status-im/nimbus-eth2
2
0
Fork 0
mirror of https://github.com/status-im/nimbus-eth2.git synced 2025-02-21 10:48:17 +00:00
Code Issues Projects Releases Wiki Activity

Add chronicles.formatIt for PublicKey.

Browse Source 
Fix logs.
Rename checkFilePermissions to checkSensitiveFilePermissions.
This commit is contained in:
cheatfate 2020-09-30 14:47:42 +03:00 committed by zah
parent dd8b73c85c
commit f091c8d4df
3 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
beacon_chain/beacon_node.nim
View File

@ -1331,7 +1331,7 @@ programMain:
of WalletsCmd.list: of WalletsCmd.list:
for kind, walletFile in walkDir(config.walletsDir): for kind, walletFile in walkDir(config.walletsDir):
if kind != pcFile: continue if kind != pcFile: continue
if checkFilePermissions(walletFile): if checkSensitiveFilePermissions(walletFile):
let walletRes = loadWallet(walletFile) let walletRes = loadWallet(walletFile)
if walletRes.isOk: if walletRes.isOk:
echo walletRes.get.longName echo walletRes.get.longName

18
beacon_chain/eth2_network.nim
View File

@ -279,6 +279,7 @@ template libp2pProtocol*(name: string, version: int) {.pragma.}
func shortLog*(peer: Peer): string = shortLog(peer.info.peerId) func shortLog*(peer: Peer): string = shortLog(peer.info.peerId)
chronicles.formatIt(Peer): shortLog(it) chronicles.formatIt(Peer): shortLog(it)
chronicles.formatIt(PublicKey): byteutils.toHex(it.getBytes().tryGet())
template remote*(peer: Peer): untyped = template remote*(peer: Peer): untyped =
peer.info.peerId peer.info.peerId
@ -1215,8 +1216,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
quit QuitFailure quit QuitFailure
let privKey = res.get() let privKey = res.get()
let pubKey = privKey.getKey().tryGet() let pubKey = privKey.getKey().tryGet()
info "Using random network key", info "Using random network key", network_public_key = pubKey
network_public_key = byteutils.toHex(pubKey.getBytes().tryGet())
return KeyPair(seckey: privKey, pubkey: privKey.getKey().tryGet()) return KeyPair(seckey: privKey, pubkey: privKey.getKey().tryGet())
else: else:
let keyPath = let keyPath =
@ -1242,8 +1242,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
let privKey = res.get() let privKey = res.get()
let pubKey = privKey.getKey().tryGet() let pubKey = privKey.getKey().tryGet()
info "Network key storage was successfully unlocked", info "Network key storage was successfully unlocked",
key_path = keyPath, key_path = keyPath, network_public_key = pubKey
network_public_key = byteutils.toHex(pubKey.getBytes().tryGet())
return KeyPair(seckey: privKey, pubkey: pubKey) return KeyPair(seckey: privKey, pubkey: pubKey)
else: else:
info "Network key storage is missing, creating a new one", info "Network key storage is missing, creating a new one",
@ -1269,7 +1268,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
quit QuitFailure quit QuitFailure
info "New network key storage was created", key_path = keyPath, info "New network key storage was created", key_path = keyPath,
network_public_key = byteutils.toHex(pubKey.getBytes().tryGet()) network_public_key = pubKey
return KeyPair(seckey: privKey, pubkey: pubKey) return KeyPair(seckey: privKey, pubkey: pubKey)
of createTestnet: of createTestnet:
@ -1304,7 +1303,7 @@ proc getPersistentNetKeys*(rng: var BrHmacDrbgContext,
quit QuitFailure quit QuitFailure
info "New network key storage was created", key_path = keyPath, info "New network key storage was created", key_path = keyPath,
network_public_key = byteutils.toHex(pubKey.getBytes().tryGet()) network_public_key = pubKey
return KeyPair(seckey: privKey, pubkey: privkey.getKey().tryGet()) return KeyPair(seckey: privKey, pubkey: privkey.getKey().tryGet())
else: else:
@ -1332,11 +1331,10 @@ proc createEth2Node*(rng: ref BrHmacDrbgContext,
hostAddress = tcpEndPoint(conf.listenAddress, conf.tcpPort) hostAddress = tcpEndPoint(conf.listenAddress, conf.tcpPort)
announcedAddresses = if extIp.isNone(): @[] announcedAddresses = if extIp.isNone(): @[]
else: @[tcpEndPoint(extIp.get(), extTcpPort)] else: @[tcpEndPoint(extIp.get(), extTcpPort)]
let networkPublicKey = byteutils.toHex(netKeys.pubkey.getBytes().tryGet())
notice "Initializing networking", hostAddress,
networkPublicKey,
announcedAddresses
info "Initializing networking", hostAddress,
network_public_key = netKeys.pubkey,
announcedAddresses
# TODO nim-libp2p still doesn't have support for announcing addresses # TODO nim-libp2p still doesn't have support for announcing addresses
# that are different from the host address (this is relevant when we # that are different from the host address (this is relevant when we

6
beacon_chain/keystore_management.nim
View File

@ -86,7 +86,7 @@ proc checkAndCreateDataDir*(dataDir: string): bool =
fatal "Unsupported operation system" fatal "Unsupported operation system"
return false return false
proc checkFilePermissions*(filePath: string): bool = proc checkSensitiveFilePermissions*(filePath: string): bool =
## Check if ``filePath`` has only "(600) rw-------" permissions. ## Check if ``filePath`` has only "(600) rw-------" permissions.
## Procedure returns ``false`` if permissions are different ## Procedure returns ``false`` if permissions are different
when defined(windows): when defined(windows):
@ -189,7 +189,7 @@ proc loadKeystore(validatorsDir, secretsDir, keyName: string,
let passphrasePath = secretsDir / keyName let passphrasePath = secretsDir / keyName
if fileExists(passphrasePath): if fileExists(passphrasePath):
if not(checkFilePermissions(passphrasePath)): if not(checkSensitiveFilePermissions(passphrasePath)):
error "Password file has insecure permissions", key_path = keyStorePath error "Password file has insecure permissions", key_path = keyStorePath
return return
@ -275,7 +275,7 @@ type
proc loadNetKeystore*(keyStorePath: string, proc loadNetKeystore*(keyStorePath: string,
insecurePwd: Option[string]): Option[lcrypto.PrivateKey] = insecurePwd: Option[string]): Option[lcrypto.PrivateKey] =
if not(checkFilePermissions(keystorePath)): if not(checkSensitiveFilePermissions(keystorePath)):
error "Network keystorage file has insecure permissions", error "Network keystorage file has insecure permissions",
key_path = keyStorePath key_path = keyStorePath
return return