Skip to content

Commit

Permalink
Separate encrypted and non-encrypted paths
Browse files Browse the repository at this point in the history 
Do not rely on dbl-sha2-256 codec to determine if querying for encrypted or non-encrypted multihash. Use URL path instead.
  • Loading branch information
@gammazero
gammazero committed Aug 29, 2023
1 parent d555005 commit e1a0085
Show file tree
Hide file tree
Showing 2 changed files with 63 additions and 15 deletions.
24 changes: 17 additions & 7 deletions server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ import (
"net"
"net/http"
"path"
"strings"
"time"

logging "github.com/ipfs/go-log/v2"
Expand Down Expand Up @@ -75,9 +74,12 @@ func New(dhs dhstore.DHStore, addr string, options ...Option) (*Server, error) {
},
}

mux.HandleFunc("/cid/", s.handleMhOrCidSubtree)
mux.HandleFunc("/cid/", s.handleNoEncMhOrCidSubtree)
mux.HandleFunc("/encrypted/cid/", s.handleEncMhOrCidSubtree)
mux.HandleFunc("/multihash", s.handleMh)
mux.HandleFunc("/multihash/", s.handleMhOrCidSubtree)
mux.HandleFunc("/encrypted/multihash", s.handleMh)
mux.HandleFunc("/multihash/", s.handleNoEncMhOrCidSubtree)
mux.HandleFunc("/encrypted/multihash/", s.handleEncMhOrCidSubtree)
mux.HandleFunc("/metadata", s.handleMetadata)
mux.HandleFunc("/metadata/", s.handleMetadataSubtree)
mux.HandleFunc("/ready", s.handleReady)
Expand Down Expand Up @@ -132,7 +134,15 @@ func (s *Server) handleMh(w http.ResponseWriter, r *http.Request) {
}
}

func (s *Server) handleMhOrCidSubtree(w http.ResponseWriter, r *http.Request) {
func (s *Server) handleEncMhOrCidSubtree(w http.ResponseWriter, r *http.Request) {
s.handleMhOrCidSubtree(w, r, true)
}

func (s *Server) handleNoEncMhOrCidSubtree(w http.ResponseWriter, r *http.Request) {
s.handleMhOrCidSubtree(w, r, false)
}

func (s *Server) handleMhOrCidSubtree(w http.ResponseWriter, r *http.Request, encrypted bool) {
if r.Method != http.MethodGet {
w.Header().Set("Allow", http.MethodGet)
http.Error(w, "", http.StatusMethodNotAllowed)
Expand All @@ -146,7 +156,7 @@ func (s *Server) handleMhOrCidSubtree(w http.ResponseWriter, r *http.Request) {
return
}

if rspWriter.MultihashCode() == multihash.DBL_SHA2_256 {
if encrypted {
s.lookupMh(newEncResponseWriter(rspWriter), r)
return
}
Expand Down Expand Up @@ -370,7 +380,7 @@ func (s *Server) handleMetadataSubtree(w http.ResponseWriter, r *http.Request) {
}

func (s *Server) handleGetMetadata(w http.ResponseWriter, r *http.Request) {
sk := strings.TrimPrefix(path.Base(r.URL.Path), "metadata/")
sk := path.Base(r.URL.Path)
hvk, err := base58.Decode(sk)
if err != nil {
http.Error(w, fmt.Sprintf("cannot decode key %s as bas58: %s", sk, err.Error()), http.StatusBadRequest)
Expand All @@ -394,7 +404,7 @@ func (s *Server) handleGetMetadata(w http.ResponseWriter, r *http.Request) {
}

func (s *Server) handleDeleteMetadata(w http.ResponseWriter, r *http.Request) {
sk := strings.TrimPrefix(path.Base(r.URL.Path), "metadata/")
sk := path.Base(r.URL.Path)
b, err := base58.Decode(sk)
if err != nil {
http.Error(w, fmt.Sprintf("cannot decode key %s as bas58: %s", sk, err.Error()), http.StatusBadRequest)
Expand Down
54 changes: 46 additions & 8 deletions server/server_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,12 @@ func TestNewServeMux(t *testing.T) {
onTarget: "/multihash",
expectStatus: http.StatusMethodNotAllowed,
},
{
name: "GET /encrypted/multihash is 405",
onMethod: http.MethodGet,
onTarget: "/multihash",
expectStatus: http.StatusMethodNotAllowed,
},
{
name: "PUT /multihash with no body is 400",
onMethod: http.MethodPut,
Expand All @@ -64,6 +70,14 @@ func TestNewServeMux(t *testing.T) {
expectStatus: http.StatusBadRequest,
expectBody: "at least one merge must be specified",
},
{
name: "PUT /multihash with no merges is 400",
onMethod: http.MethodPut,
onTarget: "/multihash",
onBody: "{}",
expectStatus: http.StatusBadRequest,
expectBody: "at least one merge must be specified",
},
{
name: "PUT /multihash with invalid multihash is 400",
onMethod: http.MethodPut,
Expand Down Expand Up @@ -135,20 +149,20 @@ func TestNewServeMux(t *testing.T) {
dhfind: true,
},
{
name: "GET /multihash/subtree with valid absent dbl-sha2-256 multihash is 404",
name: "GET /encrypted/multihash/subtree with valid absent dbl-sha2-256 multihash is 404",
onMethod: http.MethodGet,
onTarget: "/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
onTarget: "/encrypted/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
expectStatus: http.StatusNotFound,
},
{
name: "GET /multihash/subtree with valid present dbl-sha2-256 multihash is 200",
name: "GET /encrypted/multihash/subtree with valid present dbl-sha2-256 multihash is 200",
onStore: func(t *testing.T, store dhstore.DHStore) {
mh, err := multihash.FromB58String("2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82")
require.NoError(t, err)
require.NoError(t, store.MergeIndexes([]dhstore.Index{{Key: mh, Value: []byte("fish")}}))
},
onMethod: http.MethodGet,
onTarget: "/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
onTarget: "/encrypted/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
expectStatus: http.StatusOK,
expectBody: `{"EncryptedMultihashResults": [{ "Multihash": "ViAJKqT0hRtxENbtjWwvnRogQknxUnhswNrose3ZjEP8Iw==", "EncryptedValueKeys": ["ZmlzaA=="] }]}`,
expectJSON: true,
Expand All @@ -169,6 +183,22 @@ func TestNewServeMux(t *testing.T) {
expectStatus: http.StatusBadRequest,
expectBody: "varint not minimally encoded",
},
{
name: "streaming GET /encrypted/multihash/subtree with bad length is 400",
onAcceptHeader: "application/x-ndjson",
onMethod: http.MethodGet,
onTarget: "/encrypted/multihash/asda",
expectStatus: http.StatusBadRequest,
expectBody: "length greater than remaining number of bytes in buffer",
},
{
name: "streaming GET /encrypted/multihash/subtree with invalid varint is 400",
onAcceptHeader: "application/x-ndjson",
onMethod: http.MethodGet,
onTarget: "/encrypted/multihash/Quickfish",
expectStatus: http.StatusBadRequest,
expectBody: "varint not minimally encoded",
},
{
name: "streaming GET /multihash/subtree with invalid multihash is 400",
onAcceptHeader: "application/x-ndjson",
Expand All @@ -177,6 +207,14 @@ func TestNewServeMux(t *testing.T) {
expectStatus: http.StatusBadRequest,
expectBody: "input isn't valid multihash",
},
{
name: "streaming GET /encrypted/multihash/subtree with invalid multihash is 400",
onAcceptHeader: "application/x-ndjson",
onMethod: http.MethodGet,
onTarget: "/encrypted/multihash/Qmackerel",
expectStatus: http.StatusBadRequest,
expectBody: "input isn't valid multihash",
},
{
name: "streaming GET /multihash/subtree with valid non-dbl-sha2-256 multihash is 400",
onAcceptHeader: "application/x-ndjson",
Expand All @@ -194,14 +232,14 @@ func TestNewServeMux(t *testing.T) {
dhfind: true,
},
{
name: "streaming GET /multihash/subtree with valid absent dbl-sha2-256 multihash is 404",
name: "streaming GET /encrypted/multihash/subtree with valid absent dbl-sha2-256 multihash is 404",
onAcceptHeader: "application/x-ndjson",
onMethod: http.MethodGet,
onTarget: "/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
onTarget: "/encrypted/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
expectStatus: http.StatusNotFound,
},
{
name: "streaming GET /multihash/subtree with valid present dbl-sha2-256 multihash is 200",
name: "streaming GET /encrypted/multihash/subtree with valid present dbl-sha2-256 multihash is 200",
onAcceptHeader: "application/x-ndjson",
onStore: func(t *testing.T, store dhstore.DHStore) {
mh, err := multihash.FromB58String("2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82")
Expand All @@ -213,7 +251,7 @@ func TestNewServeMux(t *testing.T) {
}))
},
onMethod: http.MethodGet,
onTarget: "/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
onTarget: "/encrypted/multihash/2wvdp9y1J63yDvaPawP4kUjXezRLcu9x9u2DAB154dwai82",
expectStatus: http.StatusOK,
expectBody: `{"EncryptedValueKey":"ZmlzaA=="}
{"EncryptedValueKey":"bG9ic3Rlcg=="}
Expand Down

0 comments on commit e1a0085

Please sign in to comment.