diff --git a/internal/difc/labels.go b/internal/difc/labels.go index 18f15716..2a11ffdd 100644 --- a/internal/difc/labels.go +++ b/internal/difc/labels.go @@ -167,18 +167,19 @@ func NewSecrecyLabelWithTags(tags []Tag) *SecrecyLabel { return &SecrecyLabel{Label: newLabelWithTags(tags)} } +// getLabel returns the underlying Label, or nil if the receiver or its underlying Label is nil. +func (l *SecrecyLabel) getLabel() *Label { + if l == nil { + return nil + } + return l.Label +} + // CanFlowTo checks if this secrecy label can flow to target // Secrecy semantics: l ⊆ target (this has no tags that target doesn't have) // Data can only flow to contexts with equal or more secrecy tags func (l *SecrecyLabel) CanFlowTo(target *SecrecyLabel) bool { - var srcLabel, targetLabel *Label - if l != nil { - srcLabel = l.Label - } - if target != nil { - targetLabel = target.Label - } - ok, _ := checkFlowHelper(srcLabel, targetLabel, true, "Secrecy") + ok, _ := checkFlowHelper(l.getLabel(), target.getLabel(), true, "Secrecy") return ok } @@ -273,19 +274,12 @@ func checkFlowHelper(srcLabel *Label, targetLabel *Label, checkSubset bool, labe // CheckFlow checks if this secrecy label can flow to target and returns violation details if not func (l *SecrecyLabel) CheckFlow(target *SecrecyLabel) (bool, []Tag) { - var srcLabel, targetLabel *Label - if l != nil { - srcLabel = l.Label - } - if target != nil { - targetLabel = target.Label - } - return checkFlowHelper(srcLabel, targetLabel, true, "Secrecy") + return checkFlowHelper(l.getLabel(), target.getLabel(), true, "Secrecy") } // Clone creates a copy of the secrecy label func (l *SecrecyLabel) Clone() *SecrecyLabel { - if l == nil || l.Label == nil { + if l.getLabel() == nil { return NewSecrecyLabel() } return &SecrecyLabel{Label: l.Label.Clone()} @@ -308,37 +302,31 @@ func NewIntegrityLabelWithTags(tags []Tag) *IntegrityLabel { return &IntegrityLabel{Label: newLabelWithTags(tags)} } +// getLabel returns the underlying Label, or nil if the receiver is nil. +func (l *IntegrityLabel) getLabel() *Label { + if l == nil { + return nil + } + return l.Label +} + // CanFlowTo checks if this integrity label can flow to target // Integrity semantics: l ⊇ target (this has all tags that target has) // For writes: agent must have >= integrity than endpoint // For reads: endpoint must have >= integrity than agent func (l *IntegrityLabel) CanFlowTo(target *IntegrityLabel) bool { - var srcLabel, targetLabel *Label - if l != nil { - srcLabel = l.Label - } - if target != nil { - targetLabel = target.Label - } - ok, _ := checkFlowHelper(srcLabel, targetLabel, false, "Integrity") + ok, _ := checkFlowHelper(l.getLabel(), target.getLabel(), false, "Integrity") return ok } // CheckFlow checks if this integrity label can flow to target and returns violation details if not func (l *IntegrityLabel) CheckFlow(target *IntegrityLabel) (bool, []Tag) { - var srcLabel, targetLabel *Label - if l != nil { - srcLabel = l.Label - } - if target != nil { - targetLabel = target.Label - } - return checkFlowHelper(srcLabel, targetLabel, false, "Integrity") + return checkFlowHelper(l.getLabel(), target.getLabel(), false, "Integrity") } // Clone creates a copy of the integrity label func (l *IntegrityLabel) Clone() *IntegrityLabel { - if l == nil || l.Label == nil { + if l.getLabel() == nil { return NewIntegrityLabel() } return &IntegrityLabel{Label: l.Label.Clone()} diff --git a/internal/logger/rpc_logger.go b/internal/logger/rpc_logger.go index 6087e643..0ae802f0 100644 --- a/internal/logger/rpc_logger.go +++ b/internal/logger/rpc_logger.go @@ -59,41 +59,32 @@ type RPCMessageInfo struct { Error string // Error message if any (for responses) } -// logRPCMessageToAll is a helper that logs RPC messages to text, markdown, and JSONL logs. -// It uses the withGlobalLogger helper from global_helpers.go to handle mutex locking and nil-checking. -func logRPCMessageToAll(direction RPCMessageDirection, messageType RPCMessageType, serverID, method string, payload []byte, err error, agentSecrecy, agentIntegrity []string) { - // Create info for text log (with larger payload preview) - infoText := &RPCMessageInfo{ +// newRPCMessageInfo constructs an RPCMessageInfo with the given parameters, truncating +// the payload preview to maxPayload characters. +func newRPCMessageInfo(direction RPCMessageDirection, messageType RPCMessageType, serverID, method string, payload []byte, err error, maxPayload int) *RPCMessageInfo { + info := &RPCMessageInfo{ Direction: direction, MessageType: messageType, ServerID: serverID, Method: method, PayloadSize: len(payload), - Payload: truncateAndSanitize(string(payload), MaxPayloadPreviewLengthText), + Payload: truncateAndSanitize(string(payload), maxPayload), } - if err != nil { - infoText.Error = err.Error() + info.Error = err.Error() } + return info +} - // Log to text file +// logRPCMessageToAll is a helper that logs RPC messages to text, markdown, and JSONL logs. +// It uses the withGlobalLogger helper from global_helpers.go to handle mutex locking and nil-checking. +func logRPCMessageToAll(direction RPCMessageDirection, messageType RPCMessageType, serverID, method string, payload []byte, err error, agentSecrecy, agentIntegrity []string) { + // Log to text file (with larger payload preview) + infoText := newRPCMessageInfo(direction, messageType, serverID, method, payload, err, MaxPayloadPreviewLengthText) LogDebug("rpc", "%s", formatRPCMessage(infoText)) - // Create info for markdown log (with shorter payload preview) - infoMarkdown := &RPCMessageInfo{ - Direction: direction, - MessageType: messageType, - ServerID: serverID, - Method: method, - PayloadSize: len(payload), - Payload: truncateAndSanitize(string(payload), MaxPayloadPreviewLengthMarkdown), - } - - if err != nil { - infoMarkdown.Error = err.Error() - } - - // Log to markdown file using withGlobalLogger helper + // Log to markdown file (with shorter payload preview) + infoMarkdown := newRPCMessageInfo(direction, messageType, serverID, method, payload, err, MaxPayloadPreviewLengthMarkdown) withGlobalLogger(&globalMarkdownMu, &globalMarkdownLogger, func(logger *MarkdownLogger) { logger.Log(LogLevelDebug, "rpc", "%s", formatRPCMessageMarkdown(infoMarkdown)) })