Skip to content

Commit

Permalink
Version 1.1.4
Browse files Browse the repository at this point in the history 
- New authentication mechanism, requires Performa Satellite 1.1.4 or later.
  • Loading branch information
@jhuckaby
jhuckaby committed Jun 26, 2024
1 parent 5d0186b commit 8e6aaa1
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 12 deletions.
2 changes: 1 addition & 1 deletion LICENSE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

The MIT License (MIT)

Copyright (c) 2019 - 2023 Joseph Huckaby
Copyright (c) 2019 - 2024 Joseph Huckaby

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1168,7 +1168,7 @@ This will launch the service without forking a daemon process, and echo the enti

The MIT License (MIT)

Copyright (c) 2019 - 2023 Joseph Huckaby
Copyright (c) 2019 - 2024 Joseph Huckaby

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

Expand Down
42 changes: 34 additions & 8 deletions lib/api/submit.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ module.exports = Class.create({

api_hello: function(args, callback) {
// receive a hello packet from a server
// { version, hostname, group, nonce }
// { version, hostname, group }
var self = this;
var params = args.params;
var group_defs = this.groups;
Expand All @@ -30,8 +30,7 @@ module.exports = Class.create({

if (!this.requireParams(params, {
version: /^1\./,
hostname: /^\S+$/,
nonce: /^\S+$/
hostname: /^\S+$/
}, callback)) return;

// normalize hostname for storage (and sanity)
Expand Down Expand Up @@ -76,15 +75,14 @@ module.exports = Class.create({
// send response with auth token
callback({
code: 0,
nonce: params.nonce,
auth: Tools.digestHex(params.nonce + this.server.config.get('secret_key'), 'sha256'),
version: 2,
commands: server_commands
});
},

api_submit: function(args, callback) {
// receive a data packet from a server
// { version, hostname, group, data }
// { version, hostname, group, data, auth }
var self = this;
var params = args.params;
var group_defs = this.groups;
Expand All @@ -100,13 +98,27 @@ module.exports = Class.create({
if (!this.requireParams(params, {
// date: /^\d+(\.\d+)?$/,
version: /^1\./,
hostname: /^\S+$/
hostname: /^\S+$/,
auth: /\w+$/
}, callback)) return;

if (!params.data) {
return this.doError( 'submit', "Missing required data object", callback );
}

// validate auth token (time-based)
// allow clock drift of up to +/- 1 minute from satellite to server
var time_base = Math.floor( Tools.timeNow(true) / 60 );
var tokens = [
Tools.digestHex('' + Math.floor(time_base - 1) + this.server.config.get('secret_key'), 'sha256'),
Tools.digestHex('' + Math.floor(time_base) + this.server.config.get('secret_key'), 'sha256'),
Tools.digestHex('' + Math.floor(time_base + 1) + this.server.config.get('secret_key'), 'sha256')
];
if ((params.auth != tokens[0]) && (params.auth != tokens[1]) && (params.auth != tokens[2])) {
return this.doError( 'submit', "Invalid authentication token", callback );
}
delete params.auth;

this.logDebug(9, "Received data submission from: " + params.hostname,
this.debugLevel(10) ? params : null
);
Expand Down Expand Up @@ -531,9 +543,23 @@ module.exports = Class.create({
version: /^1\./,
hostname: /^\S+$/,
time_code: /^\d+$/,
source: /^\S+$/
source: /^\S+$/,
auth: /^\w+$/
}, callback)) return;

// validate auth token (time-based)
// allow clock drift of up to +/- 1 minute from satellite to server
var time_base = Math.floor( Tools.timeNow(true) / 60 );
var tokens = [
Tools.digestHex('' + Math.floor(time_base - 1) + this.server.config.get('secret_key'), 'sha256'),
Tools.digestHex('' + Math.floor(time_base) + this.server.config.get('secret_key'), 'sha256'),
Tools.digestHex('' + Math.floor(time_base + 1) + this.server.config.get('secret_key'), 'sha256')
];
if ((params.auth != tokens[0]) && (params.auth != tokens[1]) && (params.auth != tokens[2])) {
return this.doError( 'submit', "Invalid authentication token", callback );
}
delete params.auth;

this.logDebug(9, "Received snapshot submission from: " + params.hostname,
this.debugLevel(10) ? params : null
);
Expand Down
4 changes: 2 additions & 2 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "performa",
"version": "1.1.3",
"version": "1.1.4",
"description": "A multi-server monitoring system with a web based UI.",
"author": "Joseph Huckaby <[email protected]>",
"homepage": "https://github.com/jhuckaby/performa",
Expand Down Expand Up @@ -53,7 +53,7 @@
"pixl-server-api": "^1.0.1",
"pixl-server-user": "^1.0.9",
"pixl-boot": "^2.0.0",
"performa-satellite": "^1.1.3"
"performa-satellite": "^1.1.4"
},
"devDependencies": {
"pixl-unit": "^1.0.9"
Expand Down

0 comments on commit 8e6aaa1

Please sign in to comment.