forked from Silverfish/proton-bridge
GODT-1482: Comment or mitigate panics, unlock cache when needed.
This commit is contained in:
Jakub
30
internal/store/cache/disk.go
vendored
30
internal/store/cache/disk.go
vendored
@ -33,6 +33,7 @@ import (
|
||||
"github.com/ricochet2200/go-disk-usage/du"
|
||||
)
|
||||
|
||||
var ErrMsgCorrupted = errors.New("ecrypted file was corrupted")
|
||||
var ErrLowSpace = errors.New("not enough free space left on device")
|
||||
|
||||
// IsOnDiskCache will return true if Cache is type of onDiskCache.
|
||||
@ -86,6 +87,10 @@ func NewOnDiskCache(path string, cmp Compressor, opts Options) (Cache, error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (c *onDiskCache) Lock(userID string) {
|
||||
delete(c.gcm, userID)
|
||||
}
|
||||
|
||||
func (c *onDiskCache) Unlock(userID string, passphrase []byte) error {
|
||||
hash := sha256.New()
|
||||
|
||||
@ -135,17 +140,29 @@ func (c *onDiskCache) Has(userID, messageID string) bool {
|
||||
return false
|
||||
|
||||
default:
|
||||
// Cannot decide whether the message is cached or not.
|
||||
// Potential recover needs to be don in caller function.
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
func (c *onDiskCache) Get(userID, messageID string) ([]byte, error) {
|
||||
gcm, ok := c.gcm[userID]
|
||||
if !ok || gcm == nil {
|
||||
return nil, ErrCacheNeedsUnlock
|
||||
}
|
||||
|
||||
enc, err := c.readFile(c.getMessagePath(userID, messageID))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cmp, err := c.gcm[userID].Open(nil, enc[:c.gcm[userID].NonceSize()], enc[c.gcm[userID].NonceSize():], nil)
|
||||
// Data stored in file must larger than NonceSize.
|
||||
if len(enc) <= gcm.NonceSize() {
|
||||
return nil, ErrMsgCorrupted
|
||||
}
|
||||
|
||||
cmp, err := gcm.Open(nil, enc[:gcm.NonceSize()], enc[gcm.NonceSize():], nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -154,7 +171,11 @@ func (c *onDiskCache) Get(userID, messageID string) ([]byte, error) {
|
||||
}
|
||||
|
||||
func (c *onDiskCache) Set(userID, messageID string, literal []byte) error {
|
||||
nonce := make([]byte, c.gcm[userID].NonceSize())
|
||||
gcm, ok := c.gcm[userID]
|
||||
if !ok {
|
||||
return ErrCacheNeedsUnlock
|
||||
}
|
||||
nonce := make([]byte, gcm.NonceSize())
|
||||
|
||||
if _, err := rand.Read(nonce); err != nil {
|
||||
return err
|
||||
@ -165,12 +186,13 @@ func (c *onDiskCache) Set(userID, messageID string, literal []byte) error {
|
||||
return err
|
||||
}
|
||||
|
||||
// NOTE(GODT-1158): How to properly handle low space? Don't return error, that's bad. Instead send event?
|
||||
// NOTE(GODT-1158, GODT-1488): Need to properly handle low space. Don't
|
||||
// return error, that's bad. Send event and clean least used message.
|
||||
if !c.hasSpace(len(cmp)) {
|
||||
return nil
|
||||
}
|
||||
|
||||
return c.writeFile(c.getMessagePath(userID, messageID), c.gcm[userID].Seal(nonce, nonce, cmp, nil))
|
||||
return c.writeFile(c.getMessagePath(userID, messageID), gcm.Seal(nonce, nonce, cmp, nil))
|
||||
}
|
||||
|
||||
func (c *onDiskCache) Rem(userID, messageID string) error {
|
||||
|
||||
1
internal/store/cache/hash.go
vendored
1
internal/store/cache/hash.go
vendored
@ -26,6 +26,7 @@ func getHash(name string) string {
|
||||
hash := sha256.New()
|
||||
|
||||
if _, err := hash.Write([]byte(name)); err != nil {
|
||||
// sha256.Write always returns nill err so this should never happen
|
||||
panic(err)
|
||||
}
|
||||
|
||||
|
||||
51
internal/store/cache/memory.go
vendored
51
internal/store/cache/memory.go
vendored
@ -28,7 +28,8 @@ type inMemoryCache struct {
|
||||
size, limit int
|
||||
}
|
||||
|
||||
// NewInMemoryCache creates a new in memory cache which stores up to the given number of bytes of cached data.
|
||||
// NewInMemoryCache creates a new in memory cache which stores up to the given
|
||||
// number of bytes of cached data.
|
||||
// NOTE(GODT-1158): Make this threadsafe.
|
||||
func NewInMemoryCache(limit int) Cache {
|
||||
return &inMemoryCache{
|
||||
@ -42,7 +43,7 @@ func (c *inMemoryCache) Unlock(userID string, passphrase []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *inMemoryCache) Delete(userID string) error {
|
||||
func (c *inMemoryCache) Lock(userID string) {
|
||||
c.lock.Lock()
|
||||
defer c.lock.Unlock()
|
||||
|
||||
@ -51,23 +52,44 @@ func (c *inMemoryCache) Delete(userID string) error {
|
||||
}
|
||||
|
||||
delete(c.data, userID)
|
||||
}
|
||||
|
||||
func (c *inMemoryCache) Delete(userID string) error {
|
||||
c.Lock(userID)
|
||||
return nil
|
||||
}
|
||||
|
||||
// Has returns whether the given message exists in the cache.
|
||||
func (c *inMemoryCache) Has(userID, messageID string) bool {
|
||||
if _, err := c.Get(userID, messageID); err != nil {
|
||||
return false
|
||||
c.lock.RLock()
|
||||
defer c.lock.RUnlock()
|
||||
|
||||
if !c.isUserUnlocked(userID) {
|
||||
// This might look counter intuitive but in order to be able to test
|
||||
// "re-unlocking" mechanism we need to return true here.
|
||||
//
|
||||
// The situation is the same as it would happen for onDiskCache with
|
||||
// locked user. Later during `Get` cache would return proper error
|
||||
// `ErrCacheNeedsUnlock`. It is expected that store would then try to
|
||||
// re-unlock.
|
||||
//
|
||||
// In order to do proper behaviour we should implement
|
||||
// encryption for inMemoryCache.
|
||||
return true
|
||||
}
|
||||
|
||||
return true
|
||||
_, ok := c.data[userID][messageID]
|
||||
return ok
|
||||
}
|
||||
|
||||
func (c *inMemoryCache) Get(userID, messageID string) ([]byte, error) {
|
||||
c.lock.RLock()
|
||||
defer c.lock.RUnlock()
|
||||
|
||||
if !c.isUserUnlocked(userID) {
|
||||
return nil, ErrCacheNeedsUnlock
|
||||
}
|
||||
|
||||
literal, ok := c.data[userID][messageID]
|
||||
if !ok {
|
||||
return nil, errors.New("no such message in cache")
|
||||
@ -76,12 +98,23 @@ func (c *inMemoryCache) Get(userID, messageID string) ([]byte, error) {
|
||||
return literal, nil
|
||||
}
|
||||
|
||||
// NOTE(GODT-1158): What to actually do when memory limit is reached? Replace something existing? Return error? Drop silently?
|
||||
// NOTE(GODT-1158): Pull in cache-rotating feature from old IMAP cache.
|
||||
func (c *inMemoryCache) isUserUnlocked(userID string) bool {
|
||||
_, ok := c.data[userID]
|
||||
return ok
|
||||
}
|
||||
|
||||
// Set saves the message literal to memory for further usage.
|
||||
//
|
||||
// NOTE(GODT-1158, GODT-1488): Once memory limit is reached we should do proper
|
||||
// rotation based on usage frequency.
|
||||
func (c *inMemoryCache) Set(userID, messageID string, literal []byte) error {
|
||||
c.lock.Lock()
|
||||
defer c.lock.Unlock()
|
||||
|
||||
if !c.isUserUnlocked(userID) {
|
||||
return ErrCacheNeedsUnlock
|
||||
}
|
||||
|
||||
if c.size+len(literal) > c.limit {
|
||||
return nil
|
||||
}
|
||||
@ -96,6 +129,10 @@ func (c *inMemoryCache) Rem(userID, messageID string) error {
|
||||
c.lock.Lock()
|
||||
defer c.lock.Unlock()
|
||||
|
||||
if !c.isUserUnlocked(userID) {
|
||||
return nil
|
||||
}
|
||||
|
||||
c.size -= len(c.data[userID][messageID])
|
||||
|
||||
delete(c.data[userID], messageID)
|
||||
|
||||
5
internal/store/cache/types.go
vendored
5
internal/store/cache/types.go
vendored
@ -17,8 +17,13 @@
|
||||
|
||||
package cache
|
||||
|
||||
import "errors"
|
||||
|
||||
var ErrCacheNeedsUnlock = errors.New("cache needs to be unlocked")
|
||||
|
||||
type Cache interface {
|
||||
Unlock(userID string, passphrase []byte) error
|
||||
Lock(userID string)
|
||||
Delete(userID string) error
|
||||
|
||||
Has(userID, messageID string) bool
|
||||
|
||||
Reference in New Issue
Block a user