Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert "temporarily disable stream verification for packet routers" #468

Merged
merged 1 commit into from
Apr 18, 2023
Merged

Revert "temporarily disable stream verification for packet routers" #468

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 18 additions & 18 deletions iot_config/src/route_service.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,21 +104,21 @@ impl RouteService {
Err(Status::permission_denied("unauthorized request signature"))
}

// fn verify_stream_request_signature<R>(
// &self,
// signer: &PublicKey,
// request: &R,
// ) -> Result<(), Status>
// where
// R: MsgVerify,
// {
// if self.auth_cache.verify_signature(signer, request).is_ok() {
// tracing::debug!(signer = signer.to_string(), "request authorized");
// Ok(())
// } else {
// Err(Status::permission_denied("unauthorized request signature"))
// }
// }
fn verify_stream_request_signature<R>(
&self,
signer: &PublicKey,
request: &R,
) -> Result<(), Status>
where
R: MsgVerify,
{
if self.auth_cache.verify_signature(signer, request).is_ok() {
tracing::debug!(signer = signer.to_string(), "request authorized");
Ok(())
} else {
Err(Status::permission_denied("unauthorized request signature"))
}
}

fn sign_response(&self, response: &[u8]) -> Result<Vec<u8>, Status> {
self.signing_key
Expand Down Expand Up @@ -326,11 +326,11 @@ impl iot_config::Route for RouteService {

type streamStream = GrpcStreamResult<RouteStreamResV1>;
async fn stream(&self, request: Request<RouteStreamReqV1>) -> GrpcResult<Self::streamStream> {
let _request = request.into_inner();
let request = request.into_inner();
telemetry::count_request("route", "stream");

// let signer = verify_public_key(&request.signer)?;
// self.verify_stream_request_signature(&signer, &request)?;
let signer = verify_public_key(&request.signer)?;
self.verify_stream_request_signature(&signer, &request)?;

tracing::info!("client subscribed to route stream");
let pool = self.pool.clone();
Expand Down