domaininfo: Add a Clear method to clear information for a given domain

This patch adds a Clear method to the domaininfo database, which removes information for the given domain. This can be used to manually make the server forget about a domain, in case there are operational reasons to do so. Today, this is done via chasquid-util (which removes the backing file), but that is hacky, and this is part of replacing it with a cleaner implementation.
2026-01-08 17:51:57 +00:00 · 2023-07-30 11:34:00 +01:00
parent ac1c849a27
commit 764c09e94d
2 changed files with 106 additions and 10 deletions
--- a/internal/domaininfo/domaininfo.go
+++ b/internal/domaininfo/domaininfo.go
@@ -75,7 +75,7 @@ func (db *DB) Reload() error {
 	return nil
 }

-func (db *DB) write(tr *trace.Trace, d *Domain) {
+func (db *DB) write(tr *trace.Trace, d *Domain) error {
 	tr = tr.NewChild("DomainInfo.write", d.Name)
 	defer tr.Finish()

@@ -85,6 +85,7 @@ func (db *DB) write(tr *trace.Trace, d *Domain) {
 	} else {
 		tr.Debugf("saved")
 	}
+	return err
 }

 // IncomingSecLevel checks an incoming security level for the domain.
@@ -158,3 +159,26 @@ func (db *DB) OutgoingSecLevel(tr *trace.Trace, domain string, level SecLevel) b
 		return true
 	}
 }
+
+// Clear sets the security level for the given domain to plain.
+// This can be used for manual overrides in case there's an operational need
+// to do so.
+func (db *DB) Clear(tr *trace.Trace, domain string) bool {
+	tr = tr.NewChild("DomainInfo.SetToPlain", domain)
+	defer tr.Finish()
+
+	db.Lock()
+	defer db.Unlock()
+
+	d, exists := db.info[domain]
+	if !exists {
+		tr.Debugf("does not exist")
+		return false
+	}
+
+	d.IncomingSecLevel = SecLevel_PLAIN
+	d.OutgoingSecLevel = SecLevel_PLAIN
+	db.write(tr, d)
+	tr.Printf("set to plain")
+	return true
+}