FabInfra-Mirror/bffh
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/bffh.git synced 2025-06-11 10:53:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Moving towards implementing the 0.3.2 featureset

Browse Source
This commit is contained in:
Nadja Reitzenstein
2022-03-11 22:13:54 +01:00
parent 4f36eedf6a
commit 13bfb2fbee
24 changed files with 1062 additions and 599 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
bffhd/capnp/authenticationsystem.rs
View File

@ -4,16 +4,10 @@ use capnp::Error;
use capnp_rpc::pry;
use rsasl::session::{Session, Step};
use api::auth::authentication::{
Server,
AbortParams,
AbortResults,
StepParams,
StepResults,
};
use api::auth::response::{
Reason,
Action,
use api::authenticationsystem_capnp::authentication_system::{
Server as AuthenticationSystem,
StepParams, StepResults,
AbortParams, AbortResults,
};
pub struct Authentication {
@ -27,64 +21,9 @@ enum State {
Running(Session)
}
impl Server for Authentication {
impl AuthenticationSystem for Authentication {
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(), Error> {
use State::*;
let new = match self.state {
InvalidMechanism => {
let builder = results.get();
let mut b = builder.init_error();
b.set_reason(Reason::BadMechanism);
b.set_action(Action::Permanent);
None
},
Finished => {
let builder = results.get();
let mut b = builder.init_error();
b.set_reason(Reason::Finished);
b.set_action(Action::Permanent);
None
},
Aborted => {
let builder = results.get();
let mut b = builder.init_error();
b.set_reason(Reason::Aborted);
b.set_action(Action::Permanent);
None
},
Running(ref mut session) => {
// TODO: If null what happens?
let data: &[u8] = pry!(pry!(params.get()).get_data());
let mut builder = results.get();
let mut out = Cursor::new(Vec::new());
match session.step(Some(data), &mut out) {
Ok(Step::Done(data)) => {
let mut b = builder.init_successful();
let mut session_builder = b.init_session();
let session = super::session::Session::new();
session.build(&mut session_builder);
Some(State::Finished)
},
Ok(Step::NeedsMore(data)) => {
//builder.set_challenge(data.deref());
None
},
Err(_) => {
let mut b = builder.init_error();
b.set_reason(Reason::Aborted);
b.set_action(Action::Permanent);
Some(State::Aborted)
}
}
}
};
if let Some(new) = new {
std::mem::replace(&mut self.state, new);
}
Promise::ok(())
unimplemented!();
}
fn abort(&mut self, _: AbortParams, _: AbortResults) -> Promise<(), Error> {

15
bffhd/capnp/connection.rs Normal file
View File

@ -0,0 +1,15 @@
use api::connection_capnp::bootstrap::Server as Bootstrap;
pub use api::connection_capnp::bootstrap::Client;
#[derive(Debug)]
/// Cap'n Proto API Handler
pub struct BootCap;
impl BootCap {
pub fn new() -> Self {
Self
}
}
impl Bootstrap for BootCap {
}

226
bffhd/capnp/machine.rs
View File

@ -0,0 +1,226 @@
use api::machine_capnp::machine::{
admin, admin::Server as AdminServer,
check, check::Server as CheckServer,
info, info::Server as InfoServer,
in_use as inuse, in_use::Server as InUseServer,
manage, manage::Server as ManageServer,
use_, use_::Server as UseServer,
};
pub struct Machine;
impl InfoServer for Machine {
fn get_machine_info_extended(
&mut self,
_: info::GetMachineInfoExtendedParams,
_: info::GetMachineInfoExtendedResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn get_property_list(
&mut self,
_: info::GetPropertyListParams,
_: info::GetPropertyListResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn get_reservation_list(
&mut self,
_: info::GetReservationListParams,
_: info::GetReservationListResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
}
impl UseServer for Machine {
fn use_(
&mut self,
_: use_::UseParams,
_: use_::UseResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn reserve(
&mut self,
_: use_::ReserveParams,
_: use_::ReserveResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn reserveto(
&mut self,
_: use_::ReservetoParams,
_: use_::ReservetoResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
}
impl InUseServer for Machine {
fn give_back(
&mut self,
_: inuse::GiveBackParams,
_: inuse::GiveBackResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn send_raw_data(
&mut self,
_: inuse::SendRawDataParams,
_: inuse::SendRawDataResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
}
impl CheckServer for Machine {
fn check(
&mut self,
_: check::CheckParams,
_: check::CheckResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn reject(
&mut self,
_: check::RejectParams,
_: check::RejectResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
}
impl ManageServer for Machine {
fn set_property(
&mut self,
_: manage::SetPropertyParams,
_: manage::SetPropertyResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn remove_property(
&mut self,
_: manage::RemovePropertyParams,
_: manage::RemovePropertyResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn force_use(
&mut self,
_: manage::ForceUseParams,
_: manage::ForceUseResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn force_free(
&mut self,
_: manage::ForceFreeParams,
_: manage::ForceFreeResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn force_transfer(
&mut self,
_: manage::ForceTransferParams,
_: manage::ForceTransferResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn block(
&mut self,
_: manage::BlockParams,
_: manage::BlockResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn disabled(
&mut self,
_: manage::DisabledParams,
_: manage::DisabledResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
}
impl AdminServer for Machine {
fn force_set_state(
&mut self,
_: admin::ForceSetStateParams,
_: admin::ForceSetStateResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn force_set_user(
&mut self,
_: admin::ForceSetUserParams,
_: admin::ForceSetUserResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn get_admin_property_list(
&mut self,
_: admin::GetAdminPropertyListParams,
_: admin::GetAdminPropertyListResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn set_admin_property(
&mut self,
_: admin::SetAdminPropertyParams,
_: admin::SetAdminPropertyResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
fn remove_admin_property(
&mut self,
_: admin::RemoveAdminPropertyParams,
_: admin::RemoveAdminPropertyResults,
) -> ::capnp::capability::Promise<(), ::capnp::Error> {
::capnp::capability::Promise::err(::capnp::Error::unimplemented(
"method not implemented".to_string(),
))
}
}

8
bffhd/capnp/machinesystem.rs
View File

@ -1,11 +1,11 @@
use api::resources::resources::Server;
use api::machinesystem_capnp::machine_system::Server as MachineSystem;
#[derive(Debug, Clone)]
pub struct Resources {
pub struct Machines {
}
impl Resources {
impl Machines {
pub fn new() -> Self {
Self {
@ -14,6 +14,6 @@ impl Resources {
}
impl Server for Resources {
impl MachineSystem for Machines {
}

184
bffhd/capnp/mod.rs
View File

@ -1,81 +1,143 @@
use std::future::Future;
use crate::config::Listen;
use crate::{Diflouroborane, TlsConfig};
use anyhow::Context;
use async_net::TcpListener;
use capnp::capability::Promise;
use capnp::Error;
use capnp_rpc::rpc_twoparty_capnp::Side;
use capnp_rpc::RpcSystem;
use capnp_rpc::twoparty::VatNetwork;
use futures_lite::StreamExt;
use capnp_rpc::RpcSystem;
use executor::prelude::Executor;
use futures_rustls::server::TlsStream;
use futures_util::{AsyncRead, AsyncWrite, FutureExt};
use futures_rustls::TlsAcceptor;
use futures_util::stream::FuturesUnordered;
use futures_util::{stream, AsyncRead, AsyncWrite, FutureExt, StreamExt};
use std::fs::File;
use std::future::Future;
use std::io;
use std::io::BufReader;
use std::sync::Arc;
use crate::error::Result;
use api::bootstrap::{
Client,
Server,
MechanismsParams,
MechanismsResults,
CreateSessionParams,
CreateSessionResults
};
mod authenticationsystem;
mod connection;
mod machine;
mod machinesystem;
mod permissionsystem;
mod user;
mod users;
mod session;
mod user;
mod user_system;
#[derive(Debug)]
pub struct APIHandler {
pub struct APIServer {
executor: Executor<'static>,
sockets: Vec<TcpListener>,
acceptor: TlsAcceptor,
}
impl APIHandler {
pub fn handle<IO: 'static + Unpin + AsyncRead + AsyncWrite>(&mut self, stream: TlsStream<IO>)
-> impl Future<Output = Result<()>>
{
let (rx, tx) = futures_lite::io::split(stream);
let vat = VatNetwork::new(rx, tx, Side::Server, Default::default());
let bootstrap: Client = capnp_rpc::new_client(ApiSystem::new());
impl APIServer {
pub fn new(
executor: Executor<'static>,
sockets: Vec<TcpListener>,
acceptor: TlsAcceptor,
) -> Self {
Self {
executor,
sockets,
acceptor,
}
}
RpcSystem::new(Box::new(vat), Some(bootstrap.client))
.map(|res| match res {
Ok(()) => Ok(()),
Err(e) => Err(e.into())
pub async fn bind(
executor: Executor<'static>,
listens: impl IntoIterator<Item = &Listen>,
acceptor: TlsAcceptor,
) -> anyhow::Result<Self> {
let span = tracing::info_span!("binding API listen sockets");
let _guard = span.enter();
let mut sockets = FuturesUnordered::new();
listens
.into_iter()
.map(|a| async move {
(async_net::resolve(a.to_tuple()).await, a)
})
.collect::<FuturesUnordered<_>>()
.filter_map(|(res, addr)| async move {
match res {
Ok(a) => Some(a),
Err(e) => {
tracing::error!("Failed to resolve {:?}: {}", addr, e);
None
}
}
})
.for_each(|addrs| async {
for addr in addrs {
sockets.push(async move { (TcpListener::bind(addr).await, addr) })
}
})
.await;
let sockets: Vec<TcpListener> = sockets
.filter_map(|(res, addr)| async move {
match res {
Ok(s) => {
tracing::info!("Opened listen socket on {}", addr);
Some(s)
}
Err(e) => {
tracing::error!("Failed to open socket on {}: {}", addr, e);
None
}
}
})
.collect()
.await;
if sockets.is_empty() {
tracing::warn!("No usable listen addresses configured for the API server!");
}
Ok(Self::new(executor, sockets, acceptor))
}
pub async fn handle_until(&mut self, stop: impl Future) {
stream::select_all(
self.sockets
.iter()
.map(|tcplistener| tcplistener.incoming()),
)
.take_until(stop)
.for_each(|stream| async {
match stream {
Ok(stream) => self.handle(self.acceptor.accept(stream)),
Err(e) => tracing::warn!("Failed to accept stream: {}", e),
}
});
}
fn handle<IO: 'static + Unpin + AsyncRead + AsyncWrite>(
&self,
stream: impl Future<Output = io::Result<TlsStream<IO>>>,
) {
let f = async move {
let stream = match stream.await {
Ok(stream) => stream,
Err(e) => {
tracing::error!("TLS handshake failed: {}", e);
return;
}
};
let (rx, tx) = futures_lite::io::split(stream);
let vat = VatNetwork::new(rx, tx, Side::Server, Default::default());
let bootstrap: connection::Client = capnp_rpc::new_client(connection::BootCap::new());
if let Err(e) = RpcSystem::new(Box::new(vat), Some(bootstrap.client)).await {
tracing::error!("Error during RPC handling: {}", e);
}
};
self.executor.spawn_local(f);
}
}
#[derive(Debug)]
/// Cap'n Proto API Handler
struct ApiSystem {
}
impl ApiSystem {
pub fn new() -> Self {
Self {}
}
}
impl Server for ApiSystem {
fn mechanisms(
&mut self,
_: MechanismsParams,
_: MechanismsResults
) -> Promise<(), Error>
{
todo!()
}
fn create_session(
&mut self,
_: CreateSessionParams,
_: CreateSessionResults
) -> Promise<(), Error>
{
todo!()
}
}

7
bffhd/capnp/permissionsystem.rs
View File

@ -0,0 +1,7 @@
use api::permissionsystem_capnp::permission_system::Server as PermissionSystem;
pub struct Permissions;
impl PermissionSystem for Permissions {
}

14
bffhd/capnp/session.rs
View File

@ -1,23 +1,17 @@
use api::session::Builder;
use crate::capnp::machinesystem::Resources;
use crate::capnp::users::Users;
use crate::capnp::machinesystem::Machines;
use crate::capnp::user_system::Users;
#[derive(Debug, Clone)]
pub struct Session {
resources: Resources,
resources: Machines,
users: Users,
}
impl Session {
pub fn new() -> Self {
Session {
resources: Resources::new(),
resources: Machines::new(),
users: Users::new(),
}
}
pub fn build(&self, builder: &mut Builder) {
builder.set_resources(capnp_rpc::new_client(self.resources.clone()));
builder.set_users(capnp_rpc::new_client(self.users.clone()));
}
}

26
bffhd/capnp/user.rs
View File

@ -0,0 +1,26 @@
use api::permissionsystem_capnp::permission_system::Server as PermissionSystem;
use api::user_capnp::user::{
info,
manage,
admin,
};
struct User;
impl info::Server for User {
fn get_user_info_extended(&mut self, _: info::GetUserInfoExtendedParams<>, _: info::GetUserInfoExtendedResults<>) -> ::capnp::capability::Promise<(), ::capnp::Error> { ::capnp::capability::Promise::err(::capnp::Error::unimplemented("method not implemented".to_string())) }
fn list_roles(&mut self, _: info::ListRolesParams<>, _: info::ListRolesResults<>) -> ::capnp::capability::Promise<(), ::capnp::Error> { ::capnp::capability::Promise::err(::capnp::Error::unimplemented("method not implemented".to_string())) }
}
impl manage::Server for User {
fn pwd(&mut self, _: manage::PwdParams<>, _: manage::PwdResults<>) -> ::capnp::capability::Promise<(), ::capnp::Error> { ::capnp::capability::Promise::err(::capnp::Error::unimplemented("method not implemented".to_string())) }
}
impl admin::Server for User {
fn add_role(&mut self, _: admin::AddRoleParams<>, _: admin::AddRoleResults<>) -> ::capnp::capability::Promise<(), ::capnp::Error> { ::capnp::capability::Promise::err(::capnp::Error::unimplemented("method not implemented".to_string())) }
fn remove_role(&mut self, _: admin::RemoveRoleParams<>, _: admin::RemoveRoleResults<>) -> ::capnp::capability::Promise<(), ::capnp::Error> { ::capnp::capability::Promise::err(::capnp::Error::unimplemented("method not implemented".to_string())) }
fn pwd(&mut self, _: admin::PwdParams<>, _: admin::PwdResults<>) -> ::capnp::capability::Promise<(), ::capnp::Error> { ::capnp::capability::Promise::err(::capnp::Error::unimplemented("method not implemented".to_string())) }
}

34
bffhd/capnp/user_system.rs Normal file
View File

@ -0,0 +1,34 @@
use capnp::capability::Promise;
use capnp::Error;
use capnp_rpc::pry;
use api::usersystem_capnp::user_system::{
Server as UserSystem,
info, info::Server as InfoServer,
manage, manage::Server as ManageServer,
};
#[derive(Debug, Clone)]
pub struct Users {
}
impl Users {
pub fn new() -> Self {
Self {
}
}
}
impl UserSystem for Users {
}
impl InfoServer for Users {
}
impl ManageServer for Users {
}

71
bffhd/capnp/users.rs
View File

@ -1,71 +0,0 @@
use capnp::capability::Promise;
use capnp::Error;
use capnp_rpc::pry;
use api::users::Server as UsersServer;
use api::user::{
info,
manage,
admin,
passwd,
};
#[derive(Debug, Clone)]
pub struct Users {
}
impl Users {
pub fn new() -> Self {
Self {
}
}
}
impl UsersServer for Users {
}
struct User {
}
impl info::Server for User {
fn list_roles(
&mut self,
_params: info::ListRolesParams,
mut results: info::ListRolesResults
) -> Promise<(), Error>
{
unimplemented!()
}
}
impl manage::Server for User {
fn add_role(
&mut self,
params: manage::AddRoleParams,
_: manage::AddRoleResults
) -> Promise<(), Error> {
unimplemented!()
}
fn remove_role(
&mut self,
params: manage::RemoveRoleParams,
_: manage::RemoveRoleResults
) -> Promise<(), Error> {
unimplemented!()
}
}
impl admin::Server for User {
}
impl passwd::Server for User {
}