balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix use of ledger in main_signer

Browse Source
This commit is contained in:
Sebastien Mondet 2019-02-20 16:24:52 -05:00 committed by Pierre Boutillier
parent 3690566b0b
commit 32348c092c
No known key found for this signature in database
GPG Key ID: C2F73508B56A193C
1 changed files with 159 additions and 154 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

313
src/bin_signer/main_signer.ml
View File

@ -116,155 +116,158 @@ let may_setup_pidfile = function
trace (failure "Failed to create the pidfile: %s" pidfile) @@ trace (failure "Failed to create the pidfile: %s" pidfile) @@
Lwt_lock_file.create ~unlink_on_exit:true pidfile Lwt_lock_file.create ~unlink_on_exit:true pidfile
let commands base_dir require_auth = let commands base_dir require_auth : Client_context.full command list =
Client_keys_commands.commands None @ Tezos_signer_backends.Ledger.commands () @
(* Tezos_signer_backends.Ledger.commands () @ *) List.map
[ command ~group (Clic.map_command
~desc: "Launch a signer daemon over a TCP socket." (fun (o : Client_context.full) -> (o :> Client_context.io_wallet)))
(args5 (Client_keys_commands.commands None @
pidfile_arg [ command ~group
magic_bytes_arg ~desc: "Launch a signer daemon over a TCP socket."
high_watermark_switch (args5
(default_arg pidfile_arg
~doc: "listening address or host name" magic_bytes_arg
~short: 'a' high_watermark_switch
~long: "address" (default_arg
~placeholder: "host|address" ~doc: "listening address or host name"
~default: default_tcp_host ~short: 'a'
(parameter (fun _ s -> return s))) ~long: "address"
(default_arg ~placeholder: "host|address"
~doc: "listening TCP port or service name" ~default: default_tcp_host
~short: 'p' (parameter (fun _ s -> return s)))
~long: "port" (default_arg
~placeholder: "port number" ~doc: "listening TCP port or service name"
~default: default_tcp_port ~short: 'p'
(parameter (fun _ s -> return s)))) ~long: "port"
(prefixes [ "launch" ; "socket" ; "signer" ] @@ stop) ~placeholder: "port number"
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt -> ~default: default_tcp_port
init_signal () ; (parameter (fun _ s -> return s))))
may_setup_pidfile pidfile >>=? fun () -> (prefixes [ "launch" ; "socket" ; "signer" ] @@ stop)
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () -> (fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt ->
Socket_daemon.run init_signal () ;
cctxt (Tcp (host, port, [AI_SOCKTYPE SOCK_STREAM])) may_setup_pidfile pidfile >>=? fun () ->
?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ -> Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
return_unit) ; Socket_daemon.run
command ~group cctxt (Tcp (host, port, [AI_SOCKTYPE SOCK_STREAM]))
~desc: "Launch a signer daemon over a local Unix socket." ?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ ->
(args4 return_unit) ;
pidfile_arg command ~group
magic_bytes_arg ~desc: "Launch a signer daemon over a local Unix socket."
high_watermark_switch (args4
(default_arg pidfile_arg
~doc: "path to the local socket file" magic_bytes_arg
~short: 's' high_watermark_switch
~long: "socket" (default_arg
~placeholder: "path" ~doc: "path to the local socket file"
~default: (Filename.concat base_dir "socket") ~short: 's'
(parameter (fun _ s -> return s)))) ~long: "socket"
(prefixes [ "launch" ; "local" ; "signer" ] @@ stop) ~placeholder: "path"
(fun (pidfile, magic_bytes, check_high_watermark, path) cctxt -> ~default: (Filename.concat base_dir "socket")
init_signal () ; (parameter (fun _ s -> return s))))
may_setup_pidfile pidfile >>=? fun () -> (prefixes [ "launch" ; "local" ; "signer" ] @@ stop)
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () -> (fun (pidfile, magic_bytes, check_high_watermark, path) cctxt ->
Socket_daemon.run init_signal () ;
cctxt (Unix path) ?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ -> may_setup_pidfile pidfile >>=? fun () ->
return_unit) ; Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
command ~group Socket_daemon.run
~desc: "Launch a signer daemon over HTTP." cctxt (Unix path) ?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ ->
(args5 return_unit) ;
pidfile_arg command ~group
magic_bytes_arg ~desc: "Launch a signer daemon over HTTP."
high_watermark_switch (args5
(default_arg pidfile_arg
~doc: "listening address or host name" magic_bytes_arg
~short: 'a' high_watermark_switch
~long: "address" (default_arg
~placeholder: "host|address" ~doc: "listening address or host name"
~default: default_http_host ~short: 'a'
(parameter (fun _ s -> return s))) ~long: "address"
(default_arg ~placeholder: "host|address"
~doc: "listening HTTP port" ~default: default_http_host
~short: 'p' (parameter (fun _ s -> return s)))
~long: "port" (default_arg
~placeholder: "port number" ~doc: "listening HTTP port"
~default: default_http_port ~short: 'p'
(parameter ~long: "port"
(fun _ x -> ~placeholder: "port number"
try return (int_of_string x) ~default: default_http_port
with Failure _ -> failwith "Invalid port %s" x)))) (parameter
(prefixes [ "launch" ; "http" ; "signer" ] @@ stop) (fun _ x ->
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt -> try return (int_of_string x)
init_signal () ; with Failure _ -> failwith "Invalid port %s" x))))
may_setup_pidfile pidfile >>=? fun () -> (prefixes [ "launch" ; "http" ; "signer" ] @@ stop)
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () -> (fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt ->
Http_daemon.run_http cctxt ~host ~port ?magic_bytes ~check_high_watermark ~require_auth) ; init_signal () ;
command ~group may_setup_pidfile pidfile >>=? fun () ->
~desc: "Launch a signer daemon over HTTPS." Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
(args5 Http_daemon.run_http cctxt ~host ~port ?magic_bytes ~check_high_watermark ~require_auth) ;
pidfile_arg command ~group
magic_bytes_arg ~desc: "Launch a signer daemon over HTTPS."
high_watermark_switch (args5
(default_arg pidfile_arg
~doc: "listening address or host name" magic_bytes_arg
~short: 'a' high_watermark_switch
~long: "address" (default_arg
~placeholder: "host|address" ~doc: "listening address or host name"
~default: default_https_host ~short: 'a'
(parameter (fun _ s -> return s))) ~long: "address"
(default_arg ~placeholder: "host|address"
~doc: "listening HTTPS port" ~default: default_https_host
~short: 'p' (parameter (fun _ s -> return s)))
~long: "port" (default_arg
~placeholder: "port number" ~doc: "listening HTTPS port"
~default: default_https_port ~short: 'p'
(parameter ~long: "port"
(fun _ x -> ~placeholder: "port number"
try return (int_of_string x) ~default: default_https_port
with Failure _ -> failwith "Invalid port %s" x)))) (parameter
(prefixes [ "launch" ; "https" ; "signer" ] @@ (fun _ x ->
param try return (int_of_string x)
~name:"cert" with Failure _ -> failwith "Invalid port %s" x))))
~desc: "path to the TLS certificate" (prefixes [ "launch" ; "https" ; "signer" ] @@
(parameter (fun _ s -> param
if not (Sys.file_exists s) then ~name:"cert"
failwith "No such TLS certificate file %s" s ~desc: "path to the TLS certificate"
else (parameter (fun _ s ->
return s)) @@ if not (Sys.file_exists s) then
param failwith "No such TLS certificate file %s" s
~name:"key" else
~desc: "path to the TLS key" return s)) @@
(parameter (fun _ s -> param
if not (Sys.file_exists s) then ~name:"key"
failwith "No such TLS key file %s" s ~desc: "path to the TLS key"
else (parameter (fun _ s ->
return s)) @@ stop) if not (Sys.file_exists s) then
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cert key cctxt -> failwith "No such TLS key file %s" s
init_signal () ; else
may_setup_pidfile pidfile >>=? fun () -> return s)) @@ stop)
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () -> (fun (pidfile, magic_bytes, check_high_watermark, host, port) cert key cctxt ->
Http_daemon.run_https cctxt ~host ~port ~cert ~key ?magic_bytes ~check_high_watermark ~require_auth) ; init_signal () ;
command ~group may_setup_pidfile pidfile >>=? fun () ->
~desc: "Authorize a given public key to perform signing requests." Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
(args1 Http_daemon.run_https cctxt ~host ~port ~cert ~key ?magic_bytes ~check_high_watermark ~require_auth) ;
(arg command ~group
~doc: "an optional name for the key (defaults to the hash)" ~desc: "Authorize a given public key to perform signing requests."
~short: 'N' (args1
~long: "name" (arg
~placeholder: "name" ~doc: "an optional name for the key (defaults to the hash)"
(parameter (fun _ s -> return s)))) ~short: 'N'
(prefixes [ "add" ; "authorized" ; "key" ] @@ ~long: "name"
param ~placeholder: "name"
~name:"pk" (parameter (fun _ s -> return s))))
~desc: "full public key (Base58 encoded)" (prefixes [ "add" ; "authorized" ; "key" ] @@
(parameter (fun _ s -> Lwt.return (Signature.Public_key.of_b58check s))) @@ param
stop) ~name:"pk"
(fun name key cctxt -> ~desc: "full public key (Base58 encoded)"
let pkh = Signature.Public_key.hash key in (parameter (fun _ s -> Lwt.return (Signature.Public_key.of_b58check s))) @@
let name = match name with stop)
| Some name -> name (fun name key cctxt ->
| None -> Signature.Public_key_hash.to_b58check pkh in let pkh = Signature.Public_key.hash key in
Handler.Authorized_key.add ~force:false cctxt name key) let name = match name with
] | Some name -> name
| None -> Signature.Public_key_hash.to_b58check pkh in
Handler.Authorized_key.add ~force:false cctxt name key)
])
let home = try Sys.getenv "HOME" with Not_found -> "/root" let home = try Sys.getenv "HOME" with Not_found -> "/root"
@ -333,11 +336,13 @@ let main () =
(global_options ()) () original_args >>=? (global_options ()) () original_args >>=?
fun ((base_dir, require_auth, password_filename), remaining) -> fun ((base_dir, require_auth, password_filename), remaining) ->
let base_dir = Option.unopt ~default:default_base_dir base_dir in let base_dir = Option.unopt ~default:default_base_dir base_dir in
let cctxt = object let cctxt =
inherit Client_context_unix.unix_logger ~base_dir new Client_context_unix.unix_full
inherit Client_context_unix.unix_prompter ~block:Client_config.default_block
inherit Client_context_unix.unix_wallet ~base_dir ~password_filename ~confirmations:None
end in ~password_filename
~base_dir
~rpc_config:RPC_client.default_config in
Client_keys.register_signer Client_keys.register_signer
(module Tezos_signer_backends.Encrypted.Make(struct (module Tezos_signer_backends.Encrypted.Make(struct
let cctxt = new Client_context_unix.unix_prompter let cctxt = new Client_context_unix.unix_prompter