2020-03-13 18:02:54 +01:00
# pragma once
2020-06-23 00:36:16 +02:00
# include <iosfwd>
2020-04-13 18:03:19 +02:00
# include <string>
# include <cstring>
# include <unordered_set>
2020-03-13 18:02:54 +01:00
2021-01-14 19:37:14 +01:00
namespace oxenmq {
2020-03-13 18:02:54 +01:00
/// Authentication levels for command categories and connections
enum class AuthLevel {
denied , ///< Not actually an auth level, but can be returned by the AllowFunc to deny an incoming connection.
none , ///< No authentication at all; any random incoming ZMQ connection can invoke this command.
basic , ///< Basic authentication commands require a login, or a node that is specifically configured to be a public node (e.g. for public RPC).
admin , ///< Advanced authentication commands require an admin user, either via explicit login or by implicit login from localhost. This typically protects administrative commands like shutting down, starting mining, or access sensitive data.
} ;
std : : ostream & operator < < ( std : : ostream & os , AuthLevel a ) ;
/// The access level for a command category
struct Access {
/// Minimum access level required
2020-04-24 02:52:39 +02:00
AuthLevel auth ;
2020-03-13 18:02:54 +01:00
/// If true only remote SNs may call the category commands
2020-04-24 02:52:39 +02:00
bool remote_sn ;
2020-03-13 18:02:54 +01:00
/// If true the category requires that the local node is a SN
2020-04-24 02:52:39 +02:00
bool local_sn ;
2020-03-13 18:02:54 +01:00
1.1.0: invocation-time SN auth; failure responses
This replaces the recognition of SN status to be checked per-command
invocation rather than on connection. As this breaks the API quite
substantially, though doesn't really affect the functionality, it seems
suitable to bump the minor version.
This requires a fundamental shift in how the calling application tells
LokiMQ about service nodes: rather than using a callback invoked on
connection, the application now has to call set_active_sns() (or the
more efficient update_active_sns(), if changes are readily available) to
update the list whenever it changes. LokiMQ then keeps this list
internally and uses it when determining whether to invoke.
This release also brings better request responses on errors: when a
request fails, the data argument will now be set to the failure reason,
one of:
- TIMEOUT
- UNKNOWNCOMMAND
- NOT_A_SERVICE_NODE (the remote isn't running in SN mode)
- FORBIDDEN (auth level denies the request)
- FORBIDDEN_SN (SN required and the remote doesn't see us as a SN)
Some of these (UNKNOWNCOMMAND, NOT_A_SERVICE_NODE, FORBIDDEN) were
already sent by remotes, but there was no connection to a request and so
they would log a warning, but the request would have to time out.
These errors (minus TIMEOUT, plus NO_REPLY_TAG signalling that a command
is a request but didn't include a reply tag) are also sent in response
to regular commands, but they simply result in a log warning showing the
error type and the command that caused the failure when received.
2020-04-13 00:57:19 +02:00
/// Constructor. Intentionally allows implicit conversion from an AuthLevel so that an
/// AuthLevel can be passed anywhere an Access is required (the resulting Access will have both
/// remote and local sn set to false).
2020-04-24 02:52:39 +02:00
Access ( AuthLevel auth = AuthLevel : : none , bool remote_sn = false , bool local_sn = false )
1.1.0: invocation-time SN auth; failure responses
This replaces the recognition of SN status to be checked per-command
invocation rather than on connection. As this breaks the API quite
substantially, though doesn't really affect the functionality, it seems
suitable to bump the minor version.
This requires a fundamental shift in how the calling application tells
LokiMQ about service nodes: rather than using a callback invoked on
connection, the application now has to call set_active_sns() (or the
more efficient update_active_sns(), if changes are readily available) to
update the list whenever it changes. LokiMQ then keeps this list
internally and uses it when determining whether to invoke.
This release also brings better request responses on errors: when a
request fails, the data argument will now be set to the failure reason,
one of:
- TIMEOUT
- UNKNOWNCOMMAND
- NOT_A_SERVICE_NODE (the remote isn't running in SN mode)
- FORBIDDEN (auth level denies the request)
- FORBIDDEN_SN (SN required and the remote doesn't see us as a SN)
Some of these (UNKNOWNCOMMAND, NOT_A_SERVICE_NODE, FORBIDDEN) were
already sent by remotes, but there was no connection to a request and so
they would log a warning, but the request would have to time out.
These errors (minus TIMEOUT, plus NO_REPLY_TAG signalling that a command
is a request but didn't include a reply tag) are also sent in response
to regular commands, but they simply result in a log warning showing the
error type and the command that caused the failure when received.
2020-04-13 00:57:19 +02:00
: auth { auth } , remote_sn { remote_sn } , local_sn { local_sn } { }
2020-03-13 18:02:54 +01:00
} ;
2020-04-13 18:03:19 +02:00
/// Simple hash implementation for a string that is *already* a hash-like value (such as a pubkey).
/// Falls back to std::hash<std::string> if given a string smaller than a size_t.
struct already_hashed {
size_t operator ( ) ( const std : : string & s ) const {
if ( s . size ( ) < sizeof ( size_t ) )
return std : : hash < std : : string > { } ( s ) ;
size_t hash ;
std : : memcpy ( & hash , & s [ 0 ] , sizeof ( hash ) ) ;
return hash ;
}
} ;
/// std::unordered_set specialization for specifying pubkeys (used, in particular, by
2021-01-14 19:37:14 +01:00
/// OxenMQ::set_active_sns and OxenMQ::update_active_sns); this is a std::string unordered_set that
2020-04-13 18:03:19 +02:00
/// also uses a specialized trivial hash function that uses part of the value itself (i.e. the
/// pubkey) directly as a hash value. (This is nice and fast for uniformly distributed values like
/// pubkeys and a terrible hash choice for anything else).
using pubkey_set = std : : unordered_set < std : : string , already_hashed > ;
2020-03-13 18:02:54 +01:00
}
