def __init__(self, server_id, conf_dir, prom_export=None):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
:param str prom_export: prometheus export address.
"""
super().__init__(server_id, conf_dir, prom_export=prom_export)
# TODO: add 2 policies
self.path_policy = PathPolicy.from_file(
os.path.join(conf_dir, PATH_POLICY_FILE))
self.signing_key = get_sig_key(self.conf_dir)
self.of_gen_key = kdf(self.config.master_as_key, b"Derive OF Key")
self.hashtree_gen_key = kdf(self.config.master_as_key,
b"Derive hashtree Key")
logging.info(self.config.__dict__)
self._hash_tree = None
self._hash_tree_lock = Lock()
self._next_tree = None
self._init_hash_tree()
self.ifid_state = {}
for ifid in self.ifid2br:
self.ifid_state[ifid] = InterfaceState()
self.ifid_state_lock = RLock()
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.PCB: {
None: self.handle_pcb
},
PayloadClass.IFID: {
None: self.handle_ifid_packet
},
PayloadClass.CERT: {
CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request,
CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply,
CertMgmtType.TRC_REPLY: self.process_trc_reply,
CertMgmtType.TRC_REQ: self.process_trc_request,
},
PayloadClass.PATH: {
PMT.IFSTATE_REQ: self._handle_ifstate_request,
PMT.REVOCATION: self._handle_revocation,
},
}
self.SCMP_PLD_CLASS_MAP = {
SCMPClass.PATH: {
SCMPPathClass.REVOKED_IF: self._handle_scmp_revocation,
},
}
zkid = ZkID.from_values(self.addr.isd_as, self.id,
[(self.addr.host, self._port)]).pack()
self.zk = Zookeeper(self.addr.isd_as, BEACON_SERVICE, zkid,
self.topology.zookeepers)
self.zk.retry("Joining party", self.zk.party_setup)
self.pcb_cache = ZkSharedCache(self.zk, self.ZK_PCB_CACHE_PATH,
self._handle_pcbs_from_zk)
self.revobjs_cache = ZkSharedCache(self.zk, self.ZK_REVOCATIONS_PATH,
self.process_rev_objects)
self.local_rev_cache = ExpiringDict(
1000, HASHTREE_EPOCH_TIME + HASHTREE_EPOCH_TOLERANCE)
self._rev_seg_lock = RLock()
def __init__(
self,
server_id,
conf_dir,
):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
"""
super().__init__(
server_id,
conf_dir,
)
self.interface = None
for border_router in self.topology.get_all_border_routers():
if border_router.name == self.id:
self.interface = border_router.interface
break
assert self.interface is not None
logging.info("Interface: %s", self.interface.__dict__)
self.is_core_router = self.topology.is_core_as
self.of_gen_key = kdf(self.config.master_as_key, b"Derive OF Key")
self.sibra_key = kdf(self.config.master_as_key, b"Derive SIBRA Key")
self.if_states = defaultdict(InterfaceState)
self.revocations = ExpiringDict(1000, self.FWD_REVOCATION_TIMEOUT)
self.pre_ext_handlers = {
SibraExtBase.EXT_TYPE: self.handle_sibra,
TracerouteExt.EXT_TYPE: self.handle_traceroute,
OneHopPathExt.EXT_TYPE: self.handle_one_hop_path,
ExtHopByHopType.SCMP: self.handle_scmp,
}
self.post_ext_handlers = {
SibraExtBase.EXT_TYPE: False,
TracerouteExt.EXT_TYPE: False,
ExtHopByHopType.SCMP: False,
OneHopPathExt.EXT_TYPE: False,
}
self.sibra_state = SibraState(
self.interface.bandwidth, "%s#%s -> %s" %
(self.addr.isd_as, self.interface.if_id, self.interface.isd_as))
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.IFID: {
None: self.process_ifid_request
},
PayloadClass.PATH:
defaultdict(lambda: self.process_path_mgmt_packet),
}
self.SCMP_PLD_CLASS_MAP = {
SCMPClass.PATH: {
SCMPPathClass.REVOKED_IF: self.process_revocation
},
}
self._remote_sock = UDPSocket(
bind=(str(self.interface.addr), self.interface.udp_port),
addr_type=self.interface.addr.TYPE,
)
self._socks.add(self._remote_sock, self.handle_recv)
logging.info("IP %s:%d", self.interface.addr, self.interface.udp_port)
def _get_drkey_secret(self, exp_time):
"""
Get the drkey secret. A new secret is initialized if no secret is found.
:param int exp_time: expiration time of the drkey secret
:return: the according drkey secret
:rtype: DRKeySecretValue
"""
sv = self.drkey_secrets.get(exp_time)
if not sv:
sv = DRKeySecretValue(kdf(self.config.master_as_key, b"Derive DRKey Key"), exp_time)
self.drkey_secrets[sv.exp_time] = sv
return sv
def __init__(self,
server_id,
conf_dir,
spki_cache_dir=GEN_CACHE_PATH,
prom_export=None,
sciond_path=None):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
:param str prom_export: prometheus export address.
:param str sciond_path: path to sciond socket.
"""
super().__init__(server_id,
conf_dir,
spki_cache_dir=spki_cache_dir,
prom_export=prom_export,
sciond_path=sciond_path)
self.config = self._load_as_conf()
self.master_key_0 = get_master_key(self.conf_dir, MASTER_KEY_0)
self.master_key_1 = get_master_key(self.conf_dir, MASTER_KEY_1)
# TODO: add 2 policies
self.path_policy = PathPolicy.from_file(
os.path.join(conf_dir, PATH_POLICY_FILE))
self.signing_key = get_sig_key(self.conf_dir)
self.of_gen_key = kdf(self.master_key_0, b"Derive OF Key")
# Amount of time units a HOF is valid (time unit is EXP_TIME_UNIT).
self.default_hof_exp_time = int(self.config.segment_ttl /
EXP_TIME_UNIT)
self.ifid_state = {}
for ifid in self.ifid2br:
self.ifid_state[ifid] = InterfaceState()
self.ifid_state_lock = RLock()
self.if_revocations = {}
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.PCB: {
PayloadClass.PCB: self.handle_pcb
},
PayloadClass.IFID: {
PayloadClass.IFID: self.handle_ifid_packet
},
PayloadClass.CERT: {
CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request,
CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply,
CertMgmtType.TRC_REPLY: self.process_trc_reply,
CertMgmtType.TRC_REQ: self.process_trc_request,
},
PayloadClass.PATH: {
PMT.IFSTATE_REQ: self._handle_ifstate_request,
PMT.REVOCATION: self._handle_revocation,
},
}
self.SCMP_PLD_CLASS_MAP = {
SCMPClass.PATH: {
SCMPPathClass.REVOKED_IF: self._handle_scmp_revocation,
},
}
zkid = ZkID.from_values(self.addr.isd_as, self.id,
[(self.addr.host, self._port)]).pack()
self.zk = Zookeeper(self.addr.isd_as, self.SERVICE_TYPE, zkid,
self.topology.zookeepers)
self.zk.retry("Joining party", self.zk.party_setup)
self.pcb_cache = ZkSharedCache(self.zk, self.ZK_PCB_CACHE_PATH,
self._handle_pcbs_from_zk)
self.revobjs_cache = ZkSharedCache(self.zk, self.ZK_REVOCATIONS_PATH,
self.process_rev_objects)
self.local_rev_cache = RevCache()
self._rev_seg_lock = RLock()
