github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/kbfs/libkbfs/mdserver_local_shared.go (about) 1 // Copyright 2016 Keybase Inc. All rights reserved. 2 // Use of this source code is governed by a BSD 3 // license that can be found in the LICENSE file. 4 5 package libkbfs 6 7 import ( 8 "sync" 9 10 "github.com/keybase/client/go/kbfs/kbfscodec" 11 "github.com/keybase/client/go/kbfs/kbfscrypto" 12 "github.com/keybase/client/go/kbfs/kbfsmd" 13 "github.com/keybase/client/go/kbfs/tlf" 14 "github.com/keybase/client/go/protocol/keybase1" 15 "github.com/pkg/errors" 16 "golang.org/x/net/context" 17 ) 18 19 // TODO: Have the functions below wrap their errors. 20 21 // Helper to aid in enforcement that only specified public keys can 22 // access TLF metadata. mergedMasterHead can be nil, in which case 23 // true is returned. 24 func isReader(ctx context.Context, teamMemChecker kbfsmd.TeamMembershipChecker, 25 currentUID keybase1.UID, mergedMasterHead kbfsmd.RootMetadata, 26 extra kbfsmd.ExtraMetadata) (bool, error) { 27 h, err := mergedMasterHead.MakeBareTlfHandle(extra) 28 if err != nil { 29 return false, err 30 } 31 32 if h.Type() == tlf.SingleTeam { 33 isReader, err := teamMemChecker.IsTeamReader( 34 ctx, h.Writers[0].AsTeamOrBust(), currentUID, 35 keybase1.OfflineAvailability_NONE) 36 if err != nil { 37 return false, kbfsmd.ServerError{Err: err} 38 } 39 return isReader, nil 40 } 41 42 return h.IsReader(currentUID.AsUserOrTeam()), nil 43 } 44 45 // Helper to aid in enforcement that only specified public keys can 46 // access TLF metadata. mergedMasterHead can be nil, in which case 47 // true is returned. 48 func isWriterOrValidRekey(ctx context.Context, 49 teamMemChecker kbfsmd.TeamMembershipChecker, codec kbfscodec.Codec, 50 currentUID keybase1.UID, verifyingKey kbfscrypto.VerifyingKey, 51 mergedMasterHead, newMd kbfsmd.RootMetadata, prevExtra, extra kbfsmd.ExtraMetadata) ( 52 bool, error) { 53 h, err := mergedMasterHead.MakeBareTlfHandle(prevExtra) 54 if err != nil { 55 return false, err 56 } 57 58 if h.Type() == tlf.SingleTeam { 59 isWriter, err := teamMemChecker.IsTeamWriter( 60 ctx, h.Writers[0].AsTeamOrBust(), currentUID, verifyingKey, 61 keybase1.OfflineAvailability_NONE) 62 if err != nil { 63 return false, kbfsmd.ServerError{Err: err} 64 } 65 // Team TLFs can't be rekeyed, so readers aren't ever valid. 66 return isWriter, nil 67 } 68 69 if h.IsWriter(currentUID.AsUserOrTeam()) { 70 return true, nil 71 } 72 73 if h.IsReader(currentUID.AsUserOrTeam()) { 74 // if this is a reader, are they acting within their 75 // restrictions? 76 return newMd.IsValidRekeyRequest( 77 codec, mergedMasterHead, currentUID, prevExtra, extra) 78 } 79 80 return false, nil 81 } 82 83 // mdServerLocalTruncateLockManager manages the truncate locks for a 84 // set of TLFs. Note that it is not goroutine-safe. 85 type mdServerLocalTruncateLockManager struct { 86 // TLF ID -> device crypt public key. 87 locksDb map[tlf.ID]kbfscrypto.CryptPublicKey 88 } 89 90 func newMDServerLocalTruncatedLockManager() mdServerLocalTruncateLockManager { 91 return mdServerLocalTruncateLockManager{ 92 locksDb: make(map[tlf.ID]kbfscrypto.CryptPublicKey), 93 } 94 } 95 96 func (m mdServerLocalTruncateLockManager) truncateLock( 97 deviceKey kbfscrypto.CryptPublicKey, id tlf.ID) (bool, error) { 98 lockKey, ok := m.locksDb[id] 99 if !ok { 100 m.locksDb[id] = deviceKey 101 return true, nil 102 } 103 104 if lockKey == deviceKey { 105 // idempotent 106 return true, nil 107 } 108 109 // Locked by someone else. 110 return false, kbfsmd.ServerErrorLocked{} 111 } 112 113 func (m mdServerLocalTruncateLockManager) truncateUnlock( 114 deviceKey kbfscrypto.CryptPublicKey, id tlf.ID) (bool, error) { 115 lockKey, ok := m.locksDb[id] 116 if !ok { 117 // Already unlocked. 118 return true, nil 119 } 120 121 if lockKey == deviceKey { 122 delete(m.locksDb, id) 123 return true, nil 124 } 125 126 // Locked by someone else. 127 return false, kbfsmd.ServerErrorLocked{} 128 } 129 130 // mdServerLocalUpdateManager manages the observers for a set of TLFs 131 // referenced by multiple mdServerLocal instances sharing the same 132 // data. It is goroutine-safe. 133 type mdServerLocalUpdateManager struct { 134 // Protects observers and sessionHeads. 135 lock sync.Mutex 136 observers map[tlf.ID]map[mdServerLocal]chan<- error 137 sessionHeads map[tlf.ID]mdServerLocal 138 } 139 140 func newMDServerLocalUpdateManager() *mdServerLocalUpdateManager { 141 return &mdServerLocalUpdateManager{ 142 observers: make(map[tlf.ID]map[mdServerLocal]chan<- error), 143 sessionHeads: make(map[tlf.ID]mdServerLocal), 144 } 145 } 146 147 func (m *mdServerLocalUpdateManager) setHead(id tlf.ID, server mdServerLocal) { 148 m.lock.Lock() 149 defer m.lock.Unlock() 150 151 m.sessionHeads[id] = server 152 153 // now fire all the observers that aren't from this session 154 for k, v := range m.observers[id] { 155 if k != server { 156 v <- nil 157 close(v) 158 delete(m.observers[id], k) 159 } 160 } 161 if len(m.observers[id]) == 0 { 162 delete(m.observers, id) 163 } 164 } 165 166 func (m *mdServerLocalUpdateManager) registerForUpdate( 167 id tlf.ID, currHead, currMergedHeadRev kbfsmd.Revision, 168 server mdServerLocal) <-chan error { 169 m.lock.Lock() 170 defer m.lock.Unlock() 171 172 c := make(chan error, 1) 173 if currMergedHeadRev > currHead && server != m.sessionHeads[id] { 174 c <- nil 175 close(c) 176 return c 177 } 178 179 if _, ok := m.observers[id]; !ok { 180 m.observers[id] = make(map[mdServerLocal]chan<- error) 181 } 182 183 // Otherwise, this is a legit observer. This assumes that each 184 // client will be using a unique instance of MDServerLocal. 185 if _, ok := m.observers[id][server]; ok { 186 // If the local node registers something twice, it indicates a 187 // fatal bug. Note that in the real MDServer implementation, 188 // we should allow this, in order to make the RPC properly 189 // idempotent. 190 panic(errors.Errorf("Attempted double-registration for MDServerLocal %v", 191 server)) 192 } 193 m.observers[id][server] = c 194 return c 195 } 196 197 func (m *mdServerLocalUpdateManager) cancel(id tlf.ID, server mdServerLocal) { 198 m.lock.Lock() 199 defer m.lock.Unlock() 200 201 // Cancel the registration for this server only. 202 for k, v := range m.observers[id] { 203 if k == server { 204 v <- errors.New("Registration canceled") 205 close(v) 206 delete(m.observers[id], k) 207 } 208 } 209 if len(m.observers[id]) == 0 { 210 delete(m.observers, id) 211 } 212 } 213 214 type keyBundleGetter func(tlf.ID, kbfsmd.TLFWriterKeyBundleID, kbfsmd.TLFReaderKeyBundleID) ( 215 *kbfsmd.TLFWriterKeyBundleV3, *kbfsmd.TLFReaderKeyBundleV3, error) 216 217 func getExtraMetadata(kbg keyBundleGetter, brmd kbfsmd.RootMetadata) (kbfsmd.ExtraMetadata, error) { 218 tlfID := brmd.TlfID() 219 wkbID := brmd.GetTLFWriterKeyBundleID() 220 rkbID := brmd.GetTLFReaderKeyBundleID() 221 if (wkbID == kbfsmd.TLFWriterKeyBundleID{}) != 222 (rkbID == kbfsmd.TLFReaderKeyBundleID{}) { 223 return nil, errors.Errorf( 224 "wkbID is empty (%t) != rkbID is empty (%t)", 225 wkbID == kbfsmd.TLFWriterKeyBundleID{}, 226 rkbID == kbfsmd.TLFReaderKeyBundleID{}) 227 } 228 229 if wkbID == (kbfsmd.TLFWriterKeyBundleID{}) { 230 return nil, nil 231 } 232 233 wkb, rkb, err := kbg(tlfID, wkbID, rkbID) 234 if err != nil { 235 return nil, err 236 } 237 238 return kbfsmd.NewExtraMetadataV3(*wkb, *rkb, false, false), nil 239 }