@@ -27,9 +27,14 @@ use fdo_data_formats::{
27
27
publickey:: PublicKey ,
28
28
types:: { Guid , TO2AddressEntry } ,
29
29
} ;
30
- use fdo_store:: { Store , StoreError } ;
30
+
31
+ use fdo_store:: { Store , StoreConfig , StoreError } ;
31
32
use fdo_util:: servers:: {
32
- configuration:: { owner_onboarding_server:: OwnerOnboardingServerSettings , AbsolutePathBuf } ,
33
+ configuration:: {
34
+ owner_onboarding_server:: OwnerOnboardingServerSettings ,
35
+ owner_onboarding_server:: DEFAULT_REGISTRATION_PERIOD ,
36
+ owner_onboarding_server:: DEFAULT_RE_REGISTRATION_WINDOW , AbsolutePathBuf ,
37
+ } ,
33
38
settings_for, OwnershipVoucherStoreMetadataKey ,
34
39
} ;
35
40
@@ -63,6 +68,13 @@ pub(crate) struct OwnerServiceUD {
63
68
service_info_api_client : fdo_http_wrapper:: client:: JsonClient ,
64
69
65
70
owner_addresses : Vec < TO2AddressEntry > ,
71
+
72
+ // How much time (s) OVs are going to be registered
73
+ ov_registration_period : u32 ,
74
+ // The time window (s) within which the re-registration will start
75
+ ov_re_registration_window : u32 ,
76
+
77
+ window_check_enabled : bool ,
66
78
}
67
79
68
80
pub ( crate ) type OwnerServiceUDT = Arc < OwnerServiceUD > ;
@@ -73,7 +85,14 @@ fn load_private_key(path: &AbsolutePathBuf) -> Result<PKey<Private>> {
73
85
}
74
86
75
87
async fn _handle_report_to_rendezvous ( udt : & OwnerServiceUDT , ov : & OwnershipVoucher ) -> Result < ( ) > {
76
- match report_ov_to_rendezvous ( ov, & udt. owner_addresses , & udt. owner_key ) . await {
88
+ match report_ov_to_rendezvous (
89
+ ov,
90
+ & udt. owner_addresses ,
91
+ & udt. owner_key ,
92
+ udt. ov_registration_period ,
93
+ )
94
+ . await
95
+ {
77
96
Ok ( wait_seconds) => {
78
97
udt. ownership_voucher_store
79
98
. store_metadata (
@@ -138,10 +157,59 @@ async fn report_to_rendezvous(udt: OwnerServiceUDT) -> Result<()> {
138
157
Ok ( ( ) )
139
158
}
140
159
160
+ async fn check_registration_window ( udt : & OwnerServiceUDT ) -> Result < ( ) > {
161
+ let now_plus_window =
162
+ time:: OffsetDateTime :: now_utc ( ) . unix_timestamp ( ) + ( udt. ov_re_registration_window as i64 ) ;
163
+ // these are the ovs whose registration time will end and we need to
164
+ // re-register them
165
+ let ovs = udt
166
+ . ownership_voucher_store
167
+ . query_ovs_db_to2_performed_to0_less_than ( false , now_plus_window)
168
+ . await ?;
169
+ for ov in ovs {
170
+ match report_ov_to_rendezvous (
171
+ & ov,
172
+ & udt. owner_addresses ,
173
+ & udt. owner_key ,
174
+ udt. ov_registration_period ,
175
+ )
176
+ . await
177
+ {
178
+ Ok ( wait_seconds) => {
179
+ udt. ownership_voucher_store
180
+ . store_metadata (
181
+ ov. header ( ) . guid ( ) ,
182
+ & fdo_store:: MetadataKey :: Local (
183
+ OwnershipVoucherStoreMetadataKey :: To0AcceptOwnerWaitSeconds ,
184
+ ) ,
185
+ & time:: Duration :: new ( wait_seconds. into ( ) , 0 ) ,
186
+ )
187
+ . await ?;
188
+ if wait_seconds != udt. ov_registration_period {
189
+ log:: warn!( "OV({}): registered by rendezvous for {wait_seconds}s, as opposed to the requested {}s" ,
190
+ ov. header( ) . guid( ) . to_string( ) , udt. ov_registration_period) ;
191
+ if udt. ov_re_registration_window >= wait_seconds {
192
+ log:: warn!( "OV({}): re-registration won't be triggered (window: {}s, registration: {}s)" ,
193
+ ov. header( ) . guid( ) . to_string( ) , udt. ov_re_registration_window, udt. ov_registration_period) ;
194
+ }
195
+ }
196
+ }
197
+ Err ( e) => {
198
+ log:: warn!(
199
+ "OV({}): failed to report to rendezvous: {e}" ,
200
+ ov. header( ) . guid( ) . to_string( )
201
+ ) ;
202
+ }
203
+ }
204
+ }
205
+ Ok ( ( ) )
206
+ }
207
+
141
208
async fn report_ov_to_rendezvous (
142
209
ov : & OwnershipVoucher ,
143
210
owner_addresses : & [ TO2AddressEntry ] ,
144
211
owner_key : & PKey < Private > ,
212
+ registration_period : u32 ,
145
213
) -> Result < u32 > {
146
214
let ov_header = ov. header ( ) ;
147
215
if ov_header. protocol_version ( ) != ProtocolVersion :: Version1_1 {
@@ -193,8 +261,7 @@ async fn report_ov_to_rendezvous(
193
261
} ;
194
262
195
263
// Build to0d and to1d
196
- // TODO(runcom): 600 has to come from configuration
197
- let to0d = TO0Data :: new ( ov. clone ( ) , 600 , hello_ack. nonce3 ( ) . clone ( ) )
264
+ let to0d = TO0Data :: new ( ov. clone ( ) , registration_period, hello_ack. nonce3 ( ) . clone ( ) )
198
265
. context ( "Error creating to0d" ) ?;
199
266
let to0d_vec = to0d. serialize_data ( ) . context ( "Error serializing TO0Data" ) ?;
200
267
let to0d_hash =
@@ -242,14 +309,21 @@ async fn perform_maintenance(udt: OwnerServiceUDT) -> std::result::Result<(), &'
242
309
#[ allow( unused_must_use) ]
243
310
let ( ov_res, ses_res, rtr_res) = tokio:: join!( ov_maint, ses_maint, rtr_maint) ;
244
311
312
+ if udt. window_check_enabled {
313
+ let window_res = check_registration_window ( & udt. clone ( ) ) . await ;
314
+ if let Err ( e) = window_res {
315
+ log:: warn!( "Error during re-registration window check: {e:?}" ) ;
316
+ }
317
+ }
318
+
245
319
if let Err ( e) = ov_res {
246
- log:: warn!( "Error during ownership voucher store maintenance: {:?}" , e ) ;
320
+ log:: warn!( "Error during ownership voucher store maintenance: {e :?}" ) ;
247
321
}
248
322
if let Err ( e) = ses_res {
249
- log:: warn!( "Error during session store maintenance: {:?}" , e ) ;
323
+ log:: warn!( "Error during session store maintenance: {e :?}" ) ;
250
324
}
251
325
if let Err ( e) = rtr_res {
252
- log:: warn!( "Error during report to rendezvous maintenance: {:?}" , e )
326
+ log:: warn!( "Error during report to rendezvous maintenance: {e :?}" )
253
327
}
254
328
}
255
329
}
@@ -335,6 +409,43 @@ async fn main() -> Result<()> {
335
409
. context ( "Error converting owner public key to PK" ) ?
336
410
} ;
337
411
412
+ // Voucher registration times
413
+ let ov_registration_period = match settings. ov_registration_period {
414
+ Some ( value) => {
415
+ if value == 0 {
416
+ bail ! ( "ov_registration_period cannot be 0" ) ;
417
+ }
418
+ value
419
+ }
420
+ None => {
421
+ log:: info!(
422
+ "Setting a default ov_registration_period of {DEFAULT_REGISTRATION_PERIOD} seconds"
423
+ ) ;
424
+ DEFAULT_REGISTRATION_PERIOD
425
+ }
426
+ } ;
427
+ let ov_re_registration_window = match settings. ov_re_registration_window {
428
+ Some ( value) => {
429
+ if value == 0 {
430
+ bail ! ( "ov_re_registration_window cannot be 0" ) ;
431
+ } else if value as u64 <= MAINTENANCE_INTERVAL {
432
+ bail ! ( "this server performs checks every {MAINTENANCE_INTERVAL} seconds, please specify an ov_re_registration_window larger than that value" ) ;
433
+ }
434
+ value
435
+ }
436
+ None => {
437
+ log:: info!( "Setting a default ov_re_registration_window of {DEFAULT_RE_REGISTRATION_WINDOW} seconds" ) ;
438
+ DEFAULT_RE_REGISTRATION_WINDOW
439
+ }
440
+ } ;
441
+
442
+ if ov_re_registration_window >= ov_registration_period {
443
+ bail ! (
444
+ "ov_re_registration_window ({ov_re_registration_window}) must be smaller than ov_registration_period ({ov_registration_period})" ) ;
445
+ } else {
446
+ log:: info!( "Server configured with an OV registration period of {ov_registration_period} seconds, OV re-registration window set to {ov_re_registration_window} seconds" )
447
+ }
448
+
338
449
// Initialize stores
339
450
let ownership_voucher_store = settings
340
451
. ownership_voucher_store_driver
@@ -344,6 +455,16 @@ async fn main() -> Result<()> {
344
455
. session_store_driver
345
456
. initialize ( )
346
457
. context ( "Error initializing session store" ) ?;
458
+
459
+ // the re-registration check is only available with DB store drivers
460
+ let window_check_enabled = match settings. ownership_voucher_store_driver {
461
+ StoreConfig :: Directory { path : _ } => {
462
+ log:: info!( "OV re-registration window check disabled, this feature is only available with DB storage drivers" ) ;
463
+ false
464
+ }
465
+ _ => true ,
466
+ } ;
467
+
347
468
let session_store = fdo_http_wrapper:: server:: SessionStore :: new ( session_store) ;
348
469
349
470
// Generate a new Owner2
@@ -387,6 +508,12 @@ async fn main() -> Result<()> {
387
508
388
509
// Owner addresses
389
510
owner_addresses,
511
+
512
+ // OV registration times
513
+ ov_registration_period,
514
+ ov_re_registration_window,
515
+
516
+ window_check_enabled,
390
517
} ) ;
391
518
392
519
// Initialize handlers
0 commit comments