nspcc-dev
diff --git a/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎cmd/neofs-node/reputation.go‎
Lines changed: 12 additions & 12 deletions b/‎cmd/neofs-node/reputation.go‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎pkg/services/accounting/server.go‎
Lines changed: 10 additions & 10 deletions b/‎pkg/services/accounting/server.go‎
Lines changed: 10 additions & 10 deletions
@@ -21,6 +21,7 @@ Changelog for NeoFS Node
 - CLI `set-attribute` and `remove-attribute commands to `container` section (#3733)
 - Size-split object is now available even when LINK is unavailable in EC container (#3754)
 - `neofs-adm balance container-status` command (#3693)
+- SN returns unsigned responses to requests with API >= `v2.22` (#XXX)
 
 ### Fixed
 - IR panics at graceful shutdown (#3706)
 
@@ -263,17 +263,17 @@ func (s *reputationServer) makeResponseMetaHeader(st *protostatus.Status) *proto
 	}
 }
 
-func (s *reputationServer) makeLocalResponse(err error) (*protoreputation.AnnounceLocalTrustResponse, error) {
+func (s *reputationServer) makeLocalResponse(err error, req *protoreputation.AnnounceLocalTrustRequest) (*protoreputation.AnnounceLocalTrustResponse, error) {
 	resp := &protoreputation.AnnounceLocalTrustResponse{
 		MetaHeader: s.makeResponseMetaHeader(util.ToStatus(err)),
 	}
-	resp.VerifyHeader = util.SignResponse(&s.key.PrivateKey, resp)
+	resp.VerifyHeader = util.SignResponseIfNeeded(&s.key.PrivateKey, resp, req)
 	return resp, nil
 }
 
 func (s *reputationServer) AnnounceLocalTrust(ctx context.Context, req *protoreputation.AnnounceLocalTrustRequest) (*protoreputation.AnnounceLocalTrustResponse, error) {
 	if err := icrypto.VerifyRequestSignatures(req); err != nil {
-		return s.makeLocalResponse(err)
+		return s.makeLocalResponse(err, req)
 	}
 
 	passedRoute := reverseRoute(req.GetVerifyHeader())
@@ -288,30 +288,30 @@ func (s *reputationServer) AnnounceLocalTrust(ctx context.Context, req *protorep
 
 	w, err := s.localRouter.InitWriter(reputationrouter.NewRouteContext(eCtx, passedRoute))
 	if err != nil {
-		return s.makeLocalResponse(fmt.Errorf("could not initialize local trust writer: %w", err))
+		return s.makeLocalResponse(fmt.Errorf("could not initialize local trust writer: %w", err), req)
 	}
 
 	for _, trust := range body.GetTrusts() {
 		err = s.processLocalTrust(body.GetEpoch(), apiToLocalTrust(trust, passedRoute[0].PublicKey()), passedRoute, w)
 		if err != nil {
-			return s.makeLocalResponse(fmt.Errorf("could not write one of local trusts: %w", err))
+			return s.makeLocalResponse(fmt.Errorf("could not write one of local trusts: %w", err), req)
 		}
 	}
 
-	return s.makeLocalResponse(util.StatusOKErr)
+	return s.makeLocalResponse(util.StatusOKErr, req)
 }
 
-func (s *reputationServer) makeIntermediateResponse(err error) (*protoreputation.AnnounceIntermediateResultResponse, error) {
+func (s *reputationServer) makeIntermediateResponse(err error, req *protoreputation.AnnounceIntermediateResultRequest) (*protoreputation.AnnounceIntermediateResultResponse, error) {
 	resp := &protoreputation.AnnounceIntermediateResultResponse{
 		MetaHeader: s.makeResponseMetaHeader(util.ToStatus(err)),
 	}
-	resp.VerifyHeader = util.SignResponse(&s.key.PrivateKey, resp)
+	resp.VerifyHeader = util.SignResponseIfNeeded(&s.key.PrivateKey, resp, req)
 	return resp, nil
 }
 
 func (s *reputationServer) AnnounceIntermediateResult(ctx context.Context, req *protoreputation.AnnounceIntermediateResultRequest) (*protoreputation.AnnounceIntermediateResultResponse, error) {
 	if err := icrypto.VerifyRequestSignatures(req); err != nil {
-		return s.makeIntermediateResponse(err)
+		return s.makeIntermediateResponse(err, req)
 	}
 
 	passedRoute := reverseRoute(req.GetVerifyHeader())
@@ -323,7 +323,7 @@ func (s *reputationServer) AnnounceIntermediateResult(ctx context.Context, req *
 
 	w, err := s.intermediateRouter.InitWriter(reputationrouter.NewRouteContext(eiCtx, passedRoute))
 	if err != nil {
-		return s.makeIntermediateResponse(fmt.Errorf("could not initialize trust writer: %w", err))
+		return s.makeIntermediateResponse(fmt.Errorf("could not initialize trust writer: %w", err), req)
 	}
 
 	v2Trust := body.GetTrust()
@@ -332,10 +332,10 @@ func (s *reputationServer) AnnounceIntermediateResult(ctx context.Context, req *
 
 	err = w.Write(trust)
 	if err != nil {
-		return s.makeIntermediateResponse(fmt.Errorf("could not write trust: %w", err))
+		return s.makeIntermediateResponse(fmt.Errorf("could not write trust: %w", err), req)
 	}
 
-	return s.makeIntermediateResponse(util.StatusOKErr)
+	return s.makeIntermediateResponse(util.StatusOKErr, req)
 }
 
 func (s *reputationServer) processLocalTrust(epoch uint64, t reputation.Trust,
 
@@ -46,7 +46,7 @@ func New(s *ecdsa.PrivateKey, net netmap.State, c BalanceContract) protoaccounti
 	}
 }
 
-func (s *server) makeBalanceResponse(body *protoaccounting.BalanceResponse_Body, st *protostatus.Status) (*protoaccounting.BalanceResponse, error) {
+func (s *server) makeBalanceResponse(body *protoaccounting.BalanceResponse_Body, st *protostatus.Status, req *protoaccounting.BalanceRequest) (*protoaccounting.BalanceResponse, error) {
 	resp := &protoaccounting.BalanceResponse{
 		Body: body,
 		MetaHeader: &protosession.ResponseMetaHeader{
@@ -55,41 +55,41 @@ func (s *server) makeBalanceResponse(body *protoaccounting.BalanceResponse_Body,
 			Status:  st,
 		},
 	}
-	resp.VerifyHeader = util.SignResponse(s.signer, resp)
+	resp.VerifyHeader = util.SignResponseIfNeeded(s.signer, resp, req)
 	return resp, nil
 }
 
-func (s *server) makeFailedBalanceResponse(err error) (*protoaccounting.BalanceResponse, error) {
-	return s.makeBalanceResponse(nil, util.ToStatus(err))
+func (s *server) makeFailedBalanceResponse(err error, req *protoaccounting.BalanceRequest) (*protoaccounting.BalanceResponse, error) {
+	return s.makeBalanceResponse(nil, util.ToStatus(err), req)
 }
 
 // Balance gets current balance of the requested user using underlying
 // [BalanceContract] and returns result in the response.
 func (s *server) Balance(_ context.Context, req *protoaccounting.BalanceRequest) (*protoaccounting.BalanceResponse, error) {
 	if err := icrypto.VerifyRequestSignatures(req); err != nil {
-		return s.makeFailedBalanceResponse(err)
+		return s.makeFailedBalanceResponse(err, nil)
 	}
 
 	mUsr := req.GetBody().GetOwnerId()
 	if mUsr == nil {
-		return s.makeFailedBalanceResponse(errors.New("missing account"))
+		return s.makeFailedBalanceResponse(errors.New("missing account"), req)
 	}
 	var id user.ID
 	if err := id.FromProtoMessage(mUsr); err != nil {
-		return s.makeFailedBalanceResponse(fmt.Errorf("invalid account: %w", err))
+		return s.makeFailedBalanceResponse(fmt.Errorf("invalid account: %w", err), req)
 	}
 
 	bal, err := s.contract.BalanceOf(id)
 	if err != nil {
-		return s.makeFailedBalanceResponse(err)
+		return s.makeFailedBalanceResponse(err, req)
 	}
 	ds, err := s.contract.Decimals()
 	if err != nil {
-		return s.makeFailedBalanceResponse(err)
+		return s.makeFailedBalanceResponse(err, req)
 	}
 
 	body := &protoaccounting.BalanceResponse_Body{
 		Balance: &protoaccounting.Decimal{Value: bal.Int64(), Precision: ds},
 	}
-	return s.makeBalanceResponse(body, util.StatusOK)
+	return s.makeBalanceResponse(body, util.StatusOK, req)
 }
Original file line number	Diff line number	Diff line change
`@@ -263,17 +263,17 @@ func (s reputationServer) makeResponseMetaHeader(st protostatus.Status) *proto`
`263`	`263`	`}`
`264`	`264`	`}`
`265`	`265`
`266`		`-func (s reputationServer) makeLocalResponse(err error) (protoreputation.AnnounceLocalTrustResponse, error) {`
	`266`	`+func (s reputationServer) makeLocalResponse(err error, req protoreputation.AnnounceLocalTrustRequest) (*protoreputation.AnnounceLocalTrustResponse, error) {`
`267`	`267`	`resp := &protoreputation.AnnounceLocalTrustResponse{`
`268`	`268`	`MetaHeader: s.makeResponseMetaHeader(util.ToStatus(err)),`
`269`	`269`	`}`
`270`		`- resp.VerifyHeader = util.SignResponse(&s.key.PrivateKey, resp)`
	`270`	`+ resp.VerifyHeader = util.SignResponseIfNeeded(&s.key.PrivateKey, resp, req)`
`271`	`271`	`return resp, nil`
`272`	`272`	`}`
`273`	`273`
`274`	`274`	`func (s reputationServer) AnnounceLocalTrust(ctx context.Context, req protoreputation.AnnounceLocalTrustRequest) (*protoreputation.AnnounceLocalTrustResponse, error) {`
`275`	`275`	`if err := icrypto.VerifyRequestSignatures(req); err != nil {`
`276`		`- return s.makeLocalResponse(err)`
	`276`	`+ return s.makeLocalResponse(err, req)`
`277`	`277`	`}`
`278`	`278`
`279`	`279`	`passedRoute := reverseRoute(req.GetVerifyHeader())`
`@@ -288,30 +288,30 @@ func (s reputationServer) AnnounceLocalTrust(ctx context.Context, req protorep`
`288`	`288`
`289`	`289`	`w, err := s.localRouter.InitWriter(reputationrouter.NewRouteContext(eCtx, passedRoute))`
`290`	`290`	`if err != nil {`
`291`		`- return s.makeLocalResponse(fmt.Errorf("could not initialize local trust writer: %w", err))`
	`291`	`+ return s.makeLocalResponse(fmt.Errorf("could not initialize local trust writer: %w", err), req)`
`292`	`292`	`}`
`293`	`293`
`294`	`294`	`for _, trust := range body.GetTrusts() {`
`295`	`295`	`err = s.processLocalTrust(body.GetEpoch(), apiToLocalTrust(trust, passedRoute[0].PublicKey()), passedRoute, w)`
`296`	`296`	`if err != nil {`
`297`		`- return s.makeLocalResponse(fmt.Errorf("could not write one of local trusts: %w", err))`
	`297`	`+ return s.makeLocalResponse(fmt.Errorf("could not write one of local trusts: %w", err), req)`
`298`	`298`	`}`
`299`	`299`	`}`
`300`	`300`
`301`		`- return s.makeLocalResponse(util.StatusOKErr)`
	`301`	`+ return s.makeLocalResponse(util.StatusOKErr, req)`
`302`	`302`	`}`
`303`	`303`
`304`		`-func (s reputationServer) makeIntermediateResponse(err error) (protoreputation.AnnounceIntermediateResultResponse, error) {`
	`304`	`+func (s reputationServer) makeIntermediateResponse(err error, req protoreputation.AnnounceIntermediateResultRequest) (*protoreputation.AnnounceIntermediateResultResponse, error) {`
`305`	`305`	`resp := &protoreputation.AnnounceIntermediateResultResponse{`
`306`	`306`	`MetaHeader: s.makeResponseMetaHeader(util.ToStatus(err)),`
`307`	`307`	`}`
`308`		`- resp.VerifyHeader = util.SignResponse(&s.key.PrivateKey, resp)`
	`308`	`+ resp.VerifyHeader = util.SignResponseIfNeeded(&s.key.PrivateKey, resp, req)`
`309`	`309`	`return resp, nil`
`310`	`310`	`}`
`311`	`311`
`312`	`312`	`func (s reputationServer) AnnounceIntermediateResult(ctx context.Context, req protoreputation.AnnounceIntermediateResultRequest) (*protoreputation.AnnounceIntermediateResultResponse, error) {`
`313`	`313`	`if err := icrypto.VerifyRequestSignatures(req); err != nil {`
`314`		`- return s.makeIntermediateResponse(err)`
	`314`	`+ return s.makeIntermediateResponse(err, req)`
`315`	`315`	`}`
`316`	`316`
`317`	`317`	`passedRoute := reverseRoute(req.GetVerifyHeader())`
`@@ -323,7 +323,7 @@ func (s reputationServer) AnnounceIntermediateResult(ctx context.Context, req `
`323`	`323`
`324`	`324`	`w, err := s.intermediateRouter.InitWriter(reputationrouter.NewRouteContext(eiCtx, passedRoute))`
`325`	`325`	`if err != nil {`
`326`		`- return s.makeIntermediateResponse(fmt.Errorf("could not initialize trust writer: %w", err))`
	`326`	`+ return s.makeIntermediateResponse(fmt.Errorf("could not initialize trust writer: %w", err), req)`
`327`	`327`	`}`
`328`	`328`
`329`	`329`	`v2Trust := body.GetTrust()`
`@@ -332,10 +332,10 @@ func (s reputationServer) AnnounceIntermediateResult(ctx context.Context, req `
`332`	`332`
`333`	`333`	`err = w.Write(trust)`
`334`	`334`	`if err != nil {`
`335`		`- return s.makeIntermediateResponse(fmt.Errorf("could not write trust: %w", err))`
	`335`	`+ return s.makeIntermediateResponse(fmt.Errorf("could not write trust: %w", err), req)`
`336`	`336`	`}`
`337`	`337`
`338`		`- return s.makeIntermediateResponse(util.StatusOKErr)`
	`338`	`+ return s.makeIntermediateResponse(util.StatusOKErr, req)`
`339`	`339`	`}`
`340`	`340`
`341`	`341`	`func (s *reputationServer) processLocalTrust(epoch uint64, t reputation.Trust,`
Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ func New(s *ecdsa.PrivateKey, net netmap.State, c BalanceContract) protoaccounti`
`46`	`46`	`}`
`47`	`47`	`}`
`48`	`48`
`49`		`-func (s server) makeBalanceResponse(body protoaccounting.BalanceResponse_Body, st protostatus.Status) (protoaccounting.BalanceResponse, error) {`
	`49`	`+func (s server) makeBalanceResponse(body protoaccounting.BalanceResponse_Body, st protostatus.Status, req protoaccounting.BalanceRequest) (*protoaccounting.BalanceResponse, error) {`
`50`	`50`	`resp := &protoaccounting.BalanceResponse{`
`51`	`51`	`Body: body,`
`52`	`52`	`MetaHeader: &protosession.ResponseMetaHeader{`
`@@ -55,41 +55,41 @@ func (s server) makeBalanceResponse(body protoaccounting.BalanceResponse_Body,`
`55`	`55`	`Status: st,`
`56`	`56`	`},`
`57`	`57`	`}`
`58`		`- resp.VerifyHeader = util.SignResponse(s.signer, resp)`
	`58`	`+ resp.VerifyHeader = util.SignResponseIfNeeded(s.signer, resp, req)`
`59`	`59`	`return resp, nil`
`60`	`60`	`}`
`61`	`61`
`62`		`-func (s server) makeFailedBalanceResponse(err error) (protoaccounting.BalanceResponse, error) {`
`63`		`- return s.makeBalanceResponse(nil, util.ToStatus(err))`
	`62`	`+func (s server) makeFailedBalanceResponse(err error, req protoaccounting.BalanceRequest) (*protoaccounting.BalanceResponse, error) {`
	`63`	`+ return s.makeBalanceResponse(nil, util.ToStatus(err), req)`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`// Balance gets current balance of the requested user using underlying`
`67`	`67`	`// [BalanceContract] and returns result in the response.`
`68`	`68`	`func (s server) Balance(_ context.Context, req protoaccounting.BalanceRequest) (*protoaccounting.BalanceResponse, error) {`
`69`	`69`	`if err := icrypto.VerifyRequestSignatures(req); err != nil {`
`70`		`- return s.makeFailedBalanceResponse(err)`
	`70`	`+ return s.makeFailedBalanceResponse(err, nil)`
`71`	`71`	`}`
`72`	`72`
`73`	`73`	`mUsr := req.GetBody().GetOwnerId()`
`74`	`74`	`if mUsr == nil {`
`75`		`- return s.makeFailedBalanceResponse(errors.New("missing account"))`
	`75`	`+ return s.makeFailedBalanceResponse(errors.New("missing account"), req)`
`76`	`76`	`}`
`77`	`77`	`var id user.ID`
`78`	`78`	`if err := id.FromProtoMessage(mUsr); err != nil {`
`79`		`- return s.makeFailedBalanceResponse(fmt.Errorf("invalid account: %w", err))`
	`79`	`+ return s.makeFailedBalanceResponse(fmt.Errorf("invalid account: %w", err), req)`
`80`	`80`	`}`
`81`	`81`
`82`	`82`	`bal, err := s.contract.BalanceOf(id)`
`83`	`83`	`if err != nil {`
`84`		`- return s.makeFailedBalanceResponse(err)`
	`84`	`+ return s.makeFailedBalanceResponse(err, req)`
`85`	`85`	`}`
`86`	`86`	`ds, err := s.contract.Decimals()`
`87`	`87`	`if err != nil {`
`88`		`- return s.makeFailedBalanceResponse(err)`
	`88`	`+ return s.makeFailedBalanceResponse(err, req)`
`89`	`89`	`}`
`90`	`90`
`91`	`91`	`body := &protoaccounting.BalanceResponse_Body{`
`92`	`92`	`Balance: &protoaccounting.Decimal{Value: bal.Int64(), Precision: ds},`
`93`	`93`	`}`
`94`		`- return s.makeBalanceResponse(body, util.StatusOK)`
	`94`	`+ return s.makeBalanceResponse(body, util.StatusOK, req)`
`95`	`95`	`}`