forked from TrueCloudLab/frostfs-node
[#645] client/cache: Check response public key in all client operations
There is a need to check if public key in the RPC response matches the public key of the related storage node declared in network map. Define `ErrWrongPublicKey` error. Implement RPC response handler's constructor `AssertKeyResponseCallback` which checks public key. Construct handler and pass it to client's option `WithResponseInfoHandler`. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich
Alex Vanin
parent
78e4a87dca
commit
4661f65975
9 changed files with 90 additions and 12 deletions
|
|
@ -1,8 +1,10 @@
|
|||
package client
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
|
||||
"github.com/nspcc-dev/neofs-api-go/pkg/client"
|
||||
"github.com/nspcc-dev/neofs-node/pkg/network"
|
||||
)
|
||||
|
||||
|
|
@ -40,3 +42,15 @@ func NodeInfoFromNetmapElement(dst *NodeInfo, info interface {
|
|||
}) {
|
||||
nodeInfoFromKeyAddr(dst, info.PublicKey(), info.Addresses())
|
||||
}
|
||||
|
||||
// AssertKeyResponseCallback returns client response callback which checks if the response was signed by expected key.
|
||||
// Returns ErrWrongPublicKey in case of key mismatch.
|
||||
func AssertKeyResponseCallback(expectedKey []byte) func(client.ResponseMetaInfo) error {
|
||||
return func(info client.ResponseMetaInfo) error {
|
||||
if !bytes.Equal(info.ResponderKey(), expectedKey) {
|
||||
return ErrWrongPublicKey
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue