コード例 #1
0
ファイル: re6stnet.py プロジェクト: tiwariayush/slapos
def checkService(args, can_bang=True):
  base_token_path = args['token_base_path']
  token_dict = loadJsonFile(args['token_json'])

  if not token_dict:
    return

  db = getDb(args['db'])
  call_bang = False

  computer_guid = args['computer_id']
  partition_id = args['partition_id']
  slap = slapos.slap.slap()
  client = registry.RegistryClient(args['registry_url'])
  ca = client.getCa()
  network = x509.networkFromCa(crypto.load_certificate(crypto.FILETYPE_PEM, ca))

  # Check token status
  for slave_reference, token in token_dict.iteritems():
    status_file = os.path.join(base_token_path, '%s.status' % slave_reference)
    ipv6_file = os.path.join(base_token_path, '%s.ipv6' % slave_reference)
    if not os.path.exists(status_file):
      # This token is not added yet!
      continue

    msg = readFile(status_file)
    if msg == 'TOKEN_USED':
      dumpIPv6Network(slave_reference, db, network, ipv6_file)
      continue

    # Check if token is not in the database
    status = False
    try:
        token_found, = db.execute("SELECT token FROM token WHERE token = ?",
            (token,)).next()
        if token_found == token:
          status = True
    except StopIteration:
        pass
    if not status:
      # Token is used to register client
      call_bang = True
      try:
        writeFile(status_file, 'TOKEN_USED')
        dumpIPv6Network(slave_reference, db, network, ipv6_file)
        log.info("Token status of %s updated to 'used'." % slave_reference)
      except IOError:
        # XXX- this file should always exists
        log.debug('Error when writing in file %s. Clould not update status of %s...' %
                              (status_file, slave_reference))

  if call_bang and can_bang:
    bang(args)
コード例 #2
0
ファイル: re6stnet.py プロジェクト: gvsurenderreddy/slapos
def checkService(args, can_bang=True):
  base_token_path = args['token_base_path']
  token_dict = loadJsonFile(args['token_json'])

  if not token_dict:
    return

  db = getDb(args['db'])
  call_bang = False

  computer_guid = args['computer_id']
  partition_id = args['partition_id']
  slap = slapos.slap.slap()
  client = registry.RegistryClient(args['registry_url'])
  ca = client.getCa()
  network = x509.networkFromCa(crypto.load_certificate(crypto.FILETYPE_PEM, ca))

  sock = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)

  peer_prefix_list = [prefix for prefix in
    iterRoutes("/var/run/re6stnet/babeld.sock", network)]


  # Check token status
  for slave_reference, token in token_dict.iteritems():
    status_file = os.path.join(base_token_path, '%s.status' % slave_reference)
    ipv6_file = os.path.join(base_token_path, '%s.ipv6' % slave_reference)
    ipv4_file = os.path.join(base_token_path, '%s.ipv4' % slave_reference)
    if not os.path.exists(status_file):
      # This token is not added yet!
      log.info("Token %s dont exist yet." % status_file)
      continue

    msg = readFile(status_file)
    log.info("Token %s has %s State." % (status_file, msg))
    if msg == 'TOKEN_USED':
      log.info("Dumping ipv6...")
      ipv6, ipv6_prefix, ipv6_changed = dumpIPv6Network(slave_reference, db, network, ipv6_file)
      log.info("%s, IPV6 = %s, IPV6_PREFIX = %s" % (slave_reference, ipv6, ipv6_prefix))
      _, ipv4_changed = dumpIPv4Network(ipv6_prefix, network, ipv4_file, sock, peer_prefix_list)
      if ipv4_changed or ipv6_changed:
        call_bang = True
      continue

    # Check if token is not in the database
    status = False
    try:
        token_found, = db.execute("SELECT token FROM token WHERE token = ?",
            (token,)).next()
        if token_found == token:
          status = True
    except StopIteration:
        pass
    if not status:
      # Token is used to register client
      call_bang = True
      try:
        writeFile(status_file, 'TOKEN_USED')
        dumpIPv6Network(slave_reference, db, network, ipv6_file)
        dumpIPv4Network(ipv6_prefix, network, ipv4_file, sock, peer_prefix_list)
        log.info("Token status of %s updated to 'used'." % slave_reference)
      except IOError:
        # XXX- this file should always exists
        log.debug('Error when writing in file %s. Clould not update status of %s...' %
                              (status_file, slave_reference))

  if call_bang and can_bang:
    bang(args)
コード例 #3
0
ファイル: conf.py プロジェクト: xuanyaliang/re6stnet
    # Get CA
    ca = loadCert(s.getCa())
    if config.fingerprint:
        try:
            alg, fingerprint = config.fingerprint.split(':', 1)
            fingerprint = binascii.a2b_hex(fingerprint)
            if hashlib.new(alg).digest_size != len(fingerprint):
                raise ValueError("wrong size")
        except StandardError, e:
            parser.error("invalid fingerprint: %s" % e)
        if x509.fingerprint(ca, alg).digest() != fingerprint:
            sys.exit("CA fingerprint doesn't match")
    else:
        print "WARNING: it is strongly recommended to use --fingerprint option."
    network = x509.networkFromCa(ca)
    if config.is_needed:
        route, err = subprocess.Popen(('ip', '-6', '-o', 'route', 'get',
                                       utils.ipFromBin(network)),
                                      stdout=subprocess.PIPE).communicate()
        sys.exit(err or route and
            utils.binFromIp(route.split()[8]).startswith(network))

    create(ca_path, crypto.dump_certificate(crypto.FILETYPE_PEM, ca))
    if config.ca_only:
        sys.exit()

    reserved = 'CN', 'serial'
    req = crypto.X509Req()
    try:
        with open(cert_path) as f:
コード例 #4
0
def checkService(args, can_bang=True):
    base_token_path = args['token_base_path']
    token_dict = loadJsonFile(args['token_json'])

    if not token_dict:
        return

    db = getDb(args['db'])
    call_bang = False

    computer_guid = args['computer_id']
    partition_id = args['partition_id']
    slap = slapos.slap.slap()
    client = registry.RegistryClient(args['registry_url'])
    ca = client.getCa()
    network = x509.networkFromCa(
        crypto.load_certificate(crypto.FILETYPE_PEM, ca))

    sock = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)

    peer_prefix_list = [
        prefix
        for prefix in iterRoutes("/var/run/re6stnet/babeld.sock", network)
    ]

    # Check token status
    for slave_reference, token in token_dict.iteritems():
        status_file = os.path.join(base_token_path,
                                   '%s.status' % slave_reference)
        ipv6_file = os.path.join(base_token_path, '%s.ipv6' % slave_reference)
        ipv4_file = os.path.join(base_token_path, '%s.ipv4' % slave_reference)
        if not os.path.exists(status_file):
            # This token is not added yet!
            log.info("Token %s dont exist yet." % status_file)
            continue

        msg = readFile(status_file)
        log.info("Token %s has %s State." % (status_file, msg))
        if msg == 'TOKEN_USED':
            log.info("Dumping ipv6...")
            ipv6, ipv6_prefix, ipv6_changed = dumpIPv6Network(
                slave_reference, db, network, ipv6_file)
            log.info("%s, IPV6 = %s, IPV6_PREFIX = %s" %
                     (slave_reference, ipv6, ipv6_prefix))
            _, ipv4_changed = dumpIPv4Network(ipv6_prefix, network, ipv4_file,
                                              sock, peer_prefix_list)
            if ipv4_changed or ipv6_changed:
                call_bang = True
            continue

        # Check if token is not in the database
        status = False
        try:
            token_found, = db.execute(
                "SELECT token FROM token WHERE token = ?", (token, )).next()
            if token_found == token:
                status = True
        except StopIteration:
            pass
        if not status:
            # Token is used to register client
            call_bang = True
            try:
                writeFile(status_file, 'TOKEN_USED')
                dumpIPv6Network(slave_reference, db, network, ipv6_file)
                dumpIPv4Network(ipv6_prefix, network, ipv4_file, sock,
                                peer_prefix_list)
                log.info("Token status of %s updated to 'used'." %
                         slave_reference)
            except IOError:
                # XXX- this file should always exists
                log.debug(
                    'Error when writing in file %s. Clould not update status of %s...'
                    % (status_file, slave_reference))

    if call_bang and can_bang:
        bang(args)
コード例 #5
0
ファイル: conf.py プロジェクト: Nexedi/re6stnet
    # Get CA
    ca = loadCert(s.getCa())
    if config.fingerprint:
        try:
            alg, fingerprint = config.fingerprint.split(':', 1)
            fingerprint = binascii.a2b_hex(fingerprint)
            if hashlib.new(alg).digest_size != len(fingerprint):
                raise ValueError("wrong size")
        except StandardError, e:
            parser.error("invalid fingerprint: %s" % e)
        if x509.fingerprint(ca, alg).digest() != fingerprint:
            sys.exit("CA fingerprint doesn't match")
    else:
        print "WARNING: it is strongly recommended to use --fingerprint option."
    network = x509.networkFromCa(ca)
    if config.is_needed:
        route, err = subprocess.Popen(('ip', '-6', '-o', 'route', 'get',
                                       utils.ipFromBin(network)),
                                      stdout=subprocess.PIPE).communicate()
        sys.exit(err or route and
            utils.binFromIp(route.split()[8]).startswith(network))

    create(ca_path, crypto.dump_certificate(crypto.FILETYPE_PEM, ca))
    if config.ca_only:
        sys.exit()

    reserved = 'CN', 'serial'
    req = crypto.X509Req()
    try:
        with open(cert_path) as f: