Commit 17aeec72 authored by Renato Figueiro Maia's avatar Renato Figueiro Maia

[OPENBUS-1535] Refatorar os Serviços Básicos.

- Usar constantes da IDL que definem tamanhos de estruturas usadas no protocolo do OpenBus 2.0.
- Estrutura 'SignedCallerChain' passa para o arquivo 'credential.idl' que deixa de depender do 'access_control.idl'.
- Correção de bug na geração de mensagens geradas no Intereptador quando a chamda é para um objeto inexistente (request.operation.name -> request.operation_name).
- Operações que só podem ser chamadas por uma entidade com privilégio de adminsitrador do barramento passam a lançar a exceção UnauthorizedOperation ao inves de NO_PERMISSION.
- Simplificação do interceptador do barramento.


git-svn-id: https://subversion.tecgraf.puc-rio.br/engdist/openbus/sdk/lua/branches/openbus_v2_proto@128129 ae0415b3-e90b-0410-900d-d0be9363c56b
parent 0be803ba
......@@ -211,12 +211,12 @@ function Interceptor:sendrequest(request)
minor = loginconst.NoLoginCode,
}}
log:badaccess(msg.CallAfterDisconnection:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
else
log:access(msg.OutsideBusCall:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -244,7 +244,7 @@ function Interceptor:receiverequest(request)
minor = loginconst.UnverifiedLoginCode,
}}
log:badaccess(msg.CallAfterDisconnection:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -320,7 +320,7 @@ function Connection:sendrequest(request)
minor = loginconst.NoLoginCode,
}}
log:badaccess(msg.CallAfterDisconnection:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -333,14 +333,14 @@ function Connection:receivereply(request)
and except.completed == "COMPLETED_NO"
and except.minor == loginconst.InvalidLoginCode then
log:badaccess(msg.GotInvalidLoginException:tag{
operation = request.operation.name,
operation = request.operation_name,
})
local login = self.login
localLogout(self)
if self:onInvalidLogin(login) then
request.success = nil -- reissue request to the same reference
log:badaccess(msg.ReissuingCallAfterCallback:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -362,7 +362,7 @@ function Connection:receiverequest(request)
end
else
log:badaccess(msg.GotCallFromConnectionWithoutLogin:tag{
operation = request.operation.name,
operation = request.operation_name,
})
request.success = false
request.results = {self.orb:newexcept{
......
......@@ -48,6 +48,7 @@ local tickets = require "openbus.util.tickets"
local msg = require "openbus.core.messages"
local idl = require "openbus.core.idl"
local loadidl = idl.loadto
local EncryptedBlockSize = idl.const.EncryptedBlockSize
local CredentialContextId = idl.const.credential.CredentialContextId
local loginconst = idl.const.services.access_control
local repids = {
......@@ -58,12 +59,14 @@ local repids = {
local VersionHeader = char(idl.const.MajorVersion,
idl.const.MinorVersion)
local SecretSize = 16
local NullChar = "\0"
local NullSecret = NullChar:rep(16)
local NullHash = NullChar:rep(32)
local NullSecret = NullChar:rep(SecretSize)
local NullHash = NullChar:rep(idl.const.HashValueSize)
local NullChain = {
encoded = "",
signature = NullChar:rep(256),
signature = NullChar:rep(EncryptedBlockSize),
}
local WeakKeys = {__mode = "k"}
......@@ -81,9 +84,9 @@ end
local function calculateHash(secret, ticket, request)
return sha256(encode(
"<c2c16I4c0", -- '<' flag to set to little endian
"<c2c0I4c0", -- '<' flag to set to little endian
VersionHeader, -- 'c2' sequence of exactly 2 chars of a string
secret, -- 'c16' sequence of exactly 16 chars of a string
secret, -- 'c0' sequence of all chars of a string
ticket, -- 'I4' unsigned integer with 4 bytes
request.operation_name)) -- 'c0' sequence of all chars of a string
end
......@@ -91,7 +94,7 @@ end
randomseed(gettime())
local function newSecret()
local bytes = {}
for i=1, 16 do bytes[i] = random(0, 255) end
for i=1, SecretSize do bytes[i] = random(0, 255) end
return char(unpack(bytes))
end
......@@ -216,20 +219,20 @@ local function unmarshalReset(self, request)
return reset
else
log:badaccess(msg.CredentialResetBadChallenge:tag{
operation = request.operation.name,
operation = request.operation_name,
error = errmsg,
})
end
else
log:badaccess(msg.CredentialResetUnsupportedVersion:tag{
operation = request.operation.name,
operation = request.operation_name,
major = major,
minor = minor,
})
end
else
log:badaccess(msg.CredentialResetMissing:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -251,7 +254,7 @@ local Interceptor = class()
-- legacy : flag indicating whether to accept OpenBus 1.5 invocations
function Interceptor:__init()
if self.prvkey == nil then self.prvkey = newkey(256) end
if self.prvkey == nil then self.prvkey = newkey(EncryptedBlockSize) end
local types = self.orb.types
local idltypes = {}
for name, repid in pairs(repids) do
......@@ -355,14 +358,14 @@ function Interceptor:sendrequest(request)
hash = calculateHash(session.secret, ticket, request)
log:access(msg.BusCall:tag{
login = remoteid,
operation = request.operation.name,
operation = request.operation_name,
})
else
sessionid = 0
ticket = 0
hash = NullHash
log:access(msg.InitializingCredentialSession:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
local credential = {
......@@ -378,7 +381,7 @@ function Interceptor:sendrequest(request)
else
-- not logged in yet
log:badaccess(msg.CallWithoutCredential:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -408,7 +411,7 @@ function Interceptor:receivereply(request)
self.outgoingCredentials[remoteid] = session
log:access(msg.CredentialSessionReset:tag{
login = remoteid,
operation = request.operation.name,
operation = request.operation_name,
})
request.success = nil -- reissue request to the same reference
else
......@@ -432,7 +435,7 @@ function Interceptor:receiverequest(request)
log:access(msg.GotBusCall:tag{
login = caller.id,
entity = caller.entity,
operation = request.operation.name,
operation = request.operation_name,
})
self.callerChainOf[running()] = CallChain(chain)
else
......@@ -441,7 +444,7 @@ function Interceptor:receiverequest(request)
log:badaccess(msg.GotCallWithInvalidChain:tag{
login = caller.id,
entity = caller.entity,
operation = request.operation.name,
operation = request.operation_name,
})
end
else
......@@ -453,14 +456,14 @@ function Interceptor:receiverequest(request)
log:badaccess(msg.GotCallWithInvalidCredential:tag{
login = caller.id,
entity = caller.entity,
operation = request.operation.name,
operation = request.operation_name,
})
else
setNoPermSysEx(request, loginconst.InvalidPublicKeyCode)
log:badaccess(msg.UnableToEncryptSecretWithCallerKey:tag{
login = caller.id,
entity = caller.entity,
operation = request.operation.name,
operation = request.operation_name,
error = errmsg,
})
end
......@@ -470,17 +473,17 @@ function Interceptor:receiverequest(request)
setNoPermSysEx(request, loginconst.InvalidLoginCode)
log:badaccess(msg.GotCallWithInvalidLogin:tag{
login = credential.login,
operation = request.operation.name,
operation = request.operation_name,
})
end
else
log:badaccess(msg.GotCallWithoutCredential:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
else
log:badaccess(msg.GotCallBeforeLogin:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......
......@@ -7,7 +7,7 @@ local luaidl = require "luaidl"
local parse = luaidl.parse
local idlspec = [[
#include "credential.idl"
#include "access_control.idl"
#include "offer_registry.idl"
]]
......
......@@ -53,7 +53,7 @@ local function logMultiplexed(conn, op, request, ...)
bus = conn.busid,
login = login and login.id,
entity = login and login.entity,
operation = request.operation.name,
operation = request.operation_name,
})
end
conn[op](conn, request, ...)
......@@ -111,7 +111,7 @@ function Multiplexer:sendrequest(request, ...)
minor = const.NoLoginCode,
}}
log:badaccess(msg.CallInThreadWithoutConnection:tag{
operation = request.operation.name,
operation = request.operation_name,
})
end
end
......@@ -140,7 +140,7 @@ function Multiplexer:receiverequest(request, ...)
minor = const.UnknownBusCode,
}}
log:badaccess(msg.DeniedCallFromUnknownBus:tag{
operation = request.operation.name,
operation = request.operation_name,
bus = busid,
})
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment