Delete peer (#114)

* feature: add peer deletion * feature: add peer deletion [CLIENT] * fix: lint error * test: fix sync block * test: fix management test * feature: add client stop after was deleted * chore: remove permission denied cancellation * chore: add larger signal backoff * feature: notify deleted peer of removal * fix: lint issue * chore: add 2nd default key - one off * test: fix account key check
2026-04-18 00:06:38 +00:00 · 2021-09-07 18:36:46 +02:00
parent a859f6c511
commit ec759bc461
16 changed files with 312 additions and 184 deletions
--- a/management/server/account.go
+++ b/management/server/account.go
@@ -13,7 +13,8 @@ import (
 type AccountManager struct {
 	Store Store
 	// mutex to synchronise account operations (e.g. generating Peer IP address inside the Network)
-	mux sync.Mutex
+	mux                sync.Mutex
+	peersUpdateManager *PeersUpdateManager
 }

 // Account represents a unique account of the system
@@ -25,19 +26,20 @@ type Account struct {
 }

 // NewManager creates a new AccountManager with a provided Store
-func NewManager(store Store) *AccountManager {
+func NewManager(store Store, peersUpdateManager *PeersUpdateManager) *AccountManager {
 	return &AccountManager{
-		Store: store,
-		mux:   sync.Mutex{},
+		Store:              store,
+		mux:                sync.Mutex{},
+		peersUpdateManager: peersUpdateManager,
 	}
 }

 //AddSetupKey generates a new setup key with a given name and type, and adds it to the specified account
-func (manager *AccountManager) AddSetupKey(accountId string, keyName string, keyType SetupKeyType, expiresIn time.Duration) (*SetupKey, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) AddSetupKey(accountId string, keyName string, keyType SetupKeyType, expiresIn time.Duration) (*SetupKey, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	account, err := manager.Store.GetAccount(accountId)
+	account, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		return nil, status.Errorf(codes.NotFound, "account not found")
 	}
@@ -45,7 +47,7 @@ func (manager *AccountManager) AddSetupKey(accountId string, keyName string, key
 	setupKey := GenerateSetupKey(keyName, keyType, expiresIn)
 	account.SetupKeys[setupKey.Key] = setupKey

-	err = manager.Store.SaveAccount(account)
+	err = am.Store.SaveAccount(account)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed adding account key")
 	}
@@ -54,11 +56,11 @@ func (manager *AccountManager) AddSetupKey(accountId string, keyName string, key
 }

 //RevokeSetupKey marks SetupKey as revoked - becomes not valid anymore
-func (manager *AccountManager) RevokeSetupKey(accountId string, keyId string) (*SetupKey, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) RevokeSetupKey(accountId string, keyId string) (*SetupKey, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	account, err := manager.Store.GetAccount(accountId)
+	account, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		return nil, status.Errorf(codes.NotFound, "account not found")
 	}
@@ -71,7 +73,7 @@ func (manager *AccountManager) RevokeSetupKey(accountId string, keyId string) (*
 	keyCopy := setupKey.Copy()
 	keyCopy.Revoked = true
 	account.SetupKeys[keyCopy.Key] = keyCopy
-	err = manager.Store.SaveAccount(account)
+	err = am.Store.SaveAccount(account)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed adding account key")
 	}
@@ -80,11 +82,11 @@ func (manager *AccountManager) RevokeSetupKey(accountId string, keyId string) (*
 }

 //RenameSetupKey renames existing setup key of the specified account.
-func (manager *AccountManager) RenameSetupKey(accountId string, keyId string, newName string) (*SetupKey, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) RenameSetupKey(accountId string, keyId string, newName string) (*SetupKey, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	account, err := manager.Store.GetAccount(accountId)
+	account, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		return nil, status.Errorf(codes.NotFound, "account not found")
 	}
@@ -97,7 +99,7 @@ func (manager *AccountManager) RenameSetupKey(accountId string, keyId string, ne
 	keyCopy := setupKey.Copy()
 	keyCopy.Name = newName
 	account.SetupKeys[keyCopy.Key] = keyCopy
-	err = manager.Store.SaveAccount(account)
+	err = am.Store.SaveAccount(account)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed adding account key")
 	}
@@ -106,11 +108,11 @@ func (manager *AccountManager) RenameSetupKey(accountId string, keyId string, ne
 }

 //GetAccount returns an existing account or error (NotFound) if doesn't exist
-func (manager *AccountManager) GetAccount(accountId string) (*Account, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) GetAccount(accountId string) (*Account, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	account, err := manager.Store.GetAccount(accountId)
+	account, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		return nil, status.Errorf(codes.NotFound, "account not found")
 	}
@@ -119,21 +121,21 @@ func (manager *AccountManager) GetAccount(accountId string) (*Account, error) {
 }

 // GetOrCreateAccount returns an existing account or creates a new one if doesn't exist
-func (manager *AccountManager) GetOrCreateAccount(accountId string) (*Account, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) GetOrCreateAccount(accountId string) (*Account, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	_, err := manager.Store.GetAccount(accountId)
+	_, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		if s, ok := status.FromError(err); ok && s.Code() == codes.NotFound {
-			return manager.createAccount(accountId)
+			return am.createAccount(accountId)
 		} else {
 			// other error
 			return nil, err
 		}
 	}

-	account, err := manager.Store.GetAccount(accountId)
+	account, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed retrieving account")
 	}
@@ -142,12 +144,12 @@ func (manager *AccountManager) GetOrCreateAccount(accountId string) (*Account, e
 }

 //AccountExists checks whether account exists (returns true) or not (returns false)
-func (manager *AccountManager) AccountExists(accountId string) (*bool, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) AccountExists(accountId string) (*bool, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

 	var res bool
-	_, err := manager.Store.GetAccount(accountId)
+	_, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		if s, ok := status.FromError(err); ok && s.Code() == codes.NotFound {
 			res = false
@@ -162,19 +164,19 @@ func (manager *AccountManager) AccountExists(accountId string) (*bool, error) {
 }

 // AddAccount generates a new Account with a provided accountId and saves to the Store
-func (manager *AccountManager) AddAccount(accountId string) (*Account, error) {
+func (am *AccountManager) AddAccount(accountId string) (*Account, error) {

-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	return manager.createAccount(accountId)
+	return am.createAccount(accountId)

 }

-func (manager *AccountManager) createAccount(accountId string) (*Account, error) {
+func (am *AccountManager) createAccount(accountId string) (*Account, error) {
 	account, _ := newAccountWithId(accountId)

-	err := manager.Store.SaveAccount(account)
+	err := am.Store.SaveAccount(account)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed creating account")
 	}
@@ -188,17 +190,19 @@ func newAccountWithId(accountId string) (*Account, *SetupKey) {
 	log.Debugf("creating new account")

 	setupKeys := make(map[string]*SetupKey)
-	setupKey := GenerateDefaultSetupKey()
-	setupKeys[setupKey.Key] = setupKey
+	defaultKey := GenerateDefaultSetupKey()
+	oneOffKey := GenerateSetupKey("One-off key", SetupKeyOneOff, DefaultSetupKeyDuration)
+	setupKeys[defaultKey.Key] = defaultKey
+	setupKeys[oneOffKey.Key] = oneOffKey
 	network := &Network{
 		Id:  uuid.New().String(),
 		Net: net.IPNet{IP: net.ParseIP("100.64.0.0"), Mask: net.IPMask{255, 192, 0, 0}},
 		Dns: ""}
 	peers := make(map[string]*Peer)

-	log.Debugf("created new account %s with setup key %s", accountId, setupKey.Key)
+	log.Debugf("created new account %s with setup key %s", accountId, defaultKey.Key)

-	return &Account{Id: accountId, SetupKeys: setupKeys, Network: network, Peers: peers}, setupKey
+	return &Account{Id: accountId, SetupKeys: setupKeys, Network: network, Peers: peers}, defaultKey
 }

 // newAccount creates a new Account with a default SetupKey (doesn't store in a Store)
--- a/management/server/account_test.go
+++ b/management/server/account_test.go
@@ -17,7 +17,7 @@ func TestAccountManager_AddAccount(t *testing.T) {

 	expectedId := "test_account"
 	expectedPeersSize := 0
-	expectedSetupKeysSize := 1
+	expectedSetupKeysSize := 2
 	expectedNetwork := net.IPNet{
 		IP:   net.IP{100, 64, 0, 0},
 		Mask: net.IPMask{255, 192, 0, 0},
@@ -201,7 +201,7 @@ func createManager(t *testing.T) (*AccountManager, error) {
 	if err != nil {
 		return nil, err
 	}
-	return NewManager(store), nil
+	return NewManager(store, NewPeersUpdateManager()), nil
 }

 func createStore(t *testing.T) (Store, error) {
--- a/management/server/file_store.go
+++ b/management/server/file_store.go
@@ -190,6 +190,22 @@ func (s *FileStore) GetAccountBySetupKey(setupKey string) (*Account, error) {

 	return account, nil
 }
+func (s *FileStore) GetAccountPeers(accountId string) ([]*Peer, error) {
+	s.mux.Lock()
+	defer s.mux.Unlock()
+
+	account, err := s.GetAccount(accountId)
+	if err != nil {
+		return nil, err
+	}
+
+	var peers []*Peer
+	for _, peer := range account.Peers {
+		peers = append(peers, peer)
+	}
+
+	return peers, nil
+}

 func (s *FileStore) GetAccount(accountId string) (*Account, error) {

--- a/management/server/grpcserver.go
+++ b/management/server/grpcserver.go
@@ -118,6 +118,7 @@ func (s *Server) Sync(req *proto.EncryptedMessage, srv proto.ManagementService_S
 			if err != nil {
 				return status.Errorf(codes.Internal, "failed sending update message")
 			}
+			log.Debugf("sent an update to peer %s", peerKey.String())
 		// condition when client <-> server connection has been terminated
 		case <-srv.Context().Done():
 			// happens when connection drops, e.g. client disconnects
@@ -274,7 +275,7 @@ func toWiretrusteeConfig(config *Config, turnCredentials *TURNCredentials) *prot
 			password = turnCredentials.Password
 		} else {
 			username = turn.Username
-			password = string(turn.Password)
+			password = turn.Password
 		}
 		turns = append(turns, &proto.ProtectedHostConfig{
 			HostConfig: &proto.HostConfig{
@@ -302,13 +303,9 @@ func toPeerConfig(peer *Peer) *proto.PeerConfig {
 	}
 }

-func toSyncResponse(config *Config, peer *Peer, peers []*Peer, turnCredentials *TURNCredentials) *proto.SyncResponse {
+func toRemotePeerConfig(peers []*Peer) []*proto.RemotePeerConfig {

-	wtConfig := toWiretrusteeConfig(config, turnCredentials)
-
-	pConfig := toPeerConfig(peer)
-
-	remotePeers := make([]*proto.RemotePeerConfig, 0, len(peers))
+	remotePeers := []*proto.RemotePeerConfig{}
 	for _, rPeer := range peers {
 		remotePeers = append(remotePeers, &proto.RemotePeerConfig{
 			WgPubKey:   rPeer.Key,
@@ -316,10 +313,23 @@ func toSyncResponse(config *Config, peer *Peer, peers []*Peer, turnCredentials *
 		})
 	}

+	return remotePeers
+
+}
+
+func toSyncResponse(config *Config, peer *Peer, peers []*Peer, turnCredentials *TURNCredentials) *proto.SyncResponse {
+
+	wtConfig := toWiretrusteeConfig(config, turnCredentials)
+
+	pConfig := toPeerConfig(peer)
+
+	remotePeers := toRemotePeerConfig(peers)
+
 	return &proto.SyncResponse{
-		WiretrusteeConfig: wtConfig,
-		PeerConfig:        pConfig,
-		RemotePeers:       remotePeers,
+		WiretrusteeConfig:  wtConfig,
+		PeerConfig:         pConfig,
+		RemotePeers:        remotePeers,
+		RemotePeersIsEmpty: len(remotePeers) == 0,
 	}
 }

--- a/management/server/management_test.go
+++ b/management/server/management_test.go
@@ -492,8 +492,8 @@ func startServer(config *server.Config) (*grpc.Server, net.Listener) {
 	if err != nil {
 		log.Fatalf("failed creating a store: %s: %v", config.Datadir, err)
 	}
-	accountManager := server.NewManager(store)
 	peersUpdateManager := server.NewPeersUpdateManager()
+	accountManager := server.NewManager(store, peersUpdateManager)
 	turnManager := server.NewTimeBasedAuthSecretsManager(peersUpdateManager, config.TURNConfig)
 	mgmtServer, err := server.NewServer(config, accountManager, peersUpdateManager, turnManager)
 	Expect(err).NotTo(HaveOccurred())
--- a/management/server/peer.go
+++ b/management/server/peer.go
@@ -1,6 +1,7 @@
 package server

 import (
+	"github.com/wiretrustee/wiretrustee/management/proto"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"net"
@@ -55,11 +56,11 @@ func (p *Peer) Copy() *Peer {
 }

 //GetPeer returns a peer from a Store
-func (manager *AccountManager) GetPeer(peerKey string) (*Peer, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) GetPeer(peerKey string) (*Peer, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	peer, err := manager.Store.GetPeer(peerKey)
+	peer, err := am.Store.GetPeer(peerKey)
 	if err != nil {
 		return nil, err
 	}
@@ -68,16 +69,16 @@ func (manager *AccountManager) GetPeer(peerKey string) (*Peer, error) {
 }

 //MarkPeerConnected marks peer as connected (true) or disconnected (false)
-func (manager *AccountManager) MarkPeerConnected(peerKey string, connected bool) error {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) MarkPeerConnected(peerKey string, connected bool) error {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	peer, err := manager.Store.GetPeer(peerKey)
+	peer, err := am.Store.GetPeer(peerKey)
 	if err != nil {
 		return err
 	}

-	account, err := manager.Store.GetPeerAccount(peerKey)
+	account, err := am.Store.GetPeerAccount(peerKey)
 	if err != nil {
 		return err
 	}
@@ -85,7 +86,7 @@ func (manager *AccountManager) MarkPeerConnected(peerKey string, connected bool)
 	peerCopy := peer.Copy()
 	peerCopy.Status.LastSeen = time.Now()
 	peerCopy.Status.Connected = connected
-	err = manager.Store.SavePeer(account.Id, peerCopy)
+	err = am.Store.SavePeer(account.Id, peerCopy)
 	if err != nil {
 		return err
 	}
@@ -93,18 +94,18 @@ func (manager *AccountManager) MarkPeerConnected(peerKey string, connected bool)
 }

 //RenamePeer changes peer's name
-func (manager *AccountManager) RenamePeer(accountId string, peerKey string, newName string) (*Peer, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) RenamePeer(accountId string, peerKey string, newName string) (*Peer, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	peer, err := manager.Store.GetPeer(peerKey)
+	peer, err := am.Store.GetPeer(peerKey)
 	if err != nil {
 		return nil, err
 	}

 	peerCopy := peer.Copy()
 	peerCopy.Name = newName
-	err = manager.Store.SavePeer(accountId, peerCopy)
+	err = am.Store.SavePeer(accountId, peerCopy)
 	if err != nil {
 		return nil, err
 	}
@@ -113,18 +114,60 @@ func (manager *AccountManager) RenamePeer(accountId string, peerKey string, newN
 }

 //DeletePeer removes peer from the account by it's IP
-func (manager *AccountManager) DeletePeer(accountId string, peerKey string) (*Peer, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
-	return manager.Store.DeletePeer(accountId, peerKey)
+func (am *AccountManager) DeletePeer(accountId string, peerKey string) (*Peer, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()
+
+	peer, err := am.Store.DeletePeer(accountId, peerKey)
+	if err != nil {
+		return nil, err
+	}
+
+	err = am.peersUpdateManager.SendUpdate(peerKey,
+		&UpdateMessage{
+			Update: &proto.SyncResponse{
+				RemotePeers:        []*proto.RemotePeerConfig{},
+				RemotePeersIsEmpty: true,
+			}})
+	if err != nil {
+		return nil, err
+	}
+
+	//notify other peers of the change
+	peers, err := am.Store.GetAccountPeers(accountId)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, p := range peers {
+		peersToSend := []*Peer{}
+		for _, remote := range peers {
+			if p.Key != remote.Key {
+				peersToSend = append(peersToSend, remote)
+			}
+		}
+		update := toRemotePeerConfig(peersToSend)
+		err = am.peersUpdateManager.SendUpdate(p.Key,
+			&UpdateMessage{
+				Update: &proto.SyncResponse{
+					RemotePeers:        update,
+					RemotePeersIsEmpty: len(update) == 0,
+				}})
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	am.peersUpdateManager.CloseChannel(peerKey)
+	return peer, nil
 }

 //GetPeerByIP returns peer by it's IP
-func (manager *AccountManager) GetPeerByIP(accountId string, peerIP string) (*Peer, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) GetPeerByIP(accountId string, peerIP string) (*Peer, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	account, err := manager.Store.GetAccount(accountId)
+	account, err := am.Store.GetAccount(accountId)
 	if err != nil {
 		return nil, status.Errorf(codes.NotFound, "account not found")
 	}
@@ -140,11 +183,11 @@ func (manager *AccountManager) GetPeerByIP(accountId string, peerIP string) (*Pe

 // GetPeersForAPeer returns a list of peers available for a given peer (key)
 // Effectively all the peers of the original peer's account except for the peer itself
-func (manager *AccountManager) GetPeersForAPeer(peerKey string) ([]*Peer, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) GetPeersForAPeer(peerKey string) ([]*Peer, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

-	account, err := manager.Store.GetPeerAccount(peerKey)
+	account, err := am.Store.GetPeerAccount(peerKey)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "Invalid peer key %s", peerKey)
 	}
@@ -165,9 +208,9 @@ func (manager *AccountManager) GetPeersForAPeer(peerKey string) ([]*Peer, error)
 // Each new Peer will be assigned a new next net.IP from the Account.Network and Account.Network.LastIP will be updated (IP's are not reused).
 // If the specified setupKey is empty then a new Account will be created //todo remove this part
 // The peer property is just a placeholder for the Peer properties to pass further
-func (manager *AccountManager) AddPeer(setupKey string, peer Peer) (*Peer, error) {
-	manager.mux.Lock()
-	defer manager.mux.Unlock()
+func (am *AccountManager) AddPeer(setupKey string, peer Peer) (*Peer, error) {
+	am.mux.Lock()
+	defer am.mux.Unlock()

 	upperKey := strings.ToUpper(setupKey)

@@ -178,7 +221,7 @@ func (manager *AccountManager) AddPeer(setupKey string, peer Peer) (*Peer, error
 		// Empty setup key, create a new account for it.
 		account, sk = newAccount()
 	} else {
-		account, err = manager.Store.GetAccountBySetupKey(upperKey)
+		account, err = am.Store.GetAccountBySetupKey(upperKey)
 		if err != nil {
 			return nil, status.Errorf(codes.NotFound, "unknown setupKey %s", upperKey)
 		}
@@ -213,7 +256,7 @@ func (manager *AccountManager) AddPeer(setupKey string, peer Peer) (*Peer, error

 	account.Peers[newPeer.Key] = newPeer
 	account.SetupKeys[sk.Key] = sk.IncrementUsage()
-	err = manager.Store.SaveAccount(account)
+	err = am.Store.SaveAccount(account)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed adding peer")
 	}
--- a/management/server/store.go
+++ b/management/server/store.go
@@ -5,6 +5,7 @@ type Store interface {
 	DeletePeer(accountId string, peerKey string) (*Peer, error)
 	SavePeer(accountId string, peer *Peer) error
 	GetAccount(accountId string) (*Account, error)
+	GetAccountPeers(accountId string) ([]*Peer, error)
 	GetPeerAccount(peerKey string) (*Account, error)
 	GetAccountBySetupKey(setupKey string) (*Account, error)
 	SaveAccount(account *Account) error