Integrate with timestamp verification when remembering node by saving the cert to disk first.

2018-10-02 12:11:25 -07:00 · 2018-10-02 12:11:25 -07:00 · 41d0ed5b0b
parent cc5812f797
commit 41d0ed5b0b
4 changed files with 18 additions and 6 deletions
--- a/nucypher/characters/base.py
+++ b/nucypher/characters/base.py
@ -96,18 +96,19 @@ class Learner(ABC):
                # This node is already known.  We can safely return.
                return

+        certificate_filepath = node.save_certificate_to_disk(directory=self.known_certificates_dir)
        node.verify_node(self.network_middleware,  # TODO: Take middleware directly in this class?
                         force=force_verification_check,
-                         accept_federated_only=self.federated_only)  # TODO: 466
+                         accept_federated_only=self.federated_only,
+                         certificate_filepath=certificate_filepath)  # TODO: 466

-        listeners = self._learning_listeners.pop(node.checksum_public_address, ())
+        listeners = self._learning_listeners.pop(node.checksum_public_address, tuple())
        address = node.checksum_public_address

        self.__known_nodes[address] = node

        if self.save_metadata:
            node.write_node_metadata(node=node)
-            node.save_certificate_to_disk()

        self.log.info("Remembering {}, popping {} listeners.".format(node.checksum_public_address, len(listeners)))
        for listener in listeners:
--- a/nucypher/crypto/api.py
+++ b/nucypher/crypto/api.py
@ -121,7 +121,8 @@ def _save_tls_certificate(certificate: Certificate,
                          force: bool = True,  # TODO: Make configurable, or set to False by default.
                          ) -> str:

-    if force is False and os.path.isfile(full_filepath):
+    cert_already_exists = os.path.isfile(full_filepath)
+    if force is False and cert_already_exists:
        raise FileExistsError('A TLS certificate already exists at {}.'.format(full_filepath))

    with open(full_filepath, 'wb') as certificate_file:
--- a/nucypher/network/nodes.py
+++ b/nucypher/network/nodes.py
@ -1,4 +1,5 @@
 import os
+from logging import getLogger

 import OpenSSL
 import maya
@ -29,6 +30,8 @@ class VerifiableNode:
                 timestamp=constants.NOT_SIGNED,
                 ) -> None:

+        self.log = getLogger(self.__class__.__name__)
+
        self.certificate = certificate
        self.certificate_filepath = certificate_filepath
        self._interface_signature_object = interface_signature
@ -104,7 +107,12 @@ class VerifiableNode:
                if not accept_federated_only:
                    raise

-    def verify_node(self, network_middleware, accept_federated_only=False, force=False, certificate_filepath=None):
+    def verify_node(self,
+                    network_middleware,
+                    certificate_filepath: str,
+                    accept_federated_only: bool = False,
+                    force: bool = False
+                    ) -> bool:
        """
        Three things happening here:

@ -207,3 +215,5 @@ class VerifiableNode:
        certificate_filepath = self.get_certificate_filepath(certificates_dir=directory)
        _save_tls_certificate(self.certificate, full_filepath=certificate_filepath)
        self.certificate_filepath = certificate_filepath
+        self.log.info("Saved new TLS certificate {}".format(certificate_filepath))
+        return self.certificate_filepath
--- a/nucypher/utilities/sandbox/middleware.py
+++ b/nucypher/utilities/sandbox/middleware.py
@ -51,7 +51,7 @@ class MockRestMiddleware(RestMiddleware):
        mock_client = self._get_mock_client_by_ursula(node)
        return mock_client.get("http://localhost/treasure_map/{}".format(map_id))

-    def node_information(self, host, port, certificate_filepath=None):
+    def node_information(self, host, port, certificate_filepath):
        mock_client = self._get_mock_client_by_port(port)
        response = mock_client.get("http://localhost/public_information")
        return response