6 100644 --- a/pkg/services/tree/signature.go +++ b/pkg/services/tree/signature.go @@ -101,7 +101,9 @@ func verifyMessage(m message) error { sigV2.SetScheme(refs.ECDSA_SHA512) var sigSDK neofscrypto.Signature - sigSDK.ReadFromV2(sigV2) + if err := sigSDK.ReadFromV2(sigV2); err != nil { + return fmt.Errorf("can't read signature: %w", err) + } if !sigSDK.Verify(binBody) { return errors.New("invalid signature")