extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-08-08 23:05:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use Peer.ID instead of Peer.Key as peer identifier (#664)

Browse Source 
Replace Peer.Key as internal identifier with a randomly generated Peer.ID 
in the Management service.
Every group now references peers by ID instead of a public key.
Every route now references peers by ID instead of a public key.
FileStore does store.json file migration on startup by generating Peer.ID and replacing
all Peer.Key identifier references .
This commit is contained in:
Misha Bragin
2023-02-03 10:33:28 +01:00
committed by GitHub
parent 9e408b5bbc
commit 9adadfade4
22 changed files with 485 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
management/server/route_test.go
View File

@ -12,6 +12,8 @@ import (
const (
peer1Key = "BhRPtynAAYRDy08+q4HTMsos8fs4plTP4NOSh7C1ry8="
peer2Key = "/yF0+vCfv+mRR5k0dca0TrGdO/oiNeAI58gToZm5NyI="
peer1ID = "peer-1-id"
peer2ID = "peer-2-id"
routeGroup1 = "routeGroup1"
routeGroup2 = "routeGroup2"
routeInvalidGroup1 = "routeInvalidGroup1"
@ -23,7 +25,7 @@ func TestCreateRoute(t *testing.T) {
type input struct {
network string
netID string
peer string
peerKey string
description string
masquerade bool
metric int
@ -43,7 +45,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "happy",
peer: peer1Key,
peerKey: peer1ID,
description: "super",
masquerade: false,
metric: 9999,
@ -56,7 +58,7 @@ func TestCreateRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetworkType: route.IPv4Network,
NetID: "happy",
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -69,7 +71,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/34",
netID: "happy",
peer: peer1Key,
peerKey: peer1ID,
description: "super",
masquerade: false,
metric: 9999,
@ -84,7 +86,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "happy",
peer: "notExistingPeer",
peerKey: "notExistingPeer",
description: "super",
masquerade: false,
metric: 9999,
@ -99,7 +101,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "happy",
peer: "",
peerKey: "",
description: "super",
masquerade: false,
metric: 9999,
@ -124,7 +126,7 @@ func TestCreateRoute(t *testing.T) {
name: "Large Metric Should Fail",
inputArgs: input{
network: "192.168.0.0/16",
peer: peer1Key,
peerKey: peer1ID,
netID: "happy",
description: "super",
masquerade: false,
@ -140,7 +142,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "happy",
peer: peer1Key,
peerKey: peer1ID,
description: "super",
masquerade: false,
metric: 0,
@ -154,7 +156,7 @@ func TestCreateRoute(t *testing.T) {
name: "Large NetID Should Fail",
inputArgs: input{
network: "192.168.0.0/16",
peer: peer1Key,
peerKey: peer1ID,
netID: "12345678901234567890qwertyuiopqwertyuiop1",
description: "super",
masquerade: false,
@ -170,7 +172,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "",
peer: peer1Key,
peerKey: peer1ID,
description: "",
masquerade: false,
metric: 9999,
@ -185,7 +187,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "NewId",
peer: peer1Key,
peerKey: peer1ID,
description: "",
masquerade: false,
metric: 9999,
@ -200,7 +202,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "NewId",
peer: peer1Key,
peerKey: peer1ID,
description: "",
masquerade: false,
metric: 9999,
@ -215,7 +217,7 @@ func TestCreateRoute(t *testing.T) {
inputArgs: input{
network: "192.168.0.0/16",
netID: "NewId",
peer: peer1Key,
peerKey: peer1ID,
description: "",
masquerade: false,
metric: 9999,
@ -238,18 +240,10 @@ func TestCreateRoute(t *testing.T) {
t.Error("failed to init testing account")
}
peerIP := "99.99.99.99"
peer := account.Peers[testCase.inputArgs.peer]
if testCase.inputArgs.peer == "" {
peerIP = ""
} else if peer != nil {
peerIP = peer.IP.String()
}
outRoute, err := am.CreateRoute(
account.Id,
testCase.inputArgs.network,
peerIP,
testCase.inputArgs.peerKey,
testCase.inputArgs.description,
testCase.inputArgs.netID,
testCase.inputArgs.masquerade,
@ -278,7 +272,7 @@ func TestCreateRoute(t *testing.T) {
func TestSaveRoute(t *testing.T) {
validPeer := peer2Key
validPeer := peer2ID
invalidPeer := "nonExisting"
validPrefix := netip.MustParsePrefix("192.168.0.0/24")
invalidPrefix, _ := netip.ParsePrefix("192.168.0.0/34")
@ -306,7 +300,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -339,7 +333,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -356,7 +350,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -373,7 +367,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -390,7 +384,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: invalidNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -407,7 +401,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -424,7 +418,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -441,7 +435,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -458,7 +452,7 @@ func TestSaveRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: validNetID,
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -495,7 +489,6 @@ func TestSaveRoute(t *testing.T) {
if testCase.newPeer != nil {
routeToSave.Peer = *testCase.newPeer
}
if testCase.newMetric != nil {
routeToSave.Metric = *testCase.newMetric
}
@ -541,7 +534,7 @@ func TestUpdateRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: "superRoute",
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -563,7 +556,7 @@ func TestUpdateRoute(t *testing.T) {
operations: []RouteUpdateOperation{
{
Type: UpdateRoutePeer,
Values: []string{peer2Key},
Values: []string{peer2ID},
},
},
errFunc: require.NoError,
@ -573,7 +566,7 @@ func TestUpdateRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: "superRoute",
NetworkType: route.IPv4Network,
Peer: peer2Key,
Peer: peer2ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -595,7 +588,7 @@ func TestUpdateRoute(t *testing.T) {
},
{
Type: UpdateRoutePeer,
Values: []string{peer2Key},
Values: []string{peer2ID},
},
{
Type: UpdateRouteMetric,
@ -625,7 +618,7 @@ func TestUpdateRoute(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/24"),
NetID: "megaRoute",
NetworkType: route.IPv4Network,
Peer: peer2Key,
Peer: peer2ID,
Description: "great",
Masquerade: true,
Metric: 3030,
@ -649,7 +642,7 @@ func TestUpdateRoute(t *testing.T) {
operations: []RouteUpdateOperation{
{
Type: UpdateRoutePeer,
Values: []string{peer2Key, peer1Key},
Values: []string{peer2ID, peer1ID},
},
},
errFunc: require.Error,
@ -847,7 +840,7 @@ func TestGetNetworkMap_RouteSync(t *testing.T) {
Network: netip.MustParsePrefix("192.168.0.0/16"),
NetID: "superNet",
NetworkType: route.IPv4Network,
Peer: peer1Key,
Peer: peer1ID,
Description: "super",
Masquerade: false,
Metric: 9999,
@ -865,39 +858,42 @@ func TestGetNetworkMap_RouteSync(t *testing.T) {
t.Error("failed to init testing account")
}
newAccountRoutes, err := am.GetNetworkMap(peer1Key)
newAccountRoutes, err := am.GetNetworkMap(peer1ID)
require.NoError(t, err)
require.Len(t, newAccountRoutes.Routes, 0, "new accounts should have no routes")
peer := account.Peers[baseRoute.Peer]
createdRoute, err := am.CreateRoute(account.Id, baseRoute.Network.String(), peer.IP.String(),
createdRoute, err := am.CreateRoute(account.Id, baseRoute.Network.String(), peer1ID,
baseRoute.Description, baseRoute.NetID, baseRoute.Masquerade, baseRoute.Metric, baseRoute.Groups, false,
userID)
require.NoError(t, err)
noDisabledRoutes, err := am.GetNetworkMap(peer1Key)
noDisabledRoutes, err := am.GetNetworkMap(peer1ID)
require.NoError(t, err)
require.Len(t, noDisabledRoutes.Routes, 0, "no routes for disabled routes")
enabledRoute := createdRoute.Copy()
enabledRoute.Enabled = true
// network map contains route.Route objects that have Route.Peer field filled with Peer.Key instead of Peer.ID
expectedRoute := enabledRoute.Copy()
expectedRoute.Peer = peer1Key
err = am.SaveRoute(account.Id, userID, enabledRoute)
require.NoError(t, err)
peer1Routes, err := am.GetNetworkMap(peer1Key)
peer1Routes, err := am.GetNetworkMap(peer1ID)
require.NoError(t, err)
require.Len(t, peer1Routes.Routes, 1, "we should receive one route for peer1")
require.True(t, enabledRoute.IsEqual(peer1Routes.Routes[0]), "received route should be equal")
require.True(t, expectedRoute.IsEqual(peer1Routes.Routes[0]), "received route should be equal")
peer2Routes, err := am.GetNetworkMap(peer2Key)
peer2Routes, err := am.GetNetworkMap(peer2ID)
require.NoError(t, err)
require.Len(t, peer2Routes.Routes, 0, "no routes for peers not in the distribution group")
err = am.GroupAddPeer(account.Id, routeGroup1, peer2Key)
err = am.GroupAddPeer(account.Id, routeGroup1, peer2ID)
require.NoError(t, err)
peer2Routes, err = am.GetNetworkMap(peer2Key)
peer2Routes, err = am.GetNetworkMap(peer2ID)
require.NoError(t, err)
require.Len(t, peer2Routes.Routes, 1, "we should receive one route")
require.True(t, peer1Routes.Routes[0].IsEqual(peer2Routes.Routes[0]), "routes should be the same for peers in the same group")
@ -905,7 +901,7 @@ func TestGetNetworkMap_RouteSync(t *testing.T) {
newGroup := &Group{
ID: xid.New().String(),
Name: "peer1 group",
Peers: []string{peer1Key},
Peers: []string{peer1ID},
}
err = am.SaveGroup(account.Id, userID, newGroup)
require.NoError(t, err)
@ -926,18 +922,18 @@ func TestGetNetworkMap_RouteSync(t *testing.T) {
err = am.DeleteRule(account.Id, defaultRule.ID, userID)
require.NoError(t, err)
peer1GroupRoutes, err := am.GetNetworkMap(peer1Key)
peer1GroupRoutes, err := am.GetNetworkMap(peer1ID)
require.NoError(t, err)
require.Len(t, peer1GroupRoutes.Routes, 1, "we should receive one route for peer1")
peer2GroupRoutes, err := am.GetNetworkMap(peer2Key)
peer2GroupRoutes, err := am.GetNetworkMap(peer2ID)
require.NoError(t, err)
require.Len(t, peer2GroupRoutes.Routes, 0, "we should not receive routes for peer2")
err = am.DeleteRoute(account.Id, enabledRoute.ID, userID)
require.NoError(t, err)
peer1DeletedRoute, err := am.GetNetworkMap(peer1Key)
peer1DeletedRoute, err := am.GetNetworkMap(peer1ID)
require.NoError(t, err)
require.Len(t, peer1DeletedRoute.Routes, 0, "we should receive one route for peer1")
@ -964,9 +960,27 @@ func createRouterStore(t *testing.T) (Store, error) {
func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, error) {
accountID := "testingAcc"
domain := "example.com"
account := newAccountWithId(accountID, userID, domain)
err := am.Store.SaveAccount(account)
if err != nil {
return nil, err
}
ips := account.getTakenIPs()
peer1IP, err := AllocatePeerIP(account.Network.Net, ips)
if err != nil {
return nil, err
}
peer1 := &Peer{
Key: peer1Key,
Name: "test-host1@netbird.io",
IP: peer1IP,
ID: peer1ID,
Key: peer1Key,
Name: "test-host1@netbird.io",
UserID: userID,
Meta: PeerSystemMeta{
Hostname: "test-host1@netbird.io",
GoOS: "linux",
@ -978,9 +992,20 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
UIVersion: "development",
},
}
account.Peers[peer1.ID] = peer1
ips = account.getTakenIPs()
peer2IP, err := AllocatePeerIP(account.Network.Net, ips)
if err != nil {
return nil, err
}
peer2 := &Peer{
Key: peer2Key,
Name: "test-host2@netbird.io",
IP: peer2IP,
ID: peer2ID,
Key: peer2Key,
Name: "test-host2@netbird.io",
UserID: userID,
Meta: PeerSystemMeta{
Hostname: "test-host2@netbird.io",
GoOS: "linux",
@ -992,28 +1017,29 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
UIVersion: "development",
},
}
account.Peers[peer2.ID] = peer2
accountID := "testingAcc"
domain := "example.com"
account := newAccountWithId(accountID, userID, domain)
err := am.Store.SaveAccount(account)
err = am.Store.SaveAccount(account)
if err != nil {
return nil, err
}
groupAll, err := account.GetGroupAll()
if err != nil {
return nil, err
}
err = am.GroupAddPeer(accountID, groupAll.ID, peer1ID)
if err != nil {
return nil, err
}
err = am.GroupAddPeer(accountID, groupAll.ID, peer2ID)
if err != nil {
return nil, err
}
_, err = am.AddPeer("", userID, peer1)
if err != nil {
return nil, err
}
_, err = am.AddPeer("", userID, peer2)
if err != nil {
return nil, err
}
newGroup := &Group{
ID: routeGroup1,
Name: routeGroup1,
Peers: []string{peer1Key},
Peers: []string{peer1.ID},
}
err = am.SaveGroup(accountID, userID, newGroup)
if err != nil {
@ -1023,7 +1049,7 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
newGroup = &Group{
ID: routeGroup2,
Name: routeGroup2,
Peers: []string{peer1Key},
Peers: []string{peer2.ID},
}
err = am.SaveGroup(accountID, userID, newGroup)