Esempio n. 1
0
def get_shared_secret_txn():
    # Load secret from database, if it exists.
    secret_in_db_hex = Config.objects.get_config("rpc_shared_secret")
    if secret_in_db_hex is None:
        secret_in_db = None
    else:
        secret_in_db = to_bin(secret_in_db_hex)
    # Load secret from the filesystem, if it exists.
    secret_on_fs = get_shared_secret_from_filesystem()

    if secret_in_db is None and secret_on_fs is None:
        secret = os.urandom(16)  # 16-bytes of crypto-standard noise.
        Config.objects.set_config("rpc_shared_secret", to_hex(secret))
        set_shared_secret_on_filesystem(secret)
    elif secret_in_db is None:
        secret = secret_on_fs
        Config.objects.set_config("rpc_shared_secret", to_hex(secret))
    elif secret_on_fs is None:
        secret = secret_in_db
        set_shared_secret_on_filesystem(secret)
    elif secret_in_db == secret_on_fs:
        secret = secret_in_db  # or secret_on_fs.
    else:
        raise AssertionError(
            "The secret stored in the database does not match the secret "
            "stored on the filesystem at %s. Please investigate." %
            get_shared_secret_filesystem_path())

    return secret
Esempio n. 2
0
 def test__deals_fine_with_whitespace_in_filesystem_value(self):
     secret = self.write_secret()
     write_text_file(
         security.get_shared_secret_filesystem_path(),
         " %s\n" % security.to_hex(secret),
     )
     self.assertEqual(secret, security.get_shared_secret_from_filesystem())
Esempio n. 3
0
 def test____sets_url(self):
     secret = factory.make_bytes()
     expected_url = factory.make_simple_http_url()
     register_command.run(
         self.make_args(url=expected_url, secret=to_hex(secret)))
     with ClusterConfiguration.open() as config:
         observed = config.maas_url
     self.assertEqual([expected_url], observed)
Esempio n. 4
0
 def test__restarts_maas_rackd_service(self):
     url = factory.make_simple_http_url()
     secret = factory.make_bytes()
     register_command.run(self.make_args(url=url, secret=to_hex(secret)))
     self.assertThat(
         self.mock_call_and_check,
         MockCallsMatch(call(['systemctl', 'stop', 'maas-rackd']),
                        call(['systemctl', 'enable', 'maas-rackd']),
                        call(['systemctl', 'start', 'maas-rackd'])))
Esempio n. 5
0
 def test__show_service_start_error(self):
     url = factory.make_simple_http_url()
     secret = factory.make_bytes()
     register_command.run(self.make_args(url=url, secret=to_hex(secret)))
     mock_call_and_check = self.patch(register_command, 'call_and_check')
     mock_call_and_check.side_effect = [
         call(),
         call(),
         ExternalProcessError(1, 'systemctl start', 'mock error'),
     ]
     mock_stderr = self.patch(register_command.stderr, 'write')
     with ExpectedException(SystemExit):
         register_command.run(self.make_args(url=url,
                                             secret=to_hex(secret)))
     self.assertThat(
         mock_stderr,
         MockCallsMatch(
             call('Unable to enable and start the maas-rackd service.'),
             call('\n'),
             call('Failed with error: mock error.'),
             call('\n'),
         ))
Esempio n. 6
0
 def test__show_service_stop_error(self):
     url = factory.make_simple_http_url()
     secret = factory.make_bytes()
     register_command.run(self.make_args(url=url, secret=to_hex(secret)))
     mock_call_and_check = self.patch(register_command, "call_and_check")
     mock_call_and_check.side_effect = [
         ExternalProcessError(1, "systemctl stop", "mock error"),
         call(),
         call(),
     ]
     mock_stderr = self.patch(register_command.stderr, "write")
     with ExpectedException(SystemExit):
         register_command.run(self.make_args(url=url,
                                             secret=to_hex(secret)))
     self.assertThat(
         mock_stderr,
         MockCallsMatch(
             call("Unable to stop maas-rackd service."),
             call("\n"),
             call("Failed with error: mock error."),
             call("\n"),
         ),
     )
Esempio n. 7
0
    def test___prompts_user_for_url(self):
        expected_url = factory.make_simple_http_url()
        secret = factory.make_bytes()

        stdin = self.patch(register_command, "stdin")
        stdin.isatty.return_value = True

        input = self.patch(register_command, "input")
        input.return_value = expected_url

        register_command.run(self.make_args(url=None, secret=to_hex(secret)))
        with ClusterConfiguration.open() as config:
            observed = config.maas_url

        self.expectThat(input,
                        MockCalledOnceWith("MAAS region controller URL: "))
        self.expectThat([expected_url], Equals(observed))
Esempio n. 8
0
 def write_secret(self):
     secret = factory.make_bytes()
     secret_path = security.get_shared_secret_filesystem_path()
     makedirs(dirname(secret_path), exist_ok=True)
     write_text_file(secret_path, security.to_hex(secret))
     return secret
Esempio n. 9
0
 def test__deletes_maas_id_file(self):
     self.useFixture(MAASIDFixture(factory.make_string()))
     url = factory.make_simple_http_url()
     secret = factory.make_bytes()
     register_command.run(self.make_args(url=url, secret=to_hex(secret)))
     self.assertIsNone(get_maas_id())
Esempio n. 10
0
 def test___sets_secret(self):
     url = factory.make_simple_http_url()
     expected = factory.make_bytes()
     register_command.run(self.make_args(url=url, secret=to_hex(expected)))
     observed = get_shared_secret_from_filesystem()
     self.assertEqual(expected, observed)
Esempio n. 11
0
 def write_secret(self):
     secret = factory.make_bytes()
     secret_path = security.get_shared_secret_filesystem_path()
     secret_path.parent.mkdir(parents=True, exist_ok=True)
     secret_path.write_text(security.to_hex(secret))
     return secret