vmario/fabaccess-bffh
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/bffh.git synced 2024-06-02 16:54:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Tracing and dumping

Browse Source
This commit is contained in:
Nadja Reitzenstein 2022-03-15 19:56:41 +01:00
parent 48003ef51c
commit 2e5f343d52
8 changed files with 50 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bffhd/authorization/mod.rs
View File

@ -22,8 +22,4 @@ impl AuthorizationHandle {
let user = self.users.get_user(uid.as_ref())?;
Some(user.userdata.roles.clone())
}
pub fn is_permitted<'a>(&self, roles: impl IntoIterator<Item=&'a Role>, perm: impl AsRef<Permission>) -> bool {
unimplemented!()
}
}

2
bffhd/capnp/authenticationsystem.rs
View File

@ -54,6 +54,8 @@ enum State {
impl AuthenticationSystem for Authentication {
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(), Error> {
let span = tracing::trace_span!("step");
let _guard = span.enter();
let mut builder = results.get();
if let State::Running(mut session, manager) =
std::mem::replace(&mut self.state, State::Aborted)

22
bffhd/capnp/connection.rs
View File

@ -1,3 +1,4 @@
use std::net::SocketAddr;
pub use api::connection_capnp::bootstrap::Client;
use api::connection_capnp::bootstrap;
@ -10,13 +11,16 @@ use crate::session::SessionManager;
/// Cap'n Proto API Handler
pub struct BootCap {
peer_addr: SocketAddr,
authentication: AuthenticationHandle,
sessionmanager: SessionManager,
}
impl BootCap {
pub fn new(authentication: AuthenticationHandle, sessionmanager: SessionManager) -> Self {
pub fn new(peer_addr: SocketAddr, authentication: AuthenticationHandle, sessionmanager: SessionManager) -> Self {
tracing::trace!(%peer_addr, "bootstrapping RPC");
Self {
peer_addr,
authentication,
sessionmanager,
}
@ -29,6 +33,8 @@ impl bootstrap::Server for BootCap {
_: bootstrap::GetAPIVersionParams,
_: bootstrap::GetAPIVersionResults,
) -> Promise<(), ::capnp::Error> {
let span = tracing::trace_span!("get_api_version", peer_addr=%self.peer_addr);
let _guard = span.enter();
Promise::ok(())
}
@ -37,6 +43,8 @@ impl bootstrap::Server for BootCap {
_: bootstrap::GetServerReleaseParams,
mut result: bootstrap::GetServerReleaseResults,
) -> Promise<(), ::capnp::Error> {
let span = tracing::trace_span!("get_server_release", peer_addr=%self.peer_addr);
let _guard = span.enter();
let mut builder = result.get();
builder.set_name("bffhd");
builder.set_release(crate::RELEASE_STRING);
@ -45,9 +53,14 @@ impl bootstrap::Server for BootCap {
fn mechanisms(
&mut self,
_: bootstrap::MechanismsParams,
params: bootstrap::MechanismsParams,
mut result: bootstrap::MechanismsResults,
) -> Promise<(), ::capnp::Error> {
let span = tracing::trace_span!("mechanisms", peer_addr=%self.peer_addr);
let _guard = span.enter();
tracing::trace!("mechanisms");
let mut builder = result.get();
let mechs: Vec<_> = self.authentication.list_available_mechs()
.into_iter()
@ -66,9 +79,14 @@ impl bootstrap::Server for BootCap {
params: bootstrap::CreateSessionParams,
mut result: bootstrap::CreateSessionResults,
) -> Promise<(), ::capnp::Error> {
let span = tracing::trace_span!("create_session", peer_addr=%self.peer_addr);
let _guard = span.enter();
let params = pry!(params.get());
let mechanism: &str = pry!(params.get_mechanism());
tracing::trace!(mechanism);
let mechname = Mechname::new(mechanism.as_bytes());
let auth = if let Ok(mechname) = mechname {
if let Ok(session) = self.authentication.start(mechname) {

19
bffhd/capnp/mod.rs
View File

@ -16,7 +16,9 @@ use std::fs::File;
use std::future::Future;
use std::io;
use std::io::BufReader;
use std::net::SocketAddr;
use std::sync::Arc;
use nix::sys::socket::SockAddr;
use crate::authentication::AuthenticationHandle;
use crate::authorization::AuthorizationHandle;
@ -107,6 +109,8 @@ impl APIServer {
.collect()
.await;
tracing::info!("listening on {:?}", sockets);
if sockets.is_empty() {
tracing::warn!("No usable listen addresses configured for the API server!");
}
@ -123,16 +127,25 @@ impl APIServer {
.take_until(stop)
.for_each(|stream| async {
match stream {
Ok(stream) => self.handle(self.acceptor.accept(stream)),
Ok(stream) => {
if let Ok(peer_addr) = stream.peer_addr() {
self.handle(peer_addr, self.acceptor.accept(stream))
} else {
tracing::error!(?stream, "failing a TCP connection with no peer addr");
}
},
Err(e) => tracing::warn!("Failed to accept stream: {}", e),
}
});
}).await;
tracing::info!("closing down API handler");
}
fn handle<IO: 'static + Unpin + AsyncRead + AsyncWrite>(
&self,
peer_addr: SocketAddr,
stream: impl Future<Output = io::Result<TlsStream<IO>>>,
) {
tracing::debug!("handling new API connection");
let f = async move {
let stream = match stream.await {
Ok(stream) => stream,
@ -144,7 +157,7 @@ impl APIServer {
let (rx, tx) = futures_lite::io::split(stream);
let vat = VatNetwork::new(rx, tx, Side::Server, Default::default());
let bootstrap: connection::Client = capnp_rpc::new_client(connection::BootCap::new(self.authentication.clone(), self.sessionmanager.clone()));
let bootstrap: connection::Client = capnp_rpc::new_client(connection::BootCap::new(peer_addr, self.authentication.clone(), self.sessionmanager.clone()));
if let Err(e) = RpcSystem::new(Box::new(vat), Some(bootstrap.client)).await {
tracing::error!("Error during RPC handling: {}", e);

10
bffhd/db/mod.rs
View File

@ -49,10 +49,10 @@ use rkyv::Infallible;
use crate::resources::state::{State, db::StateDB};
use std::iter::FromIterator;
use std::ops::Deref;
use crate::authentication::db::PassDB;
use crate::resources::search::ResourcesHandle;
use crate::utils::oid::{ArchivedObjectIdentifier, ObjectIdentifier};
use crate::resources::state::value::SerializeValue;
use crate::Users;
#[derive(Debug)]
pub enum DBError {
@ -130,14 +130,12 @@ impl<V: Serialize<AlignedSerializer<AlignedVec>>> Adapter for AlignedAdapter<V>
#[derive(Debug, serde::Serialize)]
pub struct Dump {
users: HashMap<String, User>,
passwds: HashMap<String, String>,
states: HashMap<String, State>,
}
impl Dump {
pub fn new(userdb: UserDB, passdb: PassDB, resources: ResourcesHandle) -> Result<Self> {
let users = HashMap::from_iter(userdb.get_all()?.into_iter());
let passwds = HashMap::from_iter(passdb.get_all()?.into_iter());
pub fn new(userdb: Users, resources: ResourcesHandle) -> Result<Self> {
let users = HashMap::from_iter(userdb.into_inner().get_all()?.into_iter());
let mut states = HashMap::new();
for resource in resources.list_all().into_iter() {
if let Some(output) = resource.get_raw_state() {
@ -147,6 +145,6 @@ impl Dump {
}
}
Ok(Self { users, passwds, states })
Ok(Self { users, states })
}
}

2
bffhd/resources/state/db.rs
View File

@ -47,7 +47,7 @@ impl StateDB {
| EnvironmentFlags::NO_SUB_DIR
| EnvironmentFlags::NO_TLS
| EnvironmentFlags::NO_READAHEAD)
.set_max_dbs(2)
.set_max_dbs(4)
.open(path.as_ref())
.map(Arc::new)
}

5
bffhd/users/mod.rs
View File

@ -25,7 +25,6 @@ use std::sync::Arc;
pub mod db;
pub use crate::authentication::db::PassDB;
use crate::authorization::roles::Role;
use crate::db::LMDBorrow;
use crate::users::db::UserData;
@ -80,6 +79,10 @@ impl Users {
Ok(Self { userdb })
}
pub(crate) fn into_inner(self) -> &'static UserDB {
self.userdb
}
pub fn get_user(&self, uid: &str) -> Option<db::User> {
tracing::trace!(uid, "Looking up user");
self.userdb

4
bin/bffhd/main.rs
View File

@ -112,7 +112,9 @@ fn main() -> anyhow::Result<()> {
let mut config = config::read(&PathBuf::from_str(configpath).unwrap()).unwrap();
if matches.is_present("dump") {
unimplemented!()
let bffh = Diflouroborane::new(config)?;
let dump = Dump::new(bffh.users, bffh.resources)?;
println!("{:?}", dump);
} else if matches.is_present("load") {
let bffh = Diflouroborane::new(config)?;
bffh.users.load_file(matches.value_of("load").unwrap());