Skip to content

Commit

Permalink
Fix /activate to report invalid auth_tag instead of failing silently
Browse files Browse the repository at this point in the history
Signed-off-by: Jean Snyman <git@jsnyman.com>
  • Loading branch information
stringlytyped committed Feb 16, 2024
1 parent 3c8f202 commit 30eb7dc
Showing 1 changed file with 10 additions and 8 deletions.
18 changes: 10 additions & 8 deletions keylime/web/registrar/agents_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@
from keylime.models import RegistrarAgent
from keylime.web.base import Controller

logger = keylime_logging.init_logging("registrar")


class AgentsController(Controller):
# GET /v2[.:minor]/agents/
Expand Down Expand Up @@ -63,11 +61,15 @@ def activate(self, agent_id, auth_tag, **params):
return

accepted = agent.verify_ak_response(auth_tag)
agent.commit_changes()
self.respond(200, "Success")

if not accepted:
logger.warning(
f"Auth tag '{auth_tag}' for agent '{agent_id}' does not match expected value. It will need to be "
f"restarted in order to reattempt registration."
if accepted:
agent.commit_changes()
self.respond(200, "Success")
else:
agent.delete()

self.respond(
400,
f"Auth tag '{auth_tag}' for agent '{agent_id}' does not match expected value. The agent has been "
f"deleted from the database and will need to be restarted to reattempt registration",
)

0 comments on commit 30eb7dc

Please sign in to comment.