From 5bfcd75f9dd605cd6c03100fd5755b9fa4b9af75 Mon Sep 17 00:00:00 2001
From: Michele Tartara <mtartara@google.com>
Date: Mon, 17 Dec 2012 15:34:17 +0100
Subject: [PATCH] Make the parseRequest function more general

The parseRequest function of the Confd utils can be used to parse both request
(in the server) and reply (in the client, soon to be implemented) signed
messages.
This patch changes the signature of the function to allow this, and its name
accordingly.

A unit test is updated as well.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
---
 htest/Test/Ganeti/Confd/Utils.hs |  3 ++-
 htools/Ganeti/Confd/Utils.hs     | 18 ++++++++++--------
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/htest/Test/Ganeti/Confd/Utils.hs b/htest/Test/Ganeti/Confd/Utils.hs
index 128a78ed2..38b9dc37b 100644
--- a/htest/Test/Ganeti/Confd/Utils.hs
+++ b/htest/Test/Ganeti/Confd/Utils.hs
@@ -82,7 +82,8 @@ prop_bad_key salt crq =
   let signed = Confd.Utils.signMessage key_sign salt (J.encode crq)
       encoded = J.encode signed
   in printTestCase ("Accepted message signed with different key" ++ encoded) $
-     Confd.Utils.parseRequest key_verify encoded ==?
+     (Confd.Utils.parseSignedMessage key_verify encoded
+      :: BasicTypes.Result (String, String, Confd.ConfdRequest)) ==?
        BasicTypes.Bad "HMAC verification failed"
 
 testSuite "Confd/Utils"
diff --git a/htools/Ganeti/Confd/Utils.hs b/htools/Ganeti/Confd/Utils.hs
index d0e60a340..28fba0653 100644
--- a/htools/Ganeti/Confd/Utils.hs
+++ b/htools/Ganeti/Confd/Utils.hs
@@ -28,7 +28,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 
 module Ganeti.Confd.Utils
   ( getClusterHmac
-  , parseRequest
+  , parseSignedMessage
   , parseMessage
   , signMessage
   , getCurrentTime
@@ -54,21 +54,23 @@ maxClockSkew = fromIntegral C.confdMaxClockSkew
 getClusterHmac :: IO HashKey
 getClusterHmac = Path.confdHmacKey >>= fmap B.unpack . B.readFile
 
--- | Parses a signed request.
-parseRequest :: HashKey -> String -> Result (String, String, ConfdRequest)
-parseRequest key str = do
-  (SignedMessage hmac msg salt) <- fromJResult "parsing request" $ J.decode str
-  req <- if verifyMac key (Just salt) msg hmac
+-- | Parses a signed message.
+parseSignedMessage :: (J.JSON a) => HashKey -> String
+                   -> Result (String, String, a)
+parseSignedMessage key str = do
+  (SignedMessage hmac msg salt) <- fromJResult "parsing signed message"
+    $ J.decode str
+  parsedMsg <- if verifyMac key (Just salt) msg hmac
            then fromJResult "parsing message" $ J.decode msg
            else Bad "HMAC verification failed"
-  return (salt, msg, req)
+  return (salt, msg, parsedMsg)
 
 -- | Message parsing. This can either result in a good, valid message,
 -- or fail in the Result monad.
 parseMessage :: HashKey -> String -> Integer
              -> Result (String, ConfdRequest)
 parseMessage hmac msg curtime = do
-  (salt, origmsg, request) <- parseRequest hmac msg
+  (salt, origmsg, request) <- parseSignedMessage hmac msg
   ts <- tryRead "Parsing timestamp" salt::Result Integer
   if abs (ts - curtime) > maxClockSkew
     then fail "Too old/too new timestamp or clock skew"
-- 
GitLab