def process_revocation(self, spkt, from_local_as):
pld = spkt.get_payload()
logging.info("Processing revocation: %s", pld.info)
# First, forward the packet as appropriate.
self.handle_data(spkt, from_local_as)
if from_local_as:
return
# Forward to local path and beacon services if we haven't recently.
rev_info = RevocationInfo.from_raw(pld.info.rev_info)
if rev_info in self.revocations:
return
snames = []
# Fork revocation to local BS and PS if router is downstream of the
# failed interface.
if (spkt.addrs.src.isd_as[0] == self.addr.isd_as[0] and
self._is_downstream_router()):
snames.append(BEACON_SERVICE)
if self.topology.path_servers:
snames.append(PATH_SERVICE)
# Fork revocation to local PS if router is in the AS of the source.
elif (spkt.addrs.dst.isd_as == self.addr.isd_as and
self.topology.path_servers):
snames.append(PATH_SERVICE)
self.revocations[rev_info] = True
for sname in snames:
try:
addr, port = self.dns_query_topo(sname)[0]
except SCIONServiceLookupError:
logging.error("Unable to find %s to forward revocation to.",
sname)
continue
pkt = self._build_packet(addr, dst_port=port,
payload=rev_info.copy())
self.send(pkt, addr, SCION_UDP_EH_DATA_PORT)
def _parse(self, raw):
"""
Parses raw bytes and populates the fields.
"""
data = Raw(raw, self.NAME)
self.if_id, self.hash_chain_idx = struct.unpack("!II", data.pop(8))
self.rev_info = RevocationInfo.from_raw(data.pop())
def _handle_scmp_revocation(self, pld, meta):
rev_info = RevocationInfo.from_raw(pld.info.rev_info)
try:
rev_info.validate()
except SCIONBaseError as e:
logging.warning("Failed to validate SCMP RevInfo from %s: %s\n%s",
meta, e, rev_info.short_desc())
return
self._handle_revocation(CtrlPayload(PathMgmt(rev_info)), meta)
def _rev_entries_handler(self, raw_entries):
for raw in raw_entries:
rev_info = RevocationInfo.from_raw(raw)
try:
rev_info.validate()
except SCIONBaseError as e:
logging.warning("Failed to validate RevInfo from zk: %s\n%s",
e, rev_info.short_desc())
continue
self._remove_revoked_segments(rev_info)
def _handle_scmp_revocation(self, pld, meta):
rev_info = RevocationInfo.from_raw(pld.info.rev_info)
logging.debug("Received revocation via SCMP: %s (from %s)",
rev_info.short_desc(), meta)
try:
rev_info.validate()
except SCIONBaseError as e:
logging.warning("Failed to validate SCMP RevInfo from %s: %s\n%s",
meta, e, rev_info.short_desc())
return
self._process_revocation(rev_info)
def process_rev_objects(self, rev_infos):
"""
Processes revocation infos stored in Zookeeper.
"""
with self._rev_seg_lock:
for raw in rev_infos:
try:
rev_info = RevocationInfo.from_raw(raw)
except SCIONParseError as e:
logging.error(
"Error processing revocation info from ZK: %s", e)
continue
self.local_rev_cache[rev_info] = rev_info.copy()
def _handle_scmp(self, spkt):
scmp_hdr = spkt.l4_hdr
spkt.parse_payload()
if (scmp_hdr.class_ == SCMPClass.PATH
and scmp_hdr.type == SCMPPathClass.REVOKED_IF):
scmp_pld = spkt.get_payload()
rev_info = RevocationInfo.from_raw(scmp_pld.info.rev_info)
logging.info("Received revocation for IF %d." % rev_info.p.ifID)
self.sd.handle_revocation(rev_info, None)
return ResponseRV.RETRY
else:
logging.error("Received SCMP error:\n%s", spkt)
return ResponseRV.FAILURE
def _handle_scmp(self, spkt):
scmp_hdr = spkt.l4_hdr
spkt.parse_payload()
if (scmp_hdr.class_ == SCMPClass.PATH and
scmp_hdr.type == SCMPPathClass.REVOKED_IF):
scmp_pld = spkt.get_payload()
rev_info = RevocationInfo.from_raw(scmp_pld.info.rev_info)
logging.info("Received revocation: %s (from %s)", rev_info.short_desc(), spkt.addrs.src)
lib_sciond.send_rev_notification(
rev_info, connector=self._connector)
return ResponseRV.RETRY
else:
logging.error("Received SCMP error:\n%s", spkt)
return ResponseRV.FAILURE
def _handle_scmp(self, spkt):
scmp_hdr = spkt.l4_hdr
spkt.parse_payload()
if (scmp_hdr.class_ == SCMPClass.PATH
and scmp_hdr.type == SCMPPathClass.REVOKED_IF):
scmp_pld = spkt.get_payload()
rev_info = RevocationInfo.from_raw(scmp_pld.info.rev_info)
logging.info("Received revocation for IF %d." % rev_info.p.ifID)
rev_not = SCIONDRevNotification.from_values(rev_info)
self.api_socket().send(rev_not.pack_full())
return ResponseRV.RETRY
else:
logging.error("Received SCMP error:\n%s", spkt)
return ResponseRV.FAILURE
def process_rev_objects(self, rev_infos):
"""
Processes revocation infos stored in Zookeeper.
"""
with self._rev_seg_lock:
for raw in rev_infos:
try:
rev_info = RevocationInfo.from_raw(raw)
except SCIONParseError as e:
logging.error("Error parsing revocation info from ZK: %s",
e)
continue
try:
rev_info.validate()
except SCIONBaseError as e:
logging.warning(
"Failed to validate RevInfo from zk: %s\n%s", e,
rev_info.short_desc())
continue
self.local_rev_cache[rev_info] = rev_info.copy()
def _handle_scmp_revocation(self, pld, meta):
rev_info = RevocationInfo.from_raw(pld.info.rev_info)
self._handle_revocation(rev_info, meta)
def _rev_entries_handler(self, raw_entries):
for raw in raw_entries:
rev_info = RevocationInfo.from_raw(raw)
self._remove_revoked_segments(rev_info)
def _handle_scmp_revocation(self, pld, meta):
rev_info = RevocationInfo.from_raw(pld.info.rev_info)
logging.debug("Received revocation via SCMP: %s (from %s)",
rev_info.short_desc(), meta)
self._process_revocation(rev_info)
def handle_scmp_revocation(self, pld, meta):
rev_info = RevocationInfo.from_raw(pld.info.rev_info)
self.handle_revocation(CtrlPayload(PathMgmt(rev_info)), meta)