Generate whole key without relying on seed based generation.

2025-05-17 12:12:35 +08:00 · 2020-06-24 20:34:12 +05:30 · 2020-06-24 20:34:12 +05:30 · ba80f06001
commit ba80f06001
parent 8e1338626e
6 changed files with 22 additions and 18 deletions
--- a/include/http_data.h
+++ b/include/http_data.h
@ -117,16 +117,16 @@ struct http_req {
    uint64_t route_hash;
    std::map<std::string, std::string> params;
    std::string body;
-    uint64_t seed;
+    std::string metadata;

-    http_req(): route_hash(1), seed(random_uint64_t()) {
+    http_req(): route_hash(1) {

    }

    http_req(h2o_req_t* _req, const std::string & http_method, uint64_t route_hash,
            const std::map<std::string, std::string> & params, std::string body):
            _req(_req), http_method(http_method), route_hash(route_hash), params(params),
-            body(body), seed(random_uint64_t()) {
+            body(body) {

    }

@ -136,7 +136,7 @@ struct http_req {
        nlohmann::json content = nlohmann::json::parse(serialized_content);
        route_hash = content["route_hash"];
        body = content["body"];
-        seed = content["seed"];
+        metadata = content.count("metadata") != 0 ? content["metadata"] : "";

        for (nlohmann::json::iterator it = content["params"].begin(); it != content["params"].end(); ++it) {
            params.emplace(it.key(), it.value());
@ -150,16 +150,10 @@ struct http_req {
        content["route_hash"] = route_hash;
        content["params"] = params;
        content["body"] = body;
-        content["seed"] = seed;
+        content["metadata"] = metadata;

        return content.dump();
    }
-
-    uint64_t random_uint64_t() {
-        thread_local std::mt19937 rg(std::random_device{}());
-        thread_local std::uniform_int_distribution<uint64_t> pick(0, std::numeric_limits<uint64_t>::max());
-        return pick(rg);
-    }
 };

 struct request_response {
--- a/include/string_utils.h
+++ b/include/string_utils.h
@ -234,7 +234,7 @@ struct StringUtils {
        return hash != std::numeric_limits<uint64_t>::max() ? hash : (std::numeric_limits<uint64_t>::max()-1);
    }

-    static std::string randstring(size_t length, uint64_t seed);
+    static std::string randstring(size_t length);

    static std::string hmac(const std::string& key, const std::string& msg);
 };
--- a/src/core_api.cpp
+++ b/src/core_api.cpp
@ -894,7 +894,7 @@ bool post_create_key(http_req &req, http_res &res) {
        return false;
    }

-    const std::string &rand_key = StringUtils::randstring(AuthManager::KEY_LEN, req.seed);
+    const std::string &rand_key = req.metadata;

    api_key_t api_key(
        rand_key,
--- a/src/http_server.cpp
+++ b/src/http_server.cpp
@ -6,6 +6,7 @@
 #include <signal.h>
 #include <h2o.h>
 #include <iostream>
+#include <auth_manager.h>
 #include "raft_server.h"
 #include "logger.h"

@ -371,6 +372,12 @@ int HttpServer::catch_all_handler(h2o_handler_t *_self, h2o_req_t *req) {
        }

        // routes match and is an authenticated request
+        // do any additional pre-request middleware operations here
+        if(rpath->action == "keys:create") {
+            // we enrich incoming request with a random API key here so that leader and replicas will use the same key
+            request->metadata = StringUtils::randstring(AuthManager::KEY_LEN);
+        }
+
        // for writes, we defer to replication_state
        if(http_method != "GET") {
            self->http_server->get_replication_state()->write(request, response);
--- a/src/string_utils.cpp
+++ b/src/string_utils.cpp
@ -52,19 +52,19 @@ void StringUtils::unicode_normalize(std::string & str) const {
    str.assign(lower_and_no_special_chars(out.str()));
 }

-std::string StringUtils::randstring(size_t length, uint64_t seed) {
+std::string StringUtils::randstring(size_t length) {
    static auto& chrs = "0123456789"
                        "abcdefghijklmnopqrstuvwxyz"
                        "ABCDEFGHIJKLMNOPQRSTUVWXYZ";

-    thread_local static std::mt19937_64 mt_rand(seed);
+    thread_local std::mt19937 rg(std::random_device{}());
+    thread_local std::uniform_int_distribution<uint32_t> pick(0, sizeof(chrs) - 2);

    std::string s;
    s.reserve(length);

    while(length--) {
-        size_t index = (mt_rand() % (sizeof(chrs) - 1));
-        s += chrs[index];
+        s += chrs[pick(rg)];
    }

    return s;
--- a/src/typesense_server_utils.cpp
+++ b/src/typesense_server_utils.cpp
@ -158,9 +158,12 @@ int init_logger(Config & config, const std::string & server_version) {

        std::string log_path = log_dir + "/" + "typesense.log";

-        // will log level INFO and up to the given log file
+        // will log levels INFO **and above** to the given log file
        google::SetLogDestination(google::INFO, log_path.c_str());

+        // don't create symlink for INFO log
+        google::SetLogSymlink(google::INFO, "");
+
        // don't create separate log files for each level
        google::SetLogDestination(google::WARNING, "");
        google::SetLogDestination(google::ERROR, "");