diff options
author | Stuart Stock <stuart@int08h.com> | 2018-10-26 22:33:36 -0500 |
---|---|---|
committer | Stuart Stock <stuart@int08h.com> | 2018-10-26 22:33:36 -0500 |
commit | 388976db0419127384055810ba54f0610d1069b9 (patch) | |
tree | b52b72196239862cff3c7f21d9790977678df6db /src | |
parent | eb06e63faa8cbb98533b408e39bd3fd27e5d14ae (diff) | |
download | roughenough-388976db0419127384055810ba54f0610d1069b9.zip |
Docs, polish, clean-ups for KMS and health-check features
Diffstat (limited to 'src')
-rw-r--r-- | src/bin/roughenough-client.rs | 19 | ||||
-rw-r--r-- | src/bin/roughenough-kms.rs | 4 | ||||
-rw-r--r-- | src/bin/roughenough-server.rs | 18 | ||||
-rw-r--r-- | src/lib.rs | 13 |
4 files changed, 27 insertions, 27 deletions
diff --git a/src/bin/roughenough-client.rs b/src/bin/roughenough-client.rs index 9318417..5d7c25c 100644 --- a/src/bin/roughenough-client.rs +++ b/src/bin/roughenough-client.rs @@ -36,7 +36,7 @@ use std::net::{ToSocketAddrs, UdpSocket}; use clap::{App, Arg}; use roughenough::merkle::root_from_paths; use roughenough::sign::Verifier; -use roughenough::{RtMessage, Tag, CERTIFICATE_CONTEXT, SIGNED_RESPONSE_CONTEXT, VERSION}; +use roughenough::{RtMessage, Tag, CERTIFICATE_CONTEXT, SIGNED_RESPONSE_CONTEXT, roughenough_version}; fn create_nonce() -> [u8; 64] { let rng = rand::SystemRandom::new(); @@ -136,7 +136,7 @@ impl ResponseHandler { &self.cert[&Tag::SIG], &full_cert ), - "Invalid signature on DELE tag!" + "Invalid signature on DELE tag, response may not be authentic" ); } @@ -146,7 +146,7 @@ impl ResponseHandler { assert!( self.validate_sig(&self.dele[&Tag::PUBK], &self.msg[&Tag::SIG], &full_srep), - "Invalid signature on SREP tag!" + "Invalid signature on SREP tag, response may not be authentic" ); } @@ -162,7 +162,7 @@ impl ResponseHandler { let hash = root_from_paths(index as usize, &self.nonce, paths); - assert_eq!(hash, srep[&Tag::ROOT], "Nonce not in merkle tree!"); + assert_eq!(hash, srep[&Tag::ROOT], "Nonce is not present in the response's merkle tree"); } fn validate_midpoint(&self, midpoint: u64) { @@ -177,12 +177,12 @@ impl ResponseHandler { assert!( midpoint >= mint, - "Response midpoint {} lies before delegation span ({}, {})", + "Response midpoint {} lies *before* delegation span ({}, {})", midpoint, mint, maxt ); assert!( midpoint <= maxt, - "Response midpoint {} lies after delegation span ({}, {})", + "Response midpoint {} lies *after* delegation span ({}, {})", midpoint, mint, maxt ); } @@ -196,7 +196,7 @@ impl ResponseHandler { fn main() { let matches = App::new("roughenough client") - .version(VERSION) + .version(roughenough_version().as_ref()) .arg(Arg::with_name("host") .required(true) .help("The Roughtime server to connect to") @@ -309,10 +309,11 @@ fn main() { let nsecs = (midpoint - (seconds * 10_u64.pow(6))) * 10_u64.pow(3); let spec = Utc.timestamp(seconds as i64, nsecs as u32); let out = spec.format(time_format).to_string(); + let verify_str = if verified { "Yes" } else { "No" }; println!( - "Received time from server: midpoint={:?}, radius={:?} (merkle_index={}, verified={})", - out, radius, index, verified + "Received time from server: midpoint={:?}, radius={:?}, verified={} (merkle_index={})", + out, radius, verify_str, index ); } } diff --git a/src/bin/roughenough-kms.rs b/src/bin/roughenough-kms.rs index 389d076..b9099cd 100644 --- a/src/bin/roughenough-kms.rs +++ b/src/bin/roughenough-kms.rs @@ -26,7 +26,7 @@ extern crate simple_logger; extern crate untrusted; use clap::{App, Arg}; -use roughenough::VERSION; +use roughenough::roughenough_version; #[cfg(feature = "awskms")] fn aws_kms(kms_key: &str, plaintext_seed: &[u8]) { @@ -69,7 +69,7 @@ pub fn main() { simple_logger::init_with_level(Level::Info).unwrap(); let matches = App::new("roughenough-kms") - .version(VERSION) + .version(roughenough_version().as_ref()) .long_about("Encrypt a Roughenough server's long-term seed using a KMS") .arg( Arg::with_name("KEY_ID") diff --git a/src/bin/roughenough-server.rs b/src/bin/roughenough-server.rs index 9778998..d541207 100644 --- a/src/bin/roughenough-server.rs +++ b/src/bin/roughenough-server.rs @@ -41,7 +41,7 @@ use std::sync::atomic::Ordering; use roughenough::config; use roughenough::config::ServerConfig; use roughenough::server::Server; -use roughenough::VERSION; +use roughenough::roughenough_version; macro_rules! check_ctrlc { ($keep_running:expr) => { @@ -93,26 +93,12 @@ fn polling_loop(config: Box<ServerConfig>) { } } -fn kms_support_str() -> &'static str { - if cfg!(feature = "awskms") { - " (+AWS KMS)" - } else if cfg!(feature = "gcpkms") { - " (+GCP KMS)" - } else { - "" - } -} - pub fn main() { use log::Level; simple_logger::init_with_level(Level::Info).unwrap(); - info!( - "Roughenough server v{}{} starting", - VERSION, - kms_support_str() - ); + info!("Roughenough server v{} starting", roughenough_version()); let mut args = env::args(); if args.len() != 2 { @@ -86,6 +86,19 @@ pub use tag::Tag; /// Version of Roughenough pub const VERSION: &str = "1.1.0"; +/// Roughenough version string enriched with any compile-time optional features +pub fn roughenough_version() -> String { + let kms_str = if cfg!(feature = "awskms") { + " (+AWS KMS)" + } else if cfg!(feature = "gcpkms") { + " (+GCP KMS)" + } else { + "" + }; + + format!("{}{}", VERSION, kms_str) +} + // Constants and magic numbers of the Roughtime protocol /// Minimum size (in bytes) of a client request |