def __init__(self, server_id, conf_dir):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
"""
super().__init__(server_id, conf_dir)
self.cc_requests = RequestHandler.start(
"CC Requests", self._check_cc, self._fetch_cc, self._reply_cc,
)
self.trc_requests = RequestHandler.start(
"TRC Requests", self._check_trc, self._fetch_trc, self._reply_trc,
)
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.CERT: {
CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request,
CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply,
CertMgmtType.TRC_REQ: self.process_trc_request,
CertMgmtType.TRC_REPLY: self.process_trc_reply,
},
}
zkid = ZkID.from_values(self.addr.isd_as, self.id,
[(self.addr.host, self._port)]).pack()
self.zk = Zookeeper(self.topology.isd_as, CERTIFICATE_SERVICE,
zkid, self.topology.zookeepers)
self.zk.retry("Joining party", self.zk.party_setup)
self.trc_cache = ZkSharedCache(self.zk, self.ZK_TRC_CACHE_PATH,
self._cached_entries_handler)
self.cc_cache = ZkSharedCache(self.zk, self.ZK_CC_CACHE_PATH,
self._cached_entries_handler)
def __init__(self, server_id, conf_dir):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
"""
super().__init__(server_id, conf_dir)
self.cc_requests = RequestHandler.start(
"CC Requests",
self._check_cc,
self._fetch_cc,
self._reply_cc,
)
self.trc_requests = RequestHandler.start(
"TRC Requests",
self._check_trc,
self._fetch_trc,
self._reply_trc,
)
self.drkey_protocol_requests = RequestHandler.start(
"DRKey Requests",
self._check_drkey,
self._fetch_drkey,
self._reply_proto_drkey,
)
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.CERT: {
CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request,
CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply,
CertMgmtType.TRC_REQ: self.process_trc_request,
CertMgmtType.TRC_REPLY: self.process_trc_reply,
},
PayloadClass.DRKEY: {
DRKeyMgmtType.FIRST_ORDER_REQUEST: self.process_drkey_request,
DRKeyMgmtType.FIRST_ORDER_REPLY: self.process_drkey_reply,
},
}
zkid = ZkID.from_values(self.addr.isd_as, self.id,
[(self.addr.host, self._port)]).pack()
self.zk = Zookeeper(self.topology.isd_as, CERTIFICATE_SERVICE, zkid,
self.topology.zookeepers)
self.zk.retry("Joining party", self.zk.party_setup)
self.trc_cache = ZkSharedCache(self.zk, self.ZK_TRC_CACHE_PATH,
self._cached_trcs_handler)
self.cc_cache = ZkSharedCache(self.zk, self.ZK_CC_CACHE_PATH,
self._cached_certs_handler)
self.drkey_cache = ZkSharedCache(self.zk, self.ZK_DRKEY_PATH,
self._cached_drkeys_handler)
lib_sciond.init(
os.path.join(SCIOND_API_SOCKDIR, "sd%s.sock" % self.addr.isd_as))
self.signing_key = get_sig_key(self.conf_dir)
self.private_key = get_enc_key(self.conf_dir)
self.public_key = self.private_key.public_key
self.drkey_secrets = ExpiringDict(DRKEY_MAX_SV, DRKEY_MAX_TTL)
self.first_order_drkeys = ExpiringDict(DRKEY_MAX_KEYS, DRKEY_MAX_TTL)
def __init__(self, server_id, conf_dir, prom_export=None):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
:param str prom_export: prometheus export address.
"""
super().__init__(server_id, conf_dir, prom_export=prom_export)
cc_labels = {**self._labels, "type": "cc"} if self._labels else None
trc_labels = {**self._labels, "type": "trc"} if self._labels else None
drkey_labels = {**self._labels, "type": "drkey"} if self._labels else None
self.cc_requests = RequestHandler.start(
"CC Requests", self._check_cc, self._fetch_cc, self._reply_cc,
labels=cc_labels,
)
self.trc_requests = RequestHandler.start(
"TRC Requests", self._check_trc, self._fetch_trc, self._reply_trc,
labels=trc_labels,
)
self.drkey_protocol_requests = RequestHandler.start(
"DRKey Requests", self._check_drkey, self._fetch_drkey, self._reply_proto_drkey,
labels=drkey_labels,
)
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.CERT: {
CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request,
CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply,
CertMgmtType.TRC_REQ: self.process_trc_request,
CertMgmtType.TRC_REPLY: self.process_trc_reply,
},
PayloadClass.DRKEY: {
DRKeyMgmtType.FIRST_ORDER_REQUEST:
self.process_drkey_request,
DRKeyMgmtType.FIRST_ORDER_REPLY:
self.process_drkey_reply,
},
}
zkid = ZkID.from_values(self.addr.isd_as, self.id,
[(self.addr.host, self._port)]).pack()
self.zk = Zookeeper(self.topology.isd_as, CERTIFICATE_SERVICE,
zkid, self.topology.zookeepers)
self.zk.retry("Joining party", self.zk.party_setup)
self.trc_cache = ZkSharedCache(self.zk, self.ZK_TRC_CACHE_PATH,
self._cached_trcs_handler)
self.cc_cache = ZkSharedCache(self.zk, self.ZK_CC_CACHE_PATH,
self._cached_certs_handler)
self.drkey_cache = ZkSharedCache(self.zk, self.ZK_DRKEY_PATH,
self._cached_drkeys_handler)
self.signing_key = get_sig_key(self.conf_dir)
self.private_key = get_enc_key(self.conf_dir)
self.drkey_secrets = ExpiringDict(DRKEY_MAX_SV, DRKEY_MAX_TTL)
self.first_order_drkeys = ExpiringDict(DRKEY_MAX_KEYS, DRKEY_MAX_TTL)
def __init__(self, server_id, conf_dir):
"""
:param str server_id: server identifier.
:param str conf_dir: configuration directory.
"""
super().__init__(server_id, conf_dir)
self.cc_requests = RequestHandler.start(
"CC Requests",
self._check_cc,
self._fetch_cc,
self._reply_cc,
)
self.trc_requests = RequestHandler.start(
"TRC Requests",
self._check_trc,
self._fetch_trc,
self._reply_trc,
)
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.CERT: {
CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request,
CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply,
CertMgmtType.TRC_REQ: self.process_trc_request,
CertMgmtType.TRC_REPLY: self.process_trc_reply,
},
}
# Add more IPs here if we support dual-stack
name_addrs = "\0".join(
[self.id, str(SCION_UDP_PORT),
str(self.addr.host)])
self.zk = Zookeeper(self.topology.isd_as, CERTIFICATE_SERVICE,
name_addrs, self.topology.zookeepers)
self.zk.retry("Joining party", self.zk.party_setup)
self.trc_cache = ZkSharedCache(self.zk, self.ZK_TRC_CACHE_PATH,
self._cached_entries_handler)
self.cc_cache = ZkSharedCache(self.zk, self.ZK_CC_CACHE_PATH,
self._cached_entries_handler)
def __init__(self,
conf_dir,
addr,
api_addr,
run_local_api=False,
port=None):
"""
Initialize an instance of the class SCIONDaemon.
"""
super().__init__("sciond", conf_dir, host_addr=addr, port=port)
# TODO replace by pathstore instance
self.up_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL,
max_res_no=self.MAX_SEG_NO)
self.down_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL,
max_res_no=self.MAX_SEG_NO)
self.core_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL,
max_res_no=self.MAX_SEG_NO)
self.peer_revs = RevCache()
req_name = "SCIONDaemon Requests %s" % self.addr.isd_as
self.requests = RequestHandler.start(
req_name,
self._check_segments,
self._fetch_segments,
self._reply_segments,
ttl=self.TIMEOUT,
key_map=self._req_key_map,
)
self._api_sock = None
self.daemon_thread = None
os.makedirs(SCIOND_API_SOCKDIR, exist_ok=True)
self.api_addr = (api_addr or os.path.join(
SCIOND_API_SOCKDIR, "%s.sock" % self.addr.isd_as))
self.CTRL_PLD_CLASS_MAP = {
PayloadClass.PATH: {
PMT.REPLY: self.handle_path_reply,
PMT.REVOCATION: self.handle_revocation,
}
}
self.SCMP_PLD_CLASS_MAP = {
SCMPClass.PATH: {
SCMPPathClass.REVOKED_IF: self.handle_scmp_revocation
},
}
if run_local_api:
self._api_sock = ReliableSocket(bind=(self.api_addr, "sciond"))
self._socks.add(self._api_sock, self.handle_accept)