def protobuf_gateway_cert_manifest(self,
manifest,
include_cert=None,
sign=True):
"""
Generate a specially-crafted manifest protobuf, which a gateway can use to learn
the IDs and types of all gateways in the Volume, as well as their certs' versions.
"""
manifest.volume_id = self.volume_id
manifest.coordinator_id = 0
manifest.file_id = 0
manifest.owner_id = 0
manifest.file_version = self.cert_version
manifest.mtime_sec = 0
manifest.mtime_nsec = 0
manifest.fent_mtime_sec = 0
manifest.fent_mtime_nsec = 0
sz = 0
# query certificate versions, types, and caps of all gateways that need to be trusted
listing = Gateway.ListAll(
{
"Gateway.volume_id ==": self.volume_id,
"Gateway.need_cert ==": True
},
projection=["g_id", "gateway_type", "cert_version", "caps"])
# if the caller wants to include a particular gateway's cert, do so
has_included_cert = False
for gateway_metadata in listing:
cert_block = manifest.block_url_set.add()
self.protobuf_gateway_cert_manifest_record(
cert_block, gateway_metadata.g_id,
gateway_metadata.gateway_type, gateway_metadata.caps,
gateway_metadata.cert_version)
logging.info(
"cert block: (%s, %s, %s, %x)" %
(gateway_metadata.gateway_type, gateway_metadata.g_id,
gateway_metadata.cert_version, gateway_metadata.caps))
sz += 1
if gateway_metadata.g_id == include_cert:
has_included_cert = True
if not has_included_cert and include_cert is not None:
# get this gateway's cert as well
gw = Gateway.Read(include_cert)
if gw is not None:
cert_block = manifest.block_url_set.add()
self.protobuf_gateway_cert_manifest_record(
cert_block, gw.g_id, gw.gateway_type, gw.caps,
gw.cert_version)
logging.info("cert block (included for %s): (%s, %s, %s, %x)" %
(include_cert, gw.gateway_type, gw.g_id,
gw.cert_version, gw.caps))
sz += 1
manifest.size = sz
manifest.signature = ""
if sign:
data = manifest.SerializeToString()
sig = self.sign_message(data)
manifest.signature = sig
return
def read_gateway(g_name_or_id):
return Gateway.Read(g_name_or_id)