feedback

scionproto · Mar 27, 2024 · 6bc3c4b · 6bc3c4b
1 parent 076abf8
commit 6bc3c4b
Show file tree

Hide file tree

Showing 21 changed files with 233 additions and 314 deletions.
diff --git a/control/trust/grpc/BUILD.bazel b/control/trust/grpc/BUILD.bazel
@@ -15,7 +15,6 @@ go_library(
         "//pkg/metrics:go_default_library",
         "//pkg/private/prom:go_default_library",
         "//pkg/private/serrors:go_default_library",
-        "//pkg/private/util:go_default_library",
         "//pkg/proto/control_plane:go_default_library",
         "//pkg/scrypto:go_default_library",
         "//pkg/scrypto/cppki:go_default_library",

diff --git a/control/trust/grpc/material.go b/control/trust/grpc/material.go
@@ -26,7 +26,6 @@ import (
 	"github.com/scionproto/scion/pkg/log"
 	"github.com/scionproto/scion/pkg/metrics"
 	"github.com/scionproto/scion/pkg/private/prom"
-	"github.com/scionproto/scion/pkg/private/util"
 	cppb "github.com/scionproto/scion/pkg/proto/control_plane"
 	"github.com/scionproto/scion/pkg/scrypto/cppki"
 	"github.com/scionproto/scion/private/tracing"
@@ -125,7 +124,7 @@ func setChainsTags(span opentracing.Span, query trust.ChainQuery) {
 	if span != nil {
 		span.SetTag("query.isd_as", query.IA)
 		span.SetTag("query.subject_key_id", fmt.Sprintf("%x", query.SubjectKeyID))
-		span.SetTag("query.date", util.TimeToCompact(query.Date))
+		span.SetTag("query.validity", query.Validity.String())
 	}
 }
 

diff --git a/control/trust/grpc/proto.go b/control/trust/grpc/proto.go
@@ -16,7 +16,6 @@ package grpc
 
 import (
 	"crypto/x509"
-	"time"
 
 	"github.com/scionproto/scion/pkg/addr"
 	"github.com/scionproto/scion/pkg/private/serrors"
@@ -27,30 +26,31 @@ import (
 )
 
 func requestToChainQuery(req *cppb.ChainsRequest) (trust.ChainQuery, error) {
-	var date time.Time
-	if req.Date != nil {
-		if err := req.Date.CheckValid(); err != nil {
-			return trust.ChainQuery{}, serrors.WrapStr("validating date", err)
+	var validity cppki.Validity
+	if req.AtLeastValidUntil != nil {
+		if err := req.AtLeastValidUntil.CheckValid(); err != nil {
+			return trust.ChainQuery{}, serrors.WrapStr("validating at_least_valid_until", err)
 		}
-		date = req.Date.AsTime()
-	}
+		validity.NotAfter = req.AtLeastValidUntil.AsTime()
 
-	var validity cppki.Validity
-	if req.Validity != nil {
-		if err := req.Validity.NotBefore.CheckValid(); err != nil {
-			return trust.ChainQuery{}, serrors.WrapStr("validating not_before", err)
+		// If AtLeastValidUntil is set but AtLeastValidSince is not this request
+		// comes from a legacy client that does not support the new protobuf. In
+		// this case we set AtLeastValidSince to AtLeastValidUntil to get the
+		// same behavior as before.
+		if req.AtLeastValidSince == nil {
+			validity.NotBefore = validity.NotAfter
 		}
-		if err := req.Validity.NotAfter.CheckValid(); err != nil {
-			return trust.ChainQuery{}, serrors.WrapStr("validating not_after", err)
+	}
+	if req.AtLeastValidSince != nil {
+		if err := req.AtLeastValidSince.CheckValid(); err != nil {
+			return trust.ChainQuery{}, serrors.WrapStr("validating at_least_valid_since", err)
 		}
-		validity.NotBefore = req.Validity.NotBefore.AsTime()
-		validity.NotAfter = req.Validity.NotAfter.AsTime()
+		validity.NotBefore = req.AtLeastValidSince.AsTime()
 	}
 
 	return trust.ChainQuery{
 		IA:           addr.IA(req.IsdAs),
 		SubjectKeyID: req.SubjectKeyId,
-		Date:         date,
 		Validity:     validity,
 	}, nil
 }

diff --git a/control/trust/grpc/proto_test.go b/control/trust/grpc/proto_test.go
@@ -32,20 +32,32 @@ import (
 
 func TestReqToChainQuery(t *testing.T) {
 	now := time.Now().UTC()
-	date, err := ptypes.TimestampProto(now)
+	validUntil, err := ptypes.TimestampProto(now)
 	require.NoError(t, err)
+	validSince, err := ptypes.TimestampProto(now.Add(-time.Hour))
 
 	req := &cppb.ChainsRequest{
-		IsdAs:        uint64(xtest.MustParseIA("1-ff00:0:110")),
-		SubjectKeyId: []byte("tank"),
-		Date:         date,
+		IsdAs:             uint64(xtest.MustParseIA("1-ff00:0:110")),
+		SubjectKeyId:      []byte("tank"),
+		AtLeastValidSince: validSince,
+		AtLeastValidUntil: validUntil,
 	}
 
 	query, err := trustgrpc.RequestToChainQuery(req)
 	require.NoError(t, err)
 	assert.Equal(t, addr.IA(req.IsdAs), query.IA)
 	assert.Equal(t, req.SubjectKeyId, query.SubjectKeyID)
-	assert.Equal(t, now, query.Date)
+	assert.Equal(t, now.Add(-time.Hour), query.Validity.NotBefore)
+	assert.Equal(t, now, query.Validity.NotAfter)
+
+	// Test with request from legacy client, i.e., AtLeastValidSince is nil.
+	req.AtLeastValidSince = nil
+	query, err = trustgrpc.RequestToChainQuery(req)
+	require.NoError(t, err)
+	assert.Equal(t, addr.IA(req.IsdAs), query.IA)
+	assert.Equal(t, req.SubjectKeyId, query.SubjectKeyID)
+	assert.Equal(t, now, query.Validity.NotBefore)
+	assert.Equal(t, now, query.Validity.NotAfter)
 }
 
 func TestReqToTRCQuery(t *testing.T) {