Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3513807
D5490.id18194.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
6 KB
Referenced Files
None
Subscribers
None
D5490.id18194.diff
View Options
diff --git a/services/tunnelbroker/src/cxx_bridge.rs b/services/tunnelbroker/src/cxx_bridge.rs
--- a/services/tunnelbroker/src/cxx_bridge.rs
+++ b/services/tunnelbroker/src/cxx_bridge.rs
@@ -8,10 +8,23 @@
toSign: String,
grpcStatus: GrpcResult,
}
+ struct NewSessionResult {
+ sessionID: String,
+ grpcStatus: GrpcResult,
+ }
unsafe extern "C++" {
include!("tunnelbroker/src/libcpp/Tunnelbroker.h");
pub fn initialize();
pub fn sessionSignatureHandler(deviceID: &str) -> SessionSignatureResult;
+ pub fn newSessionHandler(
+ deviceID: &str,
+ publicKey: &str,
+ signature: &str,
+ deviceType: &str,
+ deviceAppVersion: &str,
+ deviceOS: &str,
+ notifyToken: &str,
+ ) -> NewSessionResult;
}
}
diff --git a/services/tunnelbroker/src/libcpp/Tunnelbroker.h b/services/tunnelbroker/src/libcpp/Tunnelbroker.h
--- a/services/tunnelbroker/src/libcpp/Tunnelbroker.h
+++ b/services/tunnelbroker/src/libcpp/Tunnelbroker.h
@@ -5,3 +5,11 @@
void initialize();
SessionSignatureResult sessionSignatureHandler(rust::Str deviceID);
+NewSessionResult newSessionHandler(
+ rust::Str deviceID,
+ rust::Str publicKey,
+ rust::Str signature,
+ rust::Str deviceType,
+ rust::Str deviceAppVersion,
+ rust::Str deviceOS,
+ rust::Str notifyToken);
diff --git a/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp b/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp
--- a/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp
+++ b/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp
@@ -2,6 +2,7 @@
#include "AmqpManager.h"
#include "AwsTools.h"
#include "ConfigManager.h"
+#include "CryptoTools.h"
#include "DatabaseManager.h"
#include "GlobalTools.h"
#include "Tools.h"
@@ -9,6 +10,8 @@
#include "rust/cxx.h"
#include "tunnelbroker/src/cxx_bridge.rs.h"
+#include <glog/logging.h>
+
void initialize() {
comm::network::tools::InitLogging("tunnelbroker");
comm::network::config::ConfigManager::getInstance().load();
@@ -56,3 +59,78 @@
return SessionSignatureResult{.toSign = toSign};
}
+
+NewSessionResult newSessionHandler(
+ rust::Str deviceID,
+ rust::Str publicKey,
+ rust::Str signature,
+ rust::Str deviceType,
+ rust::Str deviceAppVersion,
+ rust::Str deviceOS,
+ rust::Str notifyToken) {
+ std::shared_ptr<comm::network::database::DeviceSessionItem> deviceSessionItem;
+ std::shared_ptr<comm::network::database::SessionSignItem> sessionSignItem;
+ std::shared_ptr<comm::network::database::PublicKeyItem> publicKeyItem;
+ const std::string stringDeviceID{deviceID};
+ if (!comm::network::tools::validateDeviceID(stringDeviceID)) {
+ return NewSessionResult{
+ .grpcStatus = {
+ .statusCode = 3,
+ .errorText = "Format validation failed for deviceID"}};
+ }
+ const std::string stringPublicKey{publicKey};
+ const std::string newSessionID = comm::network::tools::generateUUID();
+ try {
+ sessionSignItem = comm::network::database::DatabaseManager::getInstance()
+ .findSessionSignItem(stringDeviceID);
+ if (sessionSignItem == nullptr) {
+ return NewSessionResult{
+ .grpcStatus = {
+ .statusCode = 5,
+ .errorText = "Session signature request not found for deviceID"}};
+ }
+ publicKeyItem = comm::network::database::DatabaseManager::getInstance()
+ .findPublicKeyItem(stringDeviceID);
+ if (publicKeyItem == nullptr) {
+ std::shared_ptr<comm::network::database::PublicKeyItem> newPublicKeyItem =
+ std::make_shared<comm::network::database::PublicKeyItem>(
+ stringDeviceID, stringPublicKey);
+ comm::network::database::DatabaseManager::getInstance().putPublicKeyItem(
+ *newPublicKeyItem);
+ } else if (stringPublicKey != publicKeyItem->getPublicKey()) {
+ return NewSessionResult{
+ .grpcStatus = {
+ .statusCode = 7,
+ .errorText = "The public key doesn't match for deviceID"}};
+ }
+ const std::string verificationMessage = sessionSignItem->getSign();
+ if (!comm::network::crypto::rsaVerifyString(
+ stringPublicKey, verificationMessage, std::string{signature})) {
+ return NewSessionResult{
+ .grpcStatus = {
+ .statusCode = 7,
+ .errorText =
+ "Signature for the verification message is not valid"}};
+ }
+ comm::network::database::DatabaseManager::getInstance()
+ .removeSessionSignItem(stringDeviceID);
+
+ deviceSessionItem =
+ std::make_shared<comm::network::database::DeviceSessionItem>(
+ newSessionID,
+ stringDeviceID,
+ stringPublicKey,
+ std::string{notifyToken},
+ std::string{deviceType},
+ std::string{deviceAppVersion},
+ std::string{deviceOS});
+ comm::network::database::DatabaseManager::getInstance().putSessionItem(
+ *deviceSessionItem);
+ } catch (std::runtime_error &e) {
+ LOG(ERROR) << "gRPC: "
+ << "Error while processing 'NewSession' request: " << e.what();
+ return NewSessionResult{
+ .grpcStatus = {.statusCode = 13, .errorText = e.what()}};
+ }
+ return NewSessionResult{.sessionID = newSessionID};
+}
diff --git a/services/tunnelbroker/src/server/mod.rs b/services/tunnelbroker/src/server/mod.rs
--- a/services/tunnelbroker/src/server/mod.rs
+++ b/services/tunnelbroker/src/server/mod.rs
@@ -1,5 +1,5 @@
use super::constants;
-use super::cxx_bridge::ffi::sessionSignatureHandler;
+use super::cxx_bridge::ffi::{newSessionHandler, sessionSignatureHandler};
use anyhow::Result;
use futures::Stream;
use std::pin::Pin;
@@ -36,9 +36,36 @@
async fn new_session(
&self,
- _request: Request<tunnelbroker::NewSessionRequest>,
+ request: Request<tunnelbroker::NewSessionRequest>,
) -> Result<Response<tunnelbroker::NewSessionResponse>, Status> {
- Err(Status::unimplemented("Not implemented yet"))
+ let inner_request = request.into_inner();
+ let notify_token = inner_request.notify_token.unwrap_or(String::new());
+ let device_type = match inner_request.device_type {
+ 1 => String::from("MOBILE"),
+ 2 => String::from("WEB"),
+ 3 => String::from("KEYSERVER"),
+ _ => {
+ return Err(tools::create_tonic_status(3, "Unsupported device type"));
+ }
+ };
+ let result = newSessionHandler(
+ &inner_request.device_id,
+ &inner_request.public_key,
+ &inner_request.signature,
+ &device_type,
+ &inner_request.device_app_version,
+ &inner_request.device_os,
+ ¬ify_token,
+ );
+ if result.grpcStatus.statusCode > 0 {
+ return Err(tools::create_tonic_status(
+ result.grpcStatus.statusCode,
+ &result.grpcStatus.errorText,
+ ));
+ }
+ Ok(Response::new(tunnelbroker::NewSessionResponse {
+ session_id: result.sessionID,
+ }))
}
type MessagesStreamStream = Pin<
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Dec 23, 2:16 AM (18 h, 1 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2693179
Default Alt Text
D5490.id18194.diff (6 KB)
Attached To
Mode
D5490: [services] Tunnelbroker - Adding of gRPC `NewSession` wrapper implementation
Attached
Detach File
Event Timeline
Log In to Comment