Revision 1a0defea

b/htest/Test/Ganeti/Confd/Utils.hs
67 67
                    \ timestamp, got " ++ show ts_bad)
68 68
       (ts_bad ==? BasicTypes.Bad "Too old/too new timestamp or clock skew")
69 69

  
70
-- | Tests that a ConfdReply can be properly encoded, signed and parsed using
71
-- the proper salt, but fails parsing with the wrong salt.
72
prop_rep_salt :: Hash.HashKey     -- ^ The hash key
73
              -> Confd.ConfdReply -- ^ A Confd reply
74
              -> Property
75
prop_rep_salt hmac reply =
76
  forAll arbitrary $ \salt1 ->
77
  forAll (arbitrary `suchThat` (/= salt1)) $ \salt2 ->
78
  let innerMsg = J.encode reply
79
      msg = J.encode $ Confd.Utils.signMessage hmac salt1 innerMsg
80
  in
81
    Confd.Utils.parseReply hmac msg salt1 ==? BasicTypes.Ok (innerMsg, reply)
82
      .&&. Confd.Utils.parseReply hmac msg salt2 ==?
83
           BasicTypes.Bad "The received salt differs from the expected salt"
84

  
70 85
-- | Tests that signing with a different key fails detects failure
71 86
-- correctly.
72 87
prop_bad_key :: String             -- ^ Salt
......
88 103

  
89 104
testSuite "Confd/Utils"
90 105
  [ 'prop_req_sign
106
  , 'prop_rep_salt
91 107
  , 'prop_bad_key
92 108
  ]
b/htools/Ganeti/Confd/Utils.hs
30 30
  ( getClusterHmac
31 31
  , parseSignedMessage
32 32
  , parseRequest
33
  , parseReply
33 34
  , signMessage
34 35
  , getCurrentTime
35 36
  ) where
......
65 66
           else Bad "HMAC verification failed"
66 67
  return (salt, msg, parsedMsg)
67 68

  
68
-- | Message parsing. This can either result in a good, valid message,
69
-- or fail in the Result monad.
69
-- | Message parsing. This can either result in a good, valid request
70
-- message, or fail in the Result monad.
70 71
parseRequest :: HashKey -> String -> Integer
71 72
             -> Result (String, ConfdRequest)
72 73
parseRequest hmac msg curtime = do
......
76 77
    then fail "Too old/too new timestamp or clock skew"
77 78
    else return (origmsg, request)
78 79

  
80
-- | Message parsing. This can either result in a good, valid reply
81
-- message, or fail in the Result monad.
82
-- It also checks that the salt in the message corresponds to the one
83
-- that is expected
84
parseReply :: HashKey -> String -> String -> Result (String, ConfdReply)
85
parseReply hmac msg expSalt = do
86
  (salt, origmsg, reply) <- parseSignedMessage hmac msg
87
  if salt /= expSalt
88
    then fail "The received salt differs from the expected salt"
89
    else return (origmsg, reply)
90

  
79 91
-- | Signs a message with a given key and salt.
80 92
signMessage :: HashKey -> String -> String -> SignedMessage
81 93
signMessage key salt msg =

Also available in: Unified diff