balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix use of ledger in main_signer

Browse Source
This commit is contained in:
Sebastien Mondet 2019-02-20 16:24:52 -05:00 committed by Pierre Boutillier
parent 3690566b0b
commit 32348c092c
No known key found for this signature in database
GPG Key ID: C2F73508B56A193C
1 changed files with 159 additions and 154 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

313
src/bin_signer/main_signer.ml
View File

@ -116,155 +116,158 @@ let may_setup_pidfile = function
trace (failure "Failed to create the pidfile: %s" pidfile) @@
Lwt_lock_file.create ~unlink_on_exit:true pidfile
let commands base_dir require_auth =
Client_keys_commands.commands None @
(* Tezos_signer_backends.Ledger.commands () @ *)
[ command ~group
~desc: "Launch a signer daemon over a TCP socket."
(args5
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "listening address or host name"
~short: 'a'
~long: "address"
~placeholder: "host|address"
~default: default_tcp_host
(parameter (fun _ s -> return s)))
(default_arg
~doc: "listening TCP port or service name"
~short: 'p'
~long: "port"
~placeholder: "port number"
~default: default_tcp_port
(parameter (fun _ s -> return s))))
(prefixes [ "launch" ; "socket" ; "signer" ] @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Socket_daemon.run
cctxt (Tcp (host, port, [AI_SOCKTYPE SOCK_STREAM]))
?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ ->
return_unit) ;
command ~group
~desc: "Launch a signer daemon over a local Unix socket."
(args4
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "path to the local socket file"
~short: 's'
~long: "socket"
~placeholder: "path"
~default: (Filename.concat base_dir "socket")
(parameter (fun _ s -> return s))))
(prefixes [ "launch" ; "local" ; "signer" ] @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, path) cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Socket_daemon.run
cctxt (Unix path) ?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ ->
return_unit) ;
command ~group
~desc: "Launch a signer daemon over HTTP."
(args5
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "listening address or host name"
~short: 'a'
~long: "address"
~placeholder: "host|address"
~default: default_http_host
(parameter (fun _ s -> return s)))
(default_arg
~doc: "listening HTTP port"
~short: 'p'
~long: "port"
~placeholder: "port number"
~default: default_http_port
(parameter
(fun _ x ->
try return (int_of_string x)
with Failure _ -> failwith "Invalid port %s" x))))
(prefixes [ "launch" ; "http" ; "signer" ] @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Http_daemon.run_http cctxt ~host ~port ?magic_bytes ~check_high_watermark ~require_auth) ;
command ~group
~desc: "Launch a signer daemon over HTTPS."
(args5
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "listening address or host name"
~short: 'a'
~long: "address"
~placeholder: "host|address"
~default: default_https_host
(parameter (fun _ s -> return s)))
(default_arg
~doc: "listening HTTPS port"
~short: 'p'
~long: "port"
~placeholder: "port number"
~default: default_https_port
(parameter
(fun _ x ->
try return (int_of_string x)
with Failure _ -> failwith "Invalid port %s" x))))
(prefixes [ "launch" ; "https" ; "signer" ] @@
param
~name:"cert"
~desc: "path to the TLS certificate"
(parameter (fun _ s ->
if not (Sys.file_exists s) then
failwith "No such TLS certificate file %s" s
else
return s)) @@
param
~name:"key"
~desc: "path to the TLS key"
(parameter (fun _ s ->
if not (Sys.file_exists s) then
failwith "No such TLS key file %s" s
else
return s)) @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cert key cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Http_daemon.run_https cctxt ~host ~port ~cert ~key ?magic_bytes ~check_high_watermark ~require_auth) ;
command ~group
~desc: "Authorize a given public key to perform signing requests."
(args1
(arg
~doc: "an optional name for the key (defaults to the hash)"
~short: 'N'
~long: "name"
~placeholder: "name"
(parameter (fun _ s -> return s))))
(prefixes [ "add" ; "authorized" ; "key" ] @@
param
~name:"pk"
~desc: "full public key (Base58 encoded)"
(parameter (fun _ s -> Lwt.return (Signature.Public_key.of_b58check s))) @@
stop)
(fun name key cctxt ->
let pkh = Signature.Public_key.hash key in
let name = match name with
| Some name -> name
| None -> Signature.Public_key_hash.to_b58check pkh in
Handler.Authorized_key.add ~force:false cctxt name key)
]
let commands base_dir require_auth : Client_context.full command list =
Tezos_signer_backends.Ledger.commands () @
List.map
(Clic.map_command
(fun (o : Client_context.full) -> (o :> Client_context.io_wallet)))
(Client_keys_commands.commands None @
[ command ~group
~desc: "Launch a signer daemon over a TCP socket."
(args5
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "listening address or host name"
~short: 'a'
~long: "address"
~placeholder: "host|address"
~default: default_tcp_host
(parameter (fun _ s -> return s)))
(default_arg
~doc: "listening TCP port or service name"
~short: 'p'
~long: "port"
~placeholder: "port number"
~default: default_tcp_port
(parameter (fun _ s -> return s))))
(prefixes [ "launch" ; "socket" ; "signer" ] @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Socket_daemon.run
cctxt (Tcp (host, port, [AI_SOCKTYPE SOCK_STREAM]))
?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ ->
return_unit) ;
command ~group
~desc: "Launch a signer daemon over a local Unix socket."
(args4
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "path to the local socket file"
~short: 's'
~long: "socket"
~placeholder: "path"
~default: (Filename.concat base_dir "socket")
(parameter (fun _ s -> return s))))
(prefixes [ "launch" ; "local" ; "signer" ] @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, path) cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Socket_daemon.run
cctxt (Unix path) ?magic_bytes ~check_high_watermark ~require_auth >>=? fun _ ->
return_unit) ;
command ~group
~desc: "Launch a signer daemon over HTTP."
(args5
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "listening address or host name"
~short: 'a'
~long: "address"
~placeholder: "host|address"
~default: default_http_host
(parameter (fun _ s -> return s)))
(default_arg
~doc: "listening HTTP port"
~short: 'p'
~long: "port"
~placeholder: "port number"
~default: default_http_port
(parameter
(fun _ x ->
try return (int_of_string x)
with Failure _ -> failwith "Invalid port %s" x))))
(prefixes [ "launch" ; "http" ; "signer" ] @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Http_daemon.run_http cctxt ~host ~port ?magic_bytes ~check_high_watermark ~require_auth) ;
command ~group
~desc: "Launch a signer daemon over HTTPS."
(args5
pidfile_arg
magic_bytes_arg
high_watermark_switch
(default_arg
~doc: "listening address or host name"
~short: 'a'
~long: "address"
~placeholder: "host|address"
~default: default_https_host
(parameter (fun _ s -> return s)))
(default_arg
~doc: "listening HTTPS port"
~short: 'p'
~long: "port"
~placeholder: "port number"
~default: default_https_port
(parameter
(fun _ x ->
try return (int_of_string x)
with Failure _ -> failwith "Invalid port %s" x))))
(prefixes [ "launch" ; "https" ; "signer" ] @@
param
~name:"cert"
~desc: "path to the TLS certificate"
(parameter (fun _ s ->
if not (Sys.file_exists s) then
failwith "No such TLS certificate file %s" s
else
return s)) @@
param
~name:"key"
~desc: "path to the TLS key"
(parameter (fun _ s ->
if not (Sys.file_exists s) then
failwith "No such TLS key file %s" s
else
return s)) @@ stop)
(fun (pidfile, magic_bytes, check_high_watermark, host, port) cert key cctxt ->
init_signal () ;
may_setup_pidfile pidfile >>=? fun () ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Http_daemon.run_https cctxt ~host ~port ~cert ~key ?magic_bytes ~check_high_watermark ~require_auth) ;
command ~group
~desc: "Authorize a given public key to perform signing requests."
(args1
(arg
~doc: "an optional name for the key (defaults to the hash)"
~short: 'N'
~long: "name"
~placeholder: "name"
(parameter (fun _ s -> return s))))
(prefixes [ "add" ; "authorized" ; "key" ] @@
param
~name:"pk"
~desc: "full public key (Base58 encoded)"
(parameter (fun _ s -> Lwt.return (Signature.Public_key.of_b58check s))) @@
stop)
(fun name key cctxt ->
let pkh = Signature.Public_key.hash key in
let name = match name with
| Some name -> name
| None -> Signature.Public_key_hash.to_b58check pkh in
Handler.Authorized_key.add ~force:false cctxt name key)
])
let home = try Sys.getenv "HOME" with Not_found -> "/root"
@ -333,11 +336,13 @@ let main () =
(global_options ()) () original_args >>=?
fun ((base_dir, require_auth, password_filename), remaining) ->
let base_dir = Option.unopt ~default:default_base_dir base_dir in
let cctxt = object
inherit Client_context_unix.unix_logger ~base_dir
inherit Client_context_unix.unix_prompter
inherit Client_context_unix.unix_wallet ~base_dir ~password_filename
end in
let cctxt =
new Client_context_unix.unix_full
~block:Client_config.default_block
~confirmations:None
~password_filename
~base_dir
~rpc_config:RPC_client.default_config in
Client_keys.register_signer
(module Tezos_signer_backends.Encrypted.Make(struct
let cctxt = new Client_context_unix.unix_prompter