From 4730d6542f2a485f5c7ea46f752367662ae343ea Mon Sep 17 00:00:00 2001 From: Roei Erez Date: Wed, 8 Jan 2025 10:07:17 +0200 Subject: [PATCH 1/3] fix panic due to null pointer error --- middleware/auth.go | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/middleware/auth.go b/middleware/auth.go index c1ab861..56df04c 100644 --- a/middleware/auth.go +++ b/middleware/auth.go @@ -26,30 +26,34 @@ var ErrInternalError = fmt.Errorf("internal error") var ErrInvalidSignature = fmt.Errorf("invalid signature") var SignedMsgPrefix = []byte("realtimesync:") -func checkApiKey(config *config.Config, ctx context.Context, req interface{}) error { +func checkApiKey(config *config.Config, ctx context.Context, _ interface{}) error { if config.CACert.Raw == nil { return nil } md, ok := metadata.FromIncomingContext(ctx) if !ok { - return fmt.Errorf("Could not read request metadata") + return fmt.Errorf("could not read request metadata") } - authHeader := md.Get("Authorization")[0] + authHeaders := md.Get("Authorization") + if len(authHeaders) == 0 { + return fmt.Errorf("invalid auth header") + } + authHeader := authHeaders[0] if len(authHeader) <= 7 || !strings.HasPrefix(authHeader, "Bearer ") { - return fmt.Errorf("Invalid auth header") + return fmt.Errorf("invalid auth header") } apiKey := authHeader[7:] block, err := base64.StdEncoding.DecodeString(apiKey) if err != nil { - return fmt.Errorf("Could not decode auth header: %v", err) + return fmt.Errorf("could not decode auth header: %v", err) } cert, err := x509.ParseCertificate(block) if err != nil { - return fmt.Errorf("Could not parse certificate: %v", err) + return fmt.Errorf("could not parse certificate: %v", err) } rootPool := x509.NewCertPool() @@ -59,10 +63,10 @@ func checkApiKey(config *config.Config, ctx context.Context, req interface{}) er Roots: rootPool, }) if err != nil { - return fmt.Errorf("Certificate verification error: %v", err) + return fmt.Errorf("certificate verification error: %v", err) } if len(chains) != 1 || len(chains[0]) != 2 || !chains[0][0].Equal(cert) || !chains[0][1].Equal(config.CACert.Raw) { - return fmt.Errorf("Certificate verification error: invalid chain of trust") + return fmt.Errorf("certificate verification error: invalid chain of trust") } return nil From c63123743e65f32bb0ccdf63e1cf12ea69ff7b98 Mon Sep 17 00:00:00 2001 From: Roei Erez Date: Wed, 8 Jan 2025 11:10:39 +0200 Subject: [PATCH 2/3] Add some logs. --- syncer_server.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/syncer_server.go b/syncer_server.go index 178948d..70f41c6 100644 --- a/syncer_server.go +++ b/syncer_server.go @@ -88,11 +88,13 @@ func (s *PersistentSyncerServer) SetRecord(ctx context.Context, msg *proto.SetRe } func (s *PersistentSyncerServer) ListChanges(ctx context.Context, msg *proto.ListChangesRequest) (*proto.ListChangesReply, error) { + log.Println("ListChanges: started") c, err := middleware.Authenticate(s.config, ctx, msg) if err != nil { return nil, err } pubkey := c.Value(middleware.USER_PUBKEY_CONTEXT_KEY).(string) + log.Printf("ListChanges: pubkey: %v\n", pubkey) changed, err := s.storage.ListChanges(c, pubkey, msg.SinceRevision) if err != nil { return nil, err @@ -106,6 +108,7 @@ func (s *PersistentSyncerServer) ListChanges(ctx context.Context, msg *proto.Lis SchemaVersion: r.SchemaVersion, } } + log.Println("ListChanges: ended") return &proto.ListChangesReply{ Changes: records, }, nil From 87c64ce7d6b1a07d241ec0e6c71f3c4e86bc594e Mon Sep 17 00:00:00 2001 From: Roei Erez Date: Wed, 8 Jan 2025 11:23:04 +0200 Subject: [PATCH 3/3] Add some more logging --- syncer_server.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/syncer_server.go b/syncer_server.go index 70f41c6..eaf257a 100644 --- a/syncer_server.go +++ b/syncer_server.go @@ -63,11 +63,14 @@ func (s *PersistentSyncerServer) Start(quitChan chan struct{}) { } func (s *PersistentSyncerServer) SetRecord(ctx context.Context, msg *proto.SetRecordRequest) (*proto.SetRecordReply, error) { + log.Println("SetRecord: started") c, err := middleware.Authenticate(s.config, ctx, msg) if err != nil { + log.Printf("SetRecord completed with auth error: %v\n", err) return nil, err } pubkey := c.Value(middleware.USER_PUBKEY_CONTEXT_KEY).(string) + log.Printf("SetRecord: pubkey: %v\n", pubkey) newRevision, err := s.storage.SetRecord(c, pubkey, msg.Record.Id, msg.Record.Data, msg.Record.Revision, msg.Record.SchemaVersion) if err != nil { @@ -81,6 +84,7 @@ func (s *PersistentSyncerServer) SetRecord(ctx context.Context, msg *proto.SetRe newRecord := msg.Record newRecord.Revision = newRevision s.eventsManager.notifyChange(c.Value(middleware.USER_PUBKEY_CONTEXT_KEY).(string), newRecord) + log.Println("SetRecord: finished") return &proto.SetRecordReply{ Status: proto.SetRecordStatus_SUCCESS, NewRevision: newRevision, @@ -91,6 +95,7 @@ func (s *PersistentSyncerServer) ListChanges(ctx context.Context, msg *proto.Lis log.Println("ListChanges: started") c, err := middleware.Authenticate(s.config, ctx, msg) if err != nil { + log.Printf("ListChanges completed with auth error: %v\n", err) return nil, err } pubkey := c.Value(middleware.USER_PUBKEY_CONTEXT_KEY).(string) @@ -108,7 +113,7 @@ func (s *PersistentSyncerServer) ListChanges(ctx context.Context, msg *proto.Lis SchemaVersion: r.SchemaVersion, } } - log.Println("ListChanges: ended") + log.Printf("ListChanges: finished with %v records\n", len(records)) return &proto.ListChangesReply{ Changes: records, }, nil