core
/
trifid
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 7 Releases Wiki Activity

clean up dnclient endpoint debug logging

This commit is contained in:
core 2023-07-29 19:36:32 -04:00
parent 3eefcad767
commit 407deb1796
Signed by: core
GPG Key ID: FDBF740DADDCEECF
2 changed files with 3 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
trifid-api/src/codegen/mod.rs
View File

@ -16,7 +16,7 @@ use crate::keystore::keystore_init;
use crate::AppState; use crate::AppState;
use ed25519_dalek::SigningKey; use ed25519_dalek::SigningKey;
use ipnet::Ipv4Net; use ipnet::Ipv4Net;
use log::{debug, error}; use log::{error};
use sea_orm::{ColumnTrait, Condition, EntityTrait, QueryFilter}; use sea_orm::{ColumnTrait, Condition, EntityTrait, QueryFilter};
use serde_yaml::{Mapping, Value}; use serde_yaml::{Mapping, Value};
use trifid_api_entities::entity::{ use trifid_api_entities::entity::{
@ -47,10 +47,6 @@ pub async fn generate_config(
_data: &Data<AppState>, _data: &Data<AppState>,
info: &CodegenRequiredInfo, info: &CodegenRequiredInfo,
) -> Result<(NebulaConfig, NebulaCertificate), Box<dyn Error>> { ) -> Result<(NebulaConfig, NebulaCertificate), Box<dyn Error>> {
debug!(
"chk: deserialize CA cert {:x?}",
hex::decode(&info.ca.cert)?
);
// decode the CA data // decode the CA data
let ca_cert = deserialize_nebula_certificate_from_pem(&hex::decode(&info.ca.cert)?)?; let ca_cert = deserialize_nebula_certificate_from_pem(&hex::decode(&info.ca.cert)?)?;

10
trifid-api/src/routes/v1/dnclient.rs
View File

@ -11,7 +11,7 @@ use dnapi_rs::message::{
SignedResponseWrapper, SignedResponseWrapper,
}; };
use ed25519_dalek::{Signature, Signer, Verifier, VerifyingKey}; use ed25519_dalek::{Signature, Signer, Verifier, VerifyingKey};
use log::{debug, error}; use log::{error, warn};
use std::clone::Clone; use std::clone::Clone;
use trifid_pki::cert::{deserialize_ed25519_public, deserialize_x25519_public}; use trifid_pki::cert::{deserialize_ed25519_public, deserialize_x25519_public};
use trifid_pki::x25519_dalek::PublicKey; use trifid_pki::x25519_dalek::PublicKey;
@ -48,8 +48,6 @@ pub async fn dnclient(
} }
}; };
debug!("{}", host);
let host_in_ks = keystore.hosts.iter_mut().find(|u| &u.id == host); let host_in_ks = keystore.hosts.iter_mut().find(|u| &u.id == host);
let host_in_ks = match host_in_ks { let host_in_ks = match host_in_ks {
Some(host) => host, Some(host) => host,
@ -98,7 +96,7 @@ pub async fn dnclient(
.is_err() .is_err()
{ {
// Be intentionally vague as the message is invalid. // Be intentionally vague as the message is invalid.
debug!("! invalid signature"); warn!("! invalid signature from {}", host);
return HttpResponse::Unauthorized().json(vec![APIError { return HttpResponse::Unauthorized().json(vec![APIError {
code: "ERR_HOST_ERROR".to_string(), code: "ERR_HOST_ERROR".to_string(),
message: "The host does not exist or you do not have permission to access it." message: "The host does not exist or you do not have permission to access it."
@ -110,8 +108,6 @@ pub async fn dnclient(
// Sig OK // Sig OK
// Decode the message from base64 // Decode the message from base64
debug!("{}", req.message);
let msg_raw = match base64::engine::general_purpose::STANDARD.decode(&req.message) { let msg_raw = match base64::engine::general_purpose::STANDARD.decode(&req.message) {
Ok(msg) => msg, Ok(msg) => msg,
Err(e) => { Err(e) => {
@ -126,8 +122,6 @@ pub async fn dnclient(
// Decode it into RequestWrapper // Decode it into RequestWrapper
debug!("{:?}", String::from_utf8(msg_raw.clone()));
let req_w: RequestWrapper = match serde_json::from_slice(&msg_raw) { let req_w: RequestWrapper = match serde_json::from_slice(&msg_raw) {
Ok(msg) => msg, Ok(msg) => msg,
Err(e) => { Err(e) => {