예제 #1
0
def list_volume_coordinators( config, volume_id ):
    """
    Find all the gateways for a given volume that can coordinate writes
    """
    gateway_cert_paths = certs.list_gateway_cert_paths( config )
    ret = []

    for path in gateway_cert_paths:
       
        gateway_cert = None 

        try:
            with open(path, "r") as f:
                cert_bin = f.read()

            gateway_cert = ms_pb2.ms_gateway_cert()
            gateway_cert.ParseFromString( cert_bin )

        except Exception, e:
            log.exception(e)
            log.error("Failed to load '%s'" % path)
            return None

        if gateway_cert.volume_id != volume_id:
            continue

        if (gateway_cert.caps & (ms_pb2.ms_gateway_cert.CAP_COORDINATE)) == 0:
            continue 

        log.debug("%s can coordinate" % gateway_cert.name)
        ret.append( gateway_cert )
예제 #2
0
def gateway_cert_fetch(ms_url, gateway_name_or_id, downloader_path):
    """
    Use a helper program to go and fetch a gateway certificate.
    Return the cert on success.
    Return None on error.
    """
    if not os.path.exists(downloader_path):
        log.error("'%s' does not exist" % downloader_path)
        return None

    downloader = subprocess.Popen(
        [downloader_path, ms_url,
         str(gateway_name_or_id)],
        shell=False,
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE)
    cert_out, cert_err = downloader.communicate()
    downloader.wait()

    if len(cert_err.strip()) != 0:
        log.error("Gateway cert downloader errors:\n%s" % cert_err)

    try:
        gateway_cert = ms_pb2.ms_gateway_cert()
        gateway_cert.ParseFromString(cert_out)
    except Exception:
        log.error("Invalid gateway certificate for %s (from %s)" %
                  (str(gateway_name_or_id), ms_url))
        return None

    return gateway_cert
예제 #3
0
def list_volume_gateways_by_host(config, volume_id, hostname):
    """
    Find all gateway certs in a volume with the given hostname.
    Only applies to gateways generated by this amd server.
    """
    gateway_cert_paths = certs.list_gateway_cert_paths(config)
    ret = []

    for path in gateway_cert_paths:

        gateway_cert = None

        try:
            with open(path, "r") as f:
                cert_bin = f.read()

            gateway_cert = ms_pb2.ms_gateway_cert()
            gateway_cert.ParseFromString(cert_bin)

        except Exception, e:
            log.exception(e)
            log.error("Failed to load '%s'" % path)
            return None

        if gateway_cert.volume_id != volume_id:
            continue

        if gateway_cert.host != hostname:
            continue

        log.debug("%s on %s" % (gateway_cert.name, hostname))
        ret.append(gateway_cert)
예제 #4
0
def list_volume_coordinators(config, volume_id):
    """
    Find all the gateways for a given volume that can coordinate writes
    """
    gateway_cert_paths = certs.list_gateway_cert_paths(config)
    ret = []

    for path in gateway_cert_paths:

        gateway_cert = None

        try:
            with open(path, "r") as f:
                cert_bin = f.read()

            gateway_cert = ms_pb2.ms_gateway_cert()
            gateway_cert.ParseFromString(cert_bin)

        except Exception, e:
            log.exception(e)
            log.error("Failed to load '%s'" % path)
            return None

        if gateway_cert.volume_id != volume_id:
            continue

        if (gateway_cert.caps & (ms_pb2.ms_gateway_cert.CAP_COORDINATE)) == 0:
            continue

        log.debug("%s can coordinate" % gateway_cert.name)
        ret.append(gateway_cert)
예제 #5
0
def list_volume_gateways_by_host(config, volume_id, hostname):
    """
    Find all gateway certs in a volume with the given hostname.
    Only applies to gateways generated by this amd server.
    """
    gateway_cert_paths = certs.list_gateway_cert_paths(config)
    ret = []

    for path in gateway_cert_paths:

        gateway_cert = None

        try:
            with open(path, "r") as f:
                cert_bin = f.read()

            gateway_cert = ms_pb2.ms_gateway_cert()
            gateway_cert.ParseFromString(cert_bin)

        except Exception, e:
            log.exception(e)
            log.error("Failed to load '%s'" % path)
            return None

        if gateway_cert.volume_id != volume_id:
            continue

        if gateway_cert.host != hostname:
            continue

        log.debug("%s on %s" % (gateway_cert.name, hostname))
        ret.append(gateway_cert)
예제 #6
0
def gateway_cert_fetch(ms_url, gateway_name_or_id, downloader_path):
    """
    Use a helper program to go and fetch a gateway certificate.
    Return the cert on success.
    Return None on error.
    """
    if not os.path.exists(downloader_path):
        log.error("'%s' does not exist" % downloader_path)
        return None

    downloader = subprocess.Popen(
        [downloader_path, ms_url, str(gateway_name_or_id)], shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE
    )
    cert_out, cert_err = downloader.communicate()
    downloader.wait()

    if len(cert_err.strip()) != 0:
        log.error("Gateway cert downloader errors:\n%s" % cert_err)

    try:
        gateway_cert = ms_pb2.ms_gateway_cert()
        gateway_cert.ParseFromString(cert_out)
    except Exception, e:
        log.error("Invalid gateway certificate for %s (from %s)" % (str(gateway_name_or_id), ms_url))
        return None
예제 #7
0
def list_gateways_by_type( config, volume_id, gateway_type_str ):
    """
    Find all the gateways for a given volume with a particular type.
    The type should be a type alias, like "UG" or "RG" or "AG"
    Return the list of gateway certs on success.
    Raise on error
    """
    gateway_cert_paths = certs.list_gateway_cert_paths( config )
    ret = []
    
    type_aliases = object_stub.load_gateway_type_aliases( config )
    if type_aliases is None:
        raise Exception("Missing gateway type aliases")

    gateway_type = type_aliases.get(gateway_type_str, None)
    if gateway_type is None:
        raise ValueError("Unknown gateway type alias '%s'" % gateway_type_str )

    for path in gateway_cert_paths:
       
        gateway_cert = None 

        try:
            with open(path, "r") as f:
                cert_bin = f.read()

            gateway_cert = ms_pb2.ms_gateway_cert()
            gateway_cert.ParseFromString( cert_bin )

        except Exception, e:
            log.exception(e)
            log.error("Failed to load '%s'" % path)
            return None

        if gateway_cert.volume_id != volume_id:
            continue

        if gateway_cert.gateway_type != gateway_type:
            continue 

        log.debug("%s is type %s" % (gateway_cert.name, gateway_type))
        ret.append( gateway_cert )
예제 #8
0
def list_gateways_by_type(config, volume_id, gateway_type_str):
    """
    Find all the gateways for a given volume with a particular type.
    The type should be a type alias, like "UG" or "RG" or "AG"
    Return the list of gateway certs on success.
    Raise on error
    """
    gateway_cert_paths = certs.list_gateway_cert_paths(config)
    ret = []

    type_aliases = object_stub.load_gateway_type_aliases(config)
    if type_aliases is None:
        raise Exception("Missing gateway type aliases")

    gateway_type = type_aliases.get(gateway_type_str, None)
    if gateway_type is None:
        raise ValueError("Unknown gateway type alias '%s'" % gateway_type_str)

    for path in gateway_cert_paths:

        gateway_cert = None

        try:
            with open(path, "r") as f:
                cert_bin = f.read()

            gateway_cert = ms_pb2.ms_gateway_cert()
            gateway_cert.ParseFromString(cert_bin)

        except Exception, e:
            log.exception(e)
            log.error("Failed to load '%s'" % path)
            return None

        if gateway_cert.volume_id != volume_id:
            continue

        if gateway_cert.gateway_type != gateway_type:
            continue

        log.debug("%s is type %s" % (gateway_cert.name, gateway_type))
        ret.append(gateway_cert)
예제 #9
0
def get_demo_payload(username, password):
    """
    Get the demo payload for this user.
    Return the payload on success
    Return None on error
    """
    try:
        req = requests.get(SIGNUP_URL + '/provision/{}'.format(username), headers={'authorization': 'bearer {}'.format(SIGNUP_AUTH_SECRET)})
        payload = req.json()
    except Exception as e:
        log.exception(e)
        return None

    payload_schema = {
        'type': 'object',
        'properties': {
            'user_pkey': {
                'type': 'string',
            },
            'gateway_pkey': {
                'type': 'string',
            },
            'user_cert': {
                'type': 'string',
            },
            'ug_cert': {
                'type': 'string',
            },
            'rg_cert': {
                'type': 'string',
            },
        },
        'required': [
            'user_pkey',
            'gateway_pkey',
            'user_cert',
            'ug_cert',
            'rg_cert'
        ]
    }

    try:
        jsonschema.validate(payload, payload_schema)
    except jsonschema.ValidationError:
        log.error("Invalid key data: {}".format(keys))
        return None

    # decrypt encrypted fields 
    password = base64.urlsafe_b64encode( base64.b64decode(password) )
    for encrypted_field in ['user_pkey', 'gateway_pkey']:
        f = Fernet(password)
        payload[encrypted_field] = f.decrypt(str(payload[encrypted_field]))

    # parse certificates 
    user_cert = ms_pb2.ms_user_cert()
    ug_cert = ms_pb2.ms_gateway_cert()
    rg_cert = ms_pb2.ms_gateway_cert()

    try:
        user_cert.ParseFromString(base64.b64decode(payload['user_cert']))
        ug_cert.ParseFromString(base64.b64decode(payload['ug_cert']))
        rg_cert.ParseFromString(base64.b64decode(payload['rg_cert']))

        payload['user_cert'] = user_cert
        payload['ug_cert'] = ug_cert
        payload['rg_cert'] = rg_cert

    except Exception as e:
        log.exception(e)
        return None

    return payload
예제 #10
0
def get_demo_payload(username, password):
    """
    Get the demo payload for this user.
    Return the payload on success
    Return None on error
    """
    try:
        req = requests.get(
            SIGNUP_URL + '/provision/{}'.format(username),
            headers={'authorization': 'bearer {}'.format(SIGNUP_AUTH_SECRET)})
        payload = req.json()
    except Exception as e:
        log.exception(e)
        return None

    payload_schema = {
        'type':
        'object',
        'properties': {
            'user_pkey': {
                'type': 'string',
            },
            'gateway_pkey': {
                'type': 'string',
            },
            'user_cert': {
                'type': 'string',
            },
            'ug_cert': {
                'type': 'string',
            },
            'rg_cert': {
                'type': 'string',
            },
        },
        'required':
        ['user_pkey', 'gateway_pkey', 'user_cert', 'ug_cert', 'rg_cert']
    }

    try:
        jsonschema.validate(payload, payload_schema)
    except jsonschema.ValidationError:
        log.error("Invalid key data: {}".format(keys))
        return None

    # decrypt encrypted fields
    password = base64.urlsafe_b64encode(base64.b64decode(password))
    for encrypted_field in ['user_pkey', 'gateway_pkey']:
        f = Fernet(password)
        payload[encrypted_field] = f.decrypt(str(payload[encrypted_field]))

    # parse certificates
    user_cert = ms_pb2.ms_user_cert()
    ug_cert = ms_pb2.ms_gateway_cert()
    rg_cert = ms_pb2.ms_gateway_cert()

    try:
        user_cert.ParseFromString(base64.b64decode(payload['user_cert']))
        ug_cert.ParseFromString(base64.b64decode(payload['ug_cert']))
        rg_cert.ParseFromString(base64.b64decode(payload['rg_cert']))

        payload['user_cert'] = user_cert
        payload['ug_cert'] = ug_cert
        payload['rg_cert'] = rg_cert

    except Exception as e:
        log.exception(e)
        return None

    return payload