def __init__(self): # Stores all the registered nonces. self.nonces = {} self.lock = threading.Lock() # Data server credentials. self.server_username = config_lib.CONFIG.Get("Dataserver.server_username") self.server_password = config_lib.CONFIG.Get("Dataserver.server_password") if not self.server_username: raise errors.DataServerError("Dataserver.server_username not provided") if not self.server_password: raise errors.DataServerError("Dataserver.server_password not provided") # Client credentials. self.client_creds = None
def RenewMapping(self): """Ask master server for mapping.""" try: res = self.pool.urlopen("POST", "/server/mapping") if res.status != constants.RESPONSE_OK: raise errors.DataServerError("Could not get server mapping from data " "master.") mapping = rdf_data_server.DataServerMapping.FromSerializedString(res.data) self.handler_cls.SERVICE.SaveServerMapping(mapping) return mapping except urllib3.exceptions.MaxRetryError: raise errors.DataServerError("Error when attempting to communicate with" " data master.")
def HandleHandshake(self): """Return a nonce to either a server or client.""" nonce = self.NONCE_STORE.NewNonce() if not nonce: raise errors.DataServerError("Could not generate new nonces! Too many " "requests and/or clients.") self._Response(constants.RESPONSE_OK, nonce)
def _DoRegister(self): try: username, password = self.handler_cls.NONCE_STORE.GetServerCredentials( ) # First get a nonce. res = self.pool.urlopen("POST", "/server/handshake", "", headers={}) if res.status != constants.RESPONSE_OK: raise errors.DataServerError( "Could not register data server at " "data master.") nonce = res.data token = self.handler_cls.NONCE_STORE.GenerateServerAuthToken(nonce) request = rdf_data_server.DataStoreRegistrationRequest( token=token, port=self.my_port) body = request.SerializeToString() headers = {"Content-Length": len(body)} res = self.pool.urlopen("POST", "/server/register", headers=headers, body=body) if res.status == constants.RESPONSE_SERVER_NOT_AUTHORIZED: raise errors.DataServerError("Wrong server password.") if res.status == constants.RESPONSE_SERVER_NOT_ALLOWED: raise errors.DataServerError( "Server not part of this server group.") if res.status == constants.RESPONSE_NOT_MASTER_SERVER: raise errors.DataServerError( "Server %s:%d is not a master server.", self.master_addr, self.master_port) if res.status != constants.RESPONSE_OK: raise errors.DataServerError( "Could not register data server at data " "master.") logging.info("DataServer fully registered.") id_str = res.data[:sutils.SIZE_PACKER.size] self.index = sutils.SIZE_PACKER.unpack(id_str)[0] creds_str = res.data[sutils.SIZE_PACKER.size:] # Read client credentials so we know who to allow data store access. creds = auth.ClientCredentials() creds.InitializeFromEncryption(creds_str, username, password) self.handler_cls.NONCE_STORE.SetClientCredentials(creds) return True except (urllib3.exceptions.HTTPError, urllib3.exceptions.PoolError): return False
def InitializeFromConfig(self): usernames = config_lib.CONFIG.Get("Dataserver.client_credentials") self.client_users = {} for user_spec in usernames: try: user, pwd, perm = user_spec.split(":", 2) self.client_users[user] = (perm, pwd) except ValueError: raise errors.DataServerError( "User %s from Dataserver.client_credentials is not" " a valid specification" % user_spec)
def InitializeFromConfig(self): usernames = config.CONFIG.Get("Dataserver.client_credentials") self.client_users = {} for user_spec in usernames: try: user, pwd, perm = user_spec.split(":", 2) self.client_users[ user] = data_server.DataServerClientInformation( username=user, password=pwd, permissions=perm) except ValueError: raise errors.DataServerError( "User %s from Dataserver.client_credentials is not" " a valid specification" % user_spec)
def __init__(self): servers = config_lib.CONFIG["Dataserver.server_list"] if not servers: raise errors.DataServerError("List of data servers not available.") master_location = servers[0] loc = urlparse.urlparse(master_location, scheme="http") self.addr = loc.hostname self.port = int(loc.port) self.pool = connectionpool.HTTPConnectionPool(self.addr, port=self.port) self.history_path = os.path.expanduser("~/.grr-data-store-manager") if os.path.exists(self.history_path): readline.read_history_file(self.history_path) self.periodic_thread = None self.mapping = None self.mapping_time = 0
def __init__(self, my_port, handler_cls): servers = config_lib.CONFIG["Dataserver.server_list"] if not servers: raise errors.DataServerError("List of data servers not available.") master_location = servers[0] loc = urlparse.urlparse(master_location, scheme="http") self.index = None self.master_addr = loc.hostname self.master_port = loc.port self.my_port = my_port self.pool = urllib3.connectionpool.HTTPConnectionPool( self.master_addr, port=int(self.master_port), maxsize=1) self.registered = False self.periodic_fail = 0 self.handler_cls = handler_cls
def Register(self): """Attempts to register wth the data master.""" logging.info("Registering with data master at %s:%d.", self.master_addr, self.master_port) started = time.time() while True: if self._DoRegister(): break logging.warning("Failed to connect with master on %s:%d", self.master_addr, self.master_port) if time.time() - started > self.MASTER_RECONNECTION_TIME: raise errors.DataServerError("Could not connect to data master at " "%s:%d" % (self.master_addr, self.master_port)) time.sleep(2) self.registered = True