Add chronicles.formatIt for PublicKey.

Fix logs. Rename checkFilePermissions to checkSensitiveFilePermissions.
2025-02-17 00:47:03 +00:00 · 2020-09-30 14:47:42 +03:00 · 2020-09-30 14:47:42 +03:00 · f091c8d4df
commit f091c8d4df
parent dd8b73c85c
3 changed files with 12 additions and 14 deletions
--- a/beacon_chain/beacon_node.nim
+++ b/beacon_chain/beacon_node.nim
@ -1331,7 +1331,7 @@ programMain:
    of WalletsCmd.list:
      for kind, walletFile in walkDir(config.walletsDir):
        if kind != pcFile: continue
-        if checkFilePermissions(walletFile):
+        if checkSensitiveFilePermissions(walletFile):
          let walletRes = loadWallet(walletFile)
          if walletRes.isOk:
            echo walletRes.get.longName
--- a/beacon_chain/eth2_network.nim
+++ b/beacon_chain/eth2_network.nim
@ -279,6 +279,7 @@ template libp2pProtocol*(name: string, version: int) {.pragma.}

 func shortLog*(peer: Peer): string = shortLog(peer.info.peerId)
 chronicles.formatIt(Peer): shortLog(it)
+chronicles.formatIt(PublicKey): byteutils.toHex(it.getBytes().tryGet())

 template remote*(peer: Peer): untyped =
  peer.info.peerId
@ -1215,8 +1216,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
        quit QuitFailure
      let privKey = res.get()
      let pubKey = privKey.getKey().tryGet()
-      info "Using random network key",
-           network_public_key = byteutils.toHex(pubKey.getBytes().tryGet())
+      info "Using random network key", network_public_key = pubKey
      return KeyPair(seckey: privKey, pubkey: privKey.getKey().tryGet())
    else:
      let keyPath =
@ -1242,8 +1242,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
        let privKey = res.get()
        let pubKey = privKey.getKey().tryGet()
        info "Network key storage was successfully unlocked",
-             key_path = keyPath,
-             network_public_key = byteutils.toHex(pubKey.getBytes().tryGet())
+             key_path = keyPath, network_public_key = pubKey
        return KeyPair(seckey: privKey, pubkey: pubKey)
      else:
        info "Network key storage is missing, creating a new one",
@ -1269,7 +1268,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
          quit QuitFailure

        info "New network key storage was created", key_path = keyPath,
-             network_public_key = byteutils.toHex(pubKey.getBytes().tryGet())
+             network_public_key = pubKey
        return KeyPair(seckey: privKey, pubkey: pubKey)

  of createTestnet:
@ -1304,7 +1303,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
      quit QuitFailure

    info "New network key storage was created", key_path = keyPath,
-         network_public_key = byteutils.toHex(pubKey.getBytes().tryGet())
+         network_public_key = pubKey

    return KeyPair(seckey: privKey, pubkey: privkey.getKey().tryGet())
  else:
@ -1332,11 +1331,10 @@ proc createEth2Node*(rng: ref BrHmacDrbgContext,
    hostAddress = tcpEndPoint(conf.listenAddress, conf.tcpPort)
    announcedAddresses = if extIp.isNone(): @[]
                         else: @[tcpEndPoint(extIp.get(), extTcpPort)]
-  let networkPublicKey = byteutils.toHex(netKeys.pubkey.getBytes().tryGet())
-  notice "Initializing networking", hostAddress,
-                                  networkPublicKey,
-                                  announcedAddresses

+  info "Initializing networking", hostAddress,
+                                  network_public_key = netKeys.pubkey,
+                                  announcedAddresses

  # TODO nim-libp2p still doesn't have support for announcing addresses
  # that are different from the host address (this is relevant when we
--- a/beacon_chain/keystore_management.nim
+++ b/beacon_chain/keystore_management.nim
@ -86,7 +86,7 @@ proc checkAndCreateDataDir*(dataDir: string): bool =
    fatal "Unsupported operation system"
    return false

-proc checkFilePermissions*(filePath: string): bool =
+proc checkSensitiveFilePermissions*(filePath: string): bool =
  ## Check if ``filePath`` has only "(600) rw-------" permissions.
  ## Procedure returns ``false`` if permissions are different
  when defined(windows):
@ -189,7 +189,7 @@ proc loadKeystore(validatorsDir, secretsDir, keyName: string,

  let passphrasePath = secretsDir / keyName
  if fileExists(passphrasePath):
-    if not(checkFilePermissions(passphrasePath)):
+    if not(checkSensitiveFilePermissions(passphrasePath)):
      error "Password file has insecure permissions", key_path = keyStorePath
      return

@ -275,7 +275,7 @@ type
 proc loadNetKeystore*(keyStorePath: string,
                      insecurePwd: Option[string]): Option[lcrypto.PrivateKey] =

-  if not(checkFilePermissions(keystorePath)):
+  if not(checkSensitiveFilePermissions(keystorePath)):
    error "Network keystorage file has insecure permissions",
          key_path = keyStorePath
    return