cli option to disable SS HTTP API

This commit is contained in:
Svyatoslav Nikolsky 2017-07-27 13:29:09 +03:00
parent c466def1e8
commit 7c05a906d0
10 changed files with 40 additions and 20 deletions

View File

@ -78,6 +78,7 @@ pass = "test_pass"
[secretstore]
disable = false
disable_http = false
nodes = []
http_interface = "local"
http_port = 8082

View File

@ -216,6 +216,8 @@ usage! {
// Secret Store
flag_no_secretstore: bool = false,
or |c: &Config| otry!(c.secretstore).disable.clone(),
flag_no_secretstore_http: bool = false,
or |c: &Config| otry!(c.secretstore).disable_http.clone(),
flag_secretstore_secret: Option<String> = None,
or |c: &Config| otry!(c.secretstore).self_secret.clone().map(Some),
flag_secretstore_nodes: String = "",
@ -510,6 +512,7 @@ struct Dapps {
#[derive(Default, Debug, PartialEq, Deserialize)]
struct SecretStore {
disable: Option<bool>,
disable_http: Option<bool>,
self_secret: Option<String>,
nodes: Option<Vec<String>>,
interface: Option<String>,
@ -779,6 +782,7 @@ mod tests {
flag_no_dapps: false,
flag_no_secretstore: false,
flag_no_secretstore_http: false,
flag_secretstore_secret: None,
flag_secretstore_nodes: "".into(),
flag_secretstore_interface: "local".into(),
@ -1009,6 +1013,7 @@ mod tests {
}),
secretstore: Some(SecretStore {
disable: None,
disable_http: None,
self_secret: None,
nodes: None,
interface: None,

View File

@ -228,6 +228,7 @@ API and Console Options:
Secret Store Options:
--no-secretstore Disable Secret Store functionality. (default: {flag_no_secretstore})
--no-secretstore-http Disable Secret Store HTTP API. (default: {flag_no_secretstore_http})
--secretstore-secret SECRET Hex-encoded secret key of this node.
(required, default: {flag_secretstore_secret:?}).
--secretstore-nodes NODES Comma-separated list of other secret store cluster nodes in form

View File

@ -586,6 +586,7 @@ impl Configuration {
fn secretstore_config(&self) -> Result<SecretStoreConfiguration, String> {
Ok(SecretStoreConfiguration {
enabled: self.secretstore_enabled(),
http_enabled: self.secretstore_http_enabled(),
self_secret: self.secretstore_self_secret()?,
nodes: self.secretstore_nodes()?,
interface: self.secretstore_interface(),
@ -1050,6 +1051,10 @@ impl Configuration {
!self.args.flag_no_secretstore && cfg!(feature = "secretstore")
}
fn secretstore_http_enabled(&self) -> bool {
!self.args.flag_no_secretstore_http && cfg!(feature = "secretstore")
}
fn ui_enabled(&self) -> bool {
if self.args.flag_force_ui {
return true;
@ -1331,6 +1336,7 @@ mod tests {
no_persistent_txqueue: false,
};
expected.secretstore_conf.enabled = cfg!(feature = "secretstore");
expected.secretstore_conf.http_enabled = cfg!(feature = "secretstore");
assert_eq!(conf.into_command().unwrap().cmd, Cmd::Run(expected));
}

View File

@ -37,6 +37,8 @@ pub enum NodeSecretKey {
pub struct Configuration {
/// Is secret store functionality enabled?
pub enabled: bool,
/// Is HTTP API enabled?
pub http_enabled: bool,
/// This node secret.
pub self_secret: Option<NodeSecretKey>,
/// Other nodes IDs + addresses.
@ -119,10 +121,10 @@ mod server {
let key_server_name = format!("{}:{}", conf.interface, conf.port);
let mut cconf = ethcore_secretstore::ServiceConfiguration {
listener_address: ethcore_secretstore::NodeAddress {
listener_address: if conf.http_enabled { Some(ethcore_secretstore::NodeAddress {
address: conf.http_interface.clone(),
port: conf.http_port,
},
}) } else { None },
data_path: conf.data_path.clone(),
cluster_config: ethcore_secretstore::ClusterConfiguration {
threads: 4,
@ -157,6 +159,7 @@ impl Default for Configuration {
let data_dir = default_data_path();
Configuration {
enabled: true,
http_enabled: true,
self_secret: None,
nodes: BTreeMap::new(),
interface: "127.0.0.1".to_owned(),

View File

@ -39,7 +39,7 @@ use types::all::{Error, Public, MessageHash, EncryptedMessageSignature, NodeAddr
/// To sign message with server key: GET /{server_key_id}/{signature}/{message_hash}
pub struct KeyServerHttpListener<T: KeyServer + 'static> {
_http_server: HttpListening,
http_server: Option<HttpListening>,
handler: Arc<KeyServerSharedHttpHandler<T>>,
}
@ -74,19 +74,26 @@ struct KeyServerSharedHttpHandler<T: KeyServer + 'static> {
impl<T> KeyServerHttpListener<T> where T: KeyServer + 'static {
/// Start KeyServer http listener
pub fn start(listener_address: &NodeAddress, key_server: T) -> Result<Self, Error> {
pub fn start(listener_address: Option<NodeAddress>, key_server: T) -> Result<Self, Error> {
let shared_handler = Arc::new(KeyServerSharedHttpHandler {
key_server: key_server,
});
let handler = KeyServerHttpHandler {
/*let handler = KeyServerHttpHandler {
handler: shared_handler.clone(),
};
};*/
let listener_addr: &str = &format!("{}:{}", listener_address.address, listener_address.port);
let http_server = listener_address
.map(|listener_address| format!("{}:{}", listener_address.address, listener_address.port))
.map(|listener_address| HttpServer::http(&listener_address).expect("cannot start HttpServer"))
.map(|http_server| http_server.handle(KeyServerHttpHandler {
handler: shared_handler.clone(),
}).expect("cannot start HttpServer"));
/*let listener_addr: &str = &format!("{}:{}", listener_address.address, listener_address.port);
let http_server = HttpServer::http(&listener_addr).expect("cannot start HttpServer");
let http_server = http_server.handle(handler).expect("cannot start HttpServer");
let http_server = http_server.handle(handler).expect("cannot start HttpServer");*/
let listener = KeyServerHttpListener {
_http_server: http_server,
http_server: http_server,
handler: shared_handler,
};
Ok(listener)
@ -128,7 +135,7 @@ impl <T> MessageSigner for KeyServerHttpListener<T> where T: KeyServer + 'static
impl<T> Drop for KeyServerHttpListener<T> where T: KeyServer + 'static {
fn drop(&mut self) {
// ignore error as we are dropping anyway
let _ = self._http_server.close();
self.http_server.take().map(|mut s| { let _ = s.close(); });
}
}
@ -318,7 +325,7 @@ mod tests {
fn http_listener_successfully_drops() {
let key_server = DummyKeyServer;
let address = NodeAddress { address: "127.0.0.1".into(), port: 9000 };
let listener = KeyServerHttpListener::start(&address, key_server).unwrap();
let listener = KeyServerHttpListener::start(Some(address), key_server).unwrap();
drop(listener);
}

View File

@ -1104,7 +1104,7 @@ pub mod tests {
secret1: math::generate_random_scalar().unwrap().into(),
secret2: math::generate_random_scalar().unwrap().into(),
publics: vec![math::generate_random_point().unwrap().into()],
}).unwrap_err(), Error::InvalidStateForRequest);
}).unwrap_err(), Error::TooEarlyForRequest);
}
#[test]

View File

@ -234,10 +234,7 @@ pub mod tests {
fn persistent_key_storage() {
let path = RandomTempPath::create_dir();
let config = ServiceConfiguration {
listener_address: NodeAddress {
address: "0.0.0.0".to_owned(),
port: 8082,
},
listener_address: None,
data_path: path.as_str().to_owned(),
cluster_config: ClusterConfiguration {
threads: 1,

View File

@ -77,6 +77,6 @@ pub fn start(client: Arc<Client>, self_key_pair: Arc<NodeKeyPair>, config: Servi
let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, self_key_pair, acl_storage, key_storage)?;
let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;
let listener = http_listener::KeyServerHttpListener::start(config.listener_address, key_server)?;
Ok(Box::new(listener))
}

View File

@ -69,8 +69,8 @@ pub struct NodeAddress {
#[binary]
/// Secret store configuration
pub struct ServiceConfiguration {
/// HTTP listener address.
pub listener_address: NodeAddress,
/// HTTP listener address. If None, HTTP API is disabled.
pub listener_address: Option<NodeAddress>,
/// Data directory path for secret store
pub data_path: String,
/// Cluster configuration.