def list_volume_coordinators( config, volume_id ): """ Find all the gateways for a given volume that can coordinate writes """ gateway_cert_paths = certs.list_gateway_cert_paths( config ) ret = [] for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString( cert_bin ) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if (gateway_cert.caps & (ms_pb2.ms_gateway_cert.CAP_COORDINATE)) == 0: continue log.debug("%s can coordinate" % gateway_cert.name) ret.append( gateway_cert )
def gateway_cert_fetch(ms_url, gateway_name_or_id, downloader_path): """ Use a helper program to go and fetch a gateway certificate. Return the cert on success. Return None on error. """ if not os.path.exists(downloader_path): log.error("'%s' does not exist" % downloader_path) return None downloader = subprocess.Popen( [downloader_path, ms_url, str(gateway_name_or_id)], shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) cert_out, cert_err = downloader.communicate() downloader.wait() if len(cert_err.strip()) != 0: log.error("Gateway cert downloader errors:\n%s" % cert_err) try: gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_out) except Exception: log.error("Invalid gateway certificate for %s (from %s)" % (str(gateway_name_or_id), ms_url)) return None return gateway_cert
def list_volume_gateways_by_host(config, volume_id, hostname): """ Find all gateway certs in a volume with the given hostname. Only applies to gateways generated by this amd server. """ gateway_cert_paths = certs.list_gateway_cert_paths(config) ret = [] for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_bin) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if gateway_cert.host != hostname: continue log.debug("%s on %s" % (gateway_cert.name, hostname)) ret.append(gateway_cert)
def list_volume_coordinators(config, volume_id): """ Find all the gateways for a given volume that can coordinate writes """ gateway_cert_paths = certs.list_gateway_cert_paths(config) ret = [] for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_bin) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if (gateway_cert.caps & (ms_pb2.ms_gateway_cert.CAP_COORDINATE)) == 0: continue log.debug("%s can coordinate" % gateway_cert.name) ret.append(gateway_cert)
def list_volume_gateways_by_host(config, volume_id, hostname): """ Find all gateway certs in a volume with the given hostname. Only applies to gateways generated by this amd server. """ gateway_cert_paths = certs.list_gateway_cert_paths(config) ret = [] for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_bin) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if gateway_cert.host != hostname: continue log.debug("%s on %s" % (gateway_cert.name, hostname)) ret.append(gateway_cert)
def gateway_cert_fetch(ms_url, gateway_name_or_id, downloader_path): """ Use a helper program to go and fetch a gateway certificate. Return the cert on success. Return None on error. """ if not os.path.exists(downloader_path): log.error("'%s' does not exist" % downloader_path) return None downloader = subprocess.Popen( [downloader_path, ms_url, str(gateway_name_or_id)], shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE ) cert_out, cert_err = downloader.communicate() downloader.wait() if len(cert_err.strip()) != 0: log.error("Gateway cert downloader errors:\n%s" % cert_err) try: gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_out) except Exception, e: log.error("Invalid gateway certificate for %s (from %s)" % (str(gateway_name_or_id), ms_url)) return None
def list_gateways_by_type( config, volume_id, gateway_type_str ): """ Find all the gateways for a given volume with a particular type. The type should be a type alias, like "UG" or "RG" or "AG" Return the list of gateway certs on success. Raise on error """ gateway_cert_paths = certs.list_gateway_cert_paths( config ) ret = [] type_aliases = object_stub.load_gateway_type_aliases( config ) if type_aliases is None: raise Exception("Missing gateway type aliases") gateway_type = type_aliases.get(gateway_type_str, None) if gateway_type is None: raise ValueError("Unknown gateway type alias '%s'" % gateway_type_str ) for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString( cert_bin ) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if gateway_cert.gateway_type != gateway_type: continue log.debug("%s is type %s" % (gateway_cert.name, gateway_type)) ret.append( gateway_cert )
def list_gateways_by_type(config, volume_id, gateway_type_str): """ Find all the gateways for a given volume with a particular type. The type should be a type alias, like "UG" or "RG" or "AG" Return the list of gateway certs on success. Raise on error """ gateway_cert_paths = certs.list_gateway_cert_paths(config) ret = [] type_aliases = object_stub.load_gateway_type_aliases(config) if type_aliases is None: raise Exception("Missing gateway type aliases") gateway_type = type_aliases.get(gateway_type_str, None) if gateway_type is None: raise ValueError("Unknown gateway type alias '%s'" % gateway_type_str) for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_bin) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if gateway_cert.gateway_type != gateway_type: continue log.debug("%s is type %s" % (gateway_cert.name, gateway_type)) ret.append(gateway_cert)
def get_demo_payload(username, password): """ Get the demo payload for this user. Return the payload on success Return None on error """ try: req = requests.get(SIGNUP_URL + '/provision/{}'.format(username), headers={'authorization': 'bearer {}'.format(SIGNUP_AUTH_SECRET)}) payload = req.json() except Exception as e: log.exception(e) return None payload_schema = { 'type': 'object', 'properties': { 'user_pkey': { 'type': 'string', }, 'gateway_pkey': { 'type': 'string', }, 'user_cert': { 'type': 'string', }, 'ug_cert': { 'type': 'string', }, 'rg_cert': { 'type': 'string', }, }, 'required': [ 'user_pkey', 'gateway_pkey', 'user_cert', 'ug_cert', 'rg_cert' ] } try: jsonschema.validate(payload, payload_schema) except jsonschema.ValidationError: log.error("Invalid key data: {}".format(keys)) return None # decrypt encrypted fields password = base64.urlsafe_b64encode( base64.b64decode(password) ) for encrypted_field in ['user_pkey', 'gateway_pkey']: f = Fernet(password) payload[encrypted_field] = f.decrypt(str(payload[encrypted_field])) # parse certificates user_cert = ms_pb2.ms_user_cert() ug_cert = ms_pb2.ms_gateway_cert() rg_cert = ms_pb2.ms_gateway_cert() try: user_cert.ParseFromString(base64.b64decode(payload['user_cert'])) ug_cert.ParseFromString(base64.b64decode(payload['ug_cert'])) rg_cert.ParseFromString(base64.b64decode(payload['rg_cert'])) payload['user_cert'] = user_cert payload['ug_cert'] = ug_cert payload['rg_cert'] = rg_cert except Exception as e: log.exception(e) return None return payload
def get_demo_payload(username, password): """ Get the demo payload for this user. Return the payload on success Return None on error """ try: req = requests.get( SIGNUP_URL + '/provision/{}'.format(username), headers={'authorization': 'bearer {}'.format(SIGNUP_AUTH_SECRET)}) payload = req.json() except Exception as e: log.exception(e) return None payload_schema = { 'type': 'object', 'properties': { 'user_pkey': { 'type': 'string', }, 'gateway_pkey': { 'type': 'string', }, 'user_cert': { 'type': 'string', }, 'ug_cert': { 'type': 'string', }, 'rg_cert': { 'type': 'string', }, }, 'required': ['user_pkey', 'gateway_pkey', 'user_cert', 'ug_cert', 'rg_cert'] } try: jsonschema.validate(payload, payload_schema) except jsonschema.ValidationError: log.error("Invalid key data: {}".format(keys)) return None # decrypt encrypted fields password = base64.urlsafe_b64encode(base64.b64decode(password)) for encrypted_field in ['user_pkey', 'gateway_pkey']: f = Fernet(password) payload[encrypted_field] = f.decrypt(str(payload[encrypted_field])) # parse certificates user_cert = ms_pb2.ms_user_cert() ug_cert = ms_pb2.ms_gateway_cert() rg_cert = ms_pb2.ms_gateway_cert() try: user_cert.ParseFromString(base64.b64decode(payload['user_cert'])) ug_cert.ParseFromString(base64.b64decode(payload['ug_cert'])) rg_cert.ParseFromString(base64.b64decode(payload['rg_cert'])) payload['user_cert'] = user_cert payload['ug_cert'] = ug_cert payload['rg_cert'] = rg_cert except Exception as e: log.exception(e) return None return payload