From 85b8a13a8e3abfc57ae66ff81f4dd2fdae5fe82e Mon Sep 17 00:00:00 2001 From: rohrerj <26304001+rohrerj@users.noreply.github.com> Date: Thu, 7 Dec 2023 09:06:13 +0100 Subject: [PATCH] daemon: error out when using drkey endpoints without configured drkey (#4453) I found a bug in the SCION daemon. If you create a SCION daemon connection and call one of the drkey endpoints without first setting the configuration value "drkey_level2_db.Connection" to something meaningful, the SCION daemon will encounter an error like that and crash: ``` panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0xb82d33] ``` This bug can easily be reproduced by running a code snippet like this for a SCION daemon that has no drkey configured: ``` sd, _ := daemon.NewService(daemonAddr).Connect(ctx) sd.DRKeyGetASHostKey(ctx, drkey.ASHostMeta{}) ``` The problem is that in the file "daemon/internal/servers/grpc.go", when the drkey endpoints are called, DaemonServer.DRKeyClient is nil if it is not configured as described above. Fixed by explicitly checking whether DRKey is available and erroring out if it is not. --- daemon/internal/servers/grpc.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/daemon/internal/servers/grpc.go b/daemon/internal/servers/grpc.go index b9e7af48fe..dd2cb43bc7 100644 --- a/daemon/internal/servers/grpc.go +++ b/daemon/internal/servers/grpc.go @@ -356,6 +356,9 @@ func (s *DaemonServer) DRKeyASHost( req *pb_daemon.DRKeyASHostRequest, ) (*pb_daemon.DRKeyASHostResponse, error) { + if s.DRKeyClient == nil { + return nil, serrors.New("DRKey is not available") + } meta, err := requestToASHostMeta(req) if err != nil { return nil, serrors.WrapStr("parsing protobuf ASHostReq", err) @@ -378,6 +381,9 @@ func (s *DaemonServer) DRKeyHostAS( req *pb_daemon.DRKeyHostASRequest, ) (*pb_daemon.DRKeyHostASResponse, error) { + if s.DRKeyClient == nil { + return nil, serrors.New("DRKey is not available") + } meta, err := requestToHostASMeta(req) if err != nil { return nil, serrors.WrapStr("parsing protobuf HostASReq", err) @@ -400,6 +406,9 @@ func (s *DaemonServer) DRKeyHostHost( req *pb_daemon.DRKeyHostHostRequest, ) (*pb_daemon.DRKeyHostHostResponse, error) { + if s.DRKeyClient == nil { + return nil, serrors.New("DRKey is not available") + } meta, err := requestToHostHostMeta(req) if err != nil { return nil, serrors.WrapStr("parsing protobuf HostHostReq", err)