Skip to content

Commit

Permalink
Also prevent overwriting backup key
Browse files Browse the repository at this point in the history
  • Loading branch information
@fasmat
fasmat committed Mar 15, 2024
1 parent 4a44bba commit e57bcfa
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 1 deletion.
11 changes: 11 additions & 0 deletions node/node_identities.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,17 @@ func (app *App) MigrateExistingIdentity() error {
return fmt.Errorf("stat %s: %w", newKey, err)

Check warning on line 79 in node/node_identities.go

View check run for this annotation

Codecov / codecov/patch

node/node_identities.go#L78-L79 

Added lines #L78 - L79 were not covered by tests
}

_, err = os.Stat(oldKey + ".bak")
switch {
case errors.Is(err, fs.ErrNotExist):
// no backup, migrate old to new
case err == nil:
// backup already exists - something is wrong
return fmt.Errorf("%w: backup %s already exists", fs.ErrExist, oldKey+".bak")
case err != nil:
return fmt.Errorf("stat %s: %w", oldKey+".bak", err)

Check warning on line 90 in node/node_identities.go

View check run for this annotation

Codecov / codecov/patch

node/node_identities.go#L89-L90 

Added lines #L89 - L90 were not covered by tests
}

dst, err := os.Create(newKey)
if err != nil {
return fmt.Errorf("failed to create new identity file: %w", err)
Expand Down
36 changes: 35 additions & 1 deletion node/node_identities_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ func Test_MigrateExistingIdentity(t *testing.T) {

err = app.MigrateExistingIdentity()
require.ErrorIs(t, err, fs.ErrExist)
require.ErrorContains(t, err, "file already exists")
require.ErrorContains(t, err, fmt.Sprintf("both %s and %s exist", newKey, oldKey))
require.FileExists(t, newKey)
require.FileExists(t, oldKey)

Expand All @@ -277,4 +277,38 @@ func Test_MigrateExistingIdentity(t *testing.T) {
require.NoError(t, err)
require.Equal(t, []byte(sigOld.PrivateKey()), oldKeyBin)
})

t.Run("migrate with an already existing backup", func(t *testing.T) {
app := New(WithLog(logtest.New(t)))
app.Config.DataDirParent = t.TempDir()
app.Config.SMESHING.Opts.DataDir = t.TempDir()

sigOld, err := signing.NewEdSigner()
require.NoError(t, err)

oldKey := filepath.Join(app.Config.SMESHING.Opts.DataDir, legacyKeyFileName)
err = os.WriteFile(oldKey, sigOld.PrivateKey(), 0o600)
require.NoError(t, err)

sigBackup, err := signing.NewEdSigner()
require.NoError(t, err)

backupKey := filepath.Join(app.Config.SMESHING.Opts.DataDir, legacyKeyFileName+".bak")
err = os.WriteFile(backupKey, sigBackup.PrivateKey(), 0o600)
require.NoError(t, err)

err = app.MigrateExistingIdentity()
require.ErrorIs(t, err, fs.ErrExist)
require.ErrorContains(t, err, fmt.Sprintf("backup %s already exists", backupKey))
require.FileExists(t, filepath.Join(app.Config.SMESHING.Opts.DataDir, legacyKeyFileName))
require.FileExists(t, filepath.Join(app.Config.SMESHING.Opts.DataDir, legacyKeyFileName+".bak"))

oldKeyBin, err := os.ReadFile(oldKey)
require.NoError(t, err)
require.Equal(t, []byte(sigOld.PrivateKey()), oldKeyBin)

backupKeyBin, err := os.ReadFile(backupKey)
require.NoError(t, err)
require.Equal(t, []byte(sigBackup.PrivateKey()), backupKeyBin)
})
}

0 comments on commit e57bcfa

Please sign in to comment.