diff options
author | Tor Brede Vekterli <vekterli@yahooinc.com> | 2023-02-01 14:01:06 +0100 |
---|---|---|
committer | Tor Brede Vekterli <vekterli@yahooinc.com> | 2023-02-01 14:01:06 +0100 |
commit | aff30416394ef6937d4da73dc6fd705224e6ff2b (patch) | |
tree | d72ede16c91654a7faad8e576fa52e1325233389 /node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java | |
parent | 179daa38c12471ec9de4e48ec91865c8a336d8a8 (diff) |
Fail closed when no core dump encryption public key is found
Diffstat (limited to 'node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java index bfc4c09cf9e..98ca77bc66f 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java @@ -180,23 +180,21 @@ public class CoredumpHandler { return coreEncryptionPublicKeyIdFlag.with(FetchVector.Dimension.NODE_TYPE, context.nodeType().name()).value(); } - static OutputStream maybeWrapWithEncryption(OutputStream wrappedStream, Optional<SecretSharedKey> sharedCoreKey) { - return sharedCoreKey - .map(key -> key.makeEncryptionCipher().wrapOutputStream(wrappedStream)) - .orElse(wrappedStream); + static OutputStream wrapWithEncryption(OutputStream wrappedStream, SecretSharedKey sharedCoreKey) { + return sharedCoreKey.makeEncryptionCipher().wrapOutputStream(wrappedStream); } /** * Compresses and, if a key is provided, encrypts core file (and deletes the uncompressed core), then moves * the entire core dump processing directory to {@link #doneCoredumpsPath} for archive */ - private void finishProcessing(NodeAgentContext context, ContainerPath coredumpDirectory, Optional<SecretSharedKey> sharedCoreKey) { + private void finishProcessing(NodeAgentContext context, ContainerPath coredumpDirectory, SecretSharedKey sharedCoreKey) { ContainerPath coreFile = findCoredumpFileInProcessingDirectory(coredumpDirectory); - String extension = COMPRESSED_EXTENSION + (sharedCoreKey.isPresent() ? ENCRYPTED_EXTENSION : ""); + String extension = COMPRESSED_EXTENSION + ENCRYPTED_EXTENSION; ContainerPath compressedCoreFile = coreFile.resolveSibling(coreFile.getFileName() + extension); try (ZstdCompressingInputStream zcis = new ZstdCompressingInputStream(Files.newInputStream(coreFile)); - OutputStream fos = maybeWrapWithEncryption(Files.newOutputStream(compressedCoreFile), sharedCoreKey)) { + OutputStream fos = wrapWithEncryption(Files.newOutputStream(compressedCoreFile), sharedCoreKey)) { zcis.transferTo(fos); } catch (IOException e) { throw new UncheckedIOException(e); @@ -287,11 +285,12 @@ public class CoredumpHandler { dockerImage.ifPresent(metadata::setDockerImage); dockerImage.flatMap(DockerImage::tag).ifPresent(metadata::setVespaVersion); dockerImage.ifPresent(metadata::setDockerImage); - Optional<SecretSharedKey> sharedCoreKey = Optional.of(corePublicKeyFlagValue(context)) + SecretSharedKey sharedCoreKey = Optional.of(corePublicKeyFlagValue(context)) .filter(k -> !k.isEmpty()) .map(KeyId::ofString) - .flatMap(secretSharedKeySupplier::create); - sharedCoreKey.map(key -> key.sealedSharedKey().toTokenString()).ifPresent(metadata::setDecryptionToken); + .flatMap(secretSharedKeySupplier::create) + .orElseThrow(() -> new IllegalStateException("No core dump encryption key provided")); + metadata.setDecryptionToken(sharedCoreKey.sealedSharedKey().toTokenString()); String coreDumpId = coreDumpDirectory.getFileName().toString(); cores.report(context.hostname(), coreDumpId, metadata); |