def __init__(self, server_id, conf_dir, prom_export=None): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. :param str prom_export: prometheus export address. """ super().__init__(server_id, conf_dir, prom_export=prom_export) down_labels = { **self._labels, "type": "down" } if self._labels else None core_labels = { **self._labels, "type": "core" } if self._labels else None self.down_segments = PathSegmentDB(max_res_no=self.MAX_SEG_NO, labels=down_labels) self.core_segments = PathSegmentDB(max_res_no=self.MAX_SEG_NO, labels=core_labels) self.pending_req = defaultdict(list) # Dict of pending requests. self.pen_req_lock = threading.Lock() self._request_logger = None # Used when l/cPS doesn't have up/dw-path. self.waiting_targets = defaultdict(list) self.revocations = RevCache(labels=self._labels) # A mapping from (hash tree root of AS, IFID) to segments self.htroot_if2seg = ExpiringDict(1000, HASHTREE_TTL) self.htroot_if2seglock = Lock() self.CTRL_PLD_CLASS_MAP = { PayloadClass.PATH: { PMT.REQUEST: self.path_resolution, PMT.REPLY: self.handle_path_segment_record, PMT.REG: self.handle_path_segment_record, PMT.REVOCATION: self._handle_revocation, PMT.SYNC: self.handle_path_segment_record, }, PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request, CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply, CertMgmtType.TRC_REPLY: self.process_trc_reply, CertMgmtType.TRC_REQ: self.process_trc_request, }, } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: { SCMPPathClass.REVOKED_IF: self._handle_scmp_revocation, }, } self._segs_to_zk = ExpiringDict(1000, self.SEGS_TO_ZK_TTL) self._revs_to_zk = ExpiringDict(1000, HASHTREE_EPOCH_TIME) self._zkid = ZkID.from_values(self.addr.isd_as, self.id, [(self.addr.host, self._port)]) self.zk = Zookeeper(self.topology.isd_as, PATH_SERVICE, self._zkid.copy().pack(), self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.path_cache = ZkSharedCache(self.zk, self.ZK_PATH_CACHE_PATH, self._handle_paths_from_zk) self.rev_cache = ZkSharedCache(self.zk, self.ZK_REV_CACHE_PATH, self._rev_entries_handler) self._init_request_logger()
def __init__(self, api_addr, counter): # pragma: no cover self._api_addr = api_addr self._req_id = counter self._if_infos = ExpiringDict(100, _IF_INFO_TTL) self._svc_infos = ExpiringDict(100, _SVC_INFO_TTL) self._as_infos = ExpiringDict(100, _AS_INFO_TTL) self._if_infos_lock = threading.Lock() self._svc_infos_lock = threading.Lock() self._as_infos_lock = threading.Lock()
def __init__(self, server_id, conf_dir): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__(server_id, conf_dir) self.cc_requests = RequestHandler.start( "CC Requests", self._check_cc, self._fetch_cc, self._reply_cc, ) self.trc_requests = RequestHandler.start( "TRC Requests", self._check_trc, self._fetch_trc, self._reply_trc, ) self.drkey_protocol_requests = RequestHandler.start( "DRKey Requests", self._check_drkey, self._fetch_drkey, self._reply_proto_drkey, ) self.CTRL_PLD_CLASS_MAP = { PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request, CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply, CertMgmtType.TRC_REQ: self.process_trc_request, CertMgmtType.TRC_REPLY: self.process_trc_reply, }, PayloadClass.DRKEY: { DRKeyMgmtType.FIRST_ORDER_REQUEST: self.process_drkey_request, DRKeyMgmtType.FIRST_ORDER_REPLY: self.process_drkey_reply, }, } zkid = ZkID.from_values(self.addr.isd_as, self.id, [(self.addr.host, self._port)]).pack() self.zk = Zookeeper(self.topology.isd_as, CERTIFICATE_SERVICE, zkid, self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.trc_cache = ZkSharedCache(self.zk, self.ZK_TRC_CACHE_PATH, self._cached_trcs_handler) self.cc_cache = ZkSharedCache(self.zk, self.ZK_CC_CACHE_PATH, self._cached_certs_handler) self.drkey_cache = ZkSharedCache(self.zk, self.ZK_DRKEY_PATH, self._cached_drkeys_handler) lib_sciond.init( os.path.join(SCIOND_API_SOCKDIR, "sd%s.sock" % self.addr.isd_as)) self.signing_key = get_sig_key(self.conf_dir) self.private_key = get_enc_key(self.conf_dir) self.public_key = self.private_key.public_key self.drkey_secrets = ExpiringDict(DRKEY_MAX_SV, DRKEY_MAX_TTL) self.first_order_drkeys = ExpiringDict(DRKEY_MAX_KEYS, DRKEY_MAX_TTL)
def __init__(self, server_id, conf_dir, prom_export=None): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. :param str prom_export: prometheus export address. """ super().__init__(server_id, conf_dir, prom_export=prom_export) cc_labels = {**self._labels, "type": "cc"} if self._labels else None trc_labels = {**self._labels, "type": "trc"} if self._labels else None drkey_labels = {**self._labels, "type": "drkey"} if self._labels else None self.cc_requests = RequestHandler.start( "CC Requests", self._check_cc, self._fetch_cc, self._reply_cc, labels=cc_labels, ) self.trc_requests = RequestHandler.start( "TRC Requests", self._check_trc, self._fetch_trc, self._reply_trc, labels=trc_labels, ) self.drkey_protocol_requests = RequestHandler.start( "DRKey Requests", self._check_drkey, self._fetch_drkey, self._reply_proto_drkey, labels=drkey_labels, ) self.CTRL_PLD_CLASS_MAP = { PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request, CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply, CertMgmtType.TRC_REQ: self.process_trc_request, CertMgmtType.TRC_REPLY: self.process_trc_reply, }, PayloadClass.DRKEY: { DRKeyMgmtType.FIRST_ORDER_REQUEST: self.process_drkey_request, DRKeyMgmtType.FIRST_ORDER_REPLY: self.process_drkey_reply, }, } zkid = ZkID.from_values(self.addr.isd_as, self.id, [(self.addr.host, self._port)]).pack() self.zk = Zookeeper(self.topology.isd_as, CERTIFICATE_SERVICE, zkid, self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.trc_cache = ZkSharedCache(self.zk, self.ZK_TRC_CACHE_PATH, self._cached_trcs_handler) self.cc_cache = ZkSharedCache(self.zk, self.ZK_CC_CACHE_PATH, self._cached_certs_handler) self.drkey_cache = ZkSharedCache(self.zk, self.ZK_DRKEY_PATH, self._cached_drkeys_handler) self.signing_key = get_sig_key(self.conf_dir) self.private_key = get_enc_key(self.conf_dir) self.drkey_secrets = ExpiringDict(DRKEY_MAX_SV, DRKEY_MAX_TTL) self.first_order_drkeys = ExpiringDict(DRKEY_MAX_KEYS, DRKEY_MAX_TTL)
def __init__(self, server_id, conf_dir): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__(server_id, conf_dir) # Sanity check that we should indeed be a core path server. assert self.topology.is_core_as, "This shouldn't be a local PS!" self._master_id = None # Address of master core Path Server. self._segs_to_master = ExpiringDict(1000, 10) self._segs_to_prop = ExpiringDict(1000, 2 * self.config.propagation_time)
def __init__(self, server_id, conf_dir, spki_cache_dir=GEN_CACHE_PATH, prom_export=None, sciond_path=None): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. :param str prom_export: prometheus export address. :param str sciond_path: path to sciond socket. """ super().__init__(server_id, conf_dir, spki_cache_dir=spki_cache_dir, prom_export=prom_export, sciond_path=sciond_path) # Sanity check that we should indeed be a core path server. assert self.topology.is_core_as, "This shouldn't be a local PS!" self._master_id = None # Address of master core Path Server. self._segs_to_master = ExpiringDict(1000, 10) self._segs_to_prop = ExpiringDict(1000, 2 * self.config.propagation_time)
def __init__(self, conf_dir, addr, api_addr, run_local_api=False, port=None, prom_export=None): """ Initialize an instance of the class SCIONDaemon. """ super().__init__("sciond", conf_dir, prom_export=prom_export, public=[(addr, port)]) up_labels = {**self._labels, "type": "up"} if self._labels else None down_labels = { **self._labels, "type": "down" } if self._labels else None core_labels = { **self._labels, "type": "core" } if self._labels else None self.up_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL, labels=up_labels) self.down_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL, labels=down_labels) self.core_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL, labels=core_labels) self.peer_revs = RevCache() # Keep track of requested paths. self.requested_paths = ExpiringDict(self.MAX_REQS, self.PATH_REQ_TOUT) self.req_path_lock = threading.Lock() self._api_sock = None self.daemon_thread = None os.makedirs(SCIOND_API_SOCKDIR, exist_ok=True) self.api_addr = (api_addr or os.path.join( SCIOND_API_SOCKDIR, "%s.sock" % self.addr.isd_as)) self.CTRL_PLD_CLASS_MAP = { PayloadClass.PATH: { PMT.REPLY: self.handle_path_reply, PMT.REVOCATION: self.handle_revocation, }, PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request, CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply, CertMgmtType.TRC_REPLY: self.process_trc_reply, CertMgmtType.TRC_REQ: self.process_trc_request, }, } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: { SCMPPathClass.REVOKED_IF: self.handle_scmp_revocation }, } if run_local_api: self._api_sock = ReliableSocket(bind_unix=(self.api_addr, "sciond")) self._socks.add(self._api_sock, self.handle_accept)
def __init__(self, server_id, conf_dir): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__(server_id, conf_dir) self.down_segments = PathSegmentDB(max_res_no=self.MAX_SEG_NO) self.core_segments = PathSegmentDB(max_res_no=self.MAX_SEG_NO) self.pending_req = defaultdict(list) # Dict of pending requests. # Used when l/cPS doesn't have up/dw-path. self.waiting_targets = defaultdict(list) self.revocations = ExpiringDict(1000, 300) self.iftoken2seg = defaultdict(set) self.CTRL_PLD_CLASS_MAP = { PayloadClass.PATH: { PMT.REQUEST: self.path_resolution, PMT.REPLY: self.handle_path_segment_record, PMT.REG: self.handle_path_segment_record, PMT.REVOCATION: self._handle_revocation, PMT.SYNC: self.handle_path_segment_record, }, } self._segs_to_zk = deque() # Add more IPs here if we support dual-stack name_addrs = "\0".join( [self.id, str(SCION_UDP_PORT), str(self.addr.host)]) self.zk = Zookeeper(self.topology.isd_as, PATH_SERVICE, name_addrs, self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.path_cache = ZkSharedCache(self.zk, self.ZK_PATH_CACHE_PATH, self._cached_entries_handler)
def __init__(self, server_id, conf_dir, prom_export=None): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. :param str prom_export: prometheus export address. """ super().__init__(server_id, conf_dir, prom_export=prom_export) # TODO: add 2 policies self.path_policy = PathPolicy.from_file( os.path.join(conf_dir, PATH_POLICY_FILE)) self.signing_key = get_sig_key(self.conf_dir) self.of_gen_key = kdf(self.config.master_as_key, b"Derive OF Key") self.hashtree_gen_key = kdf(self.config.master_as_key, b"Derive hashtree Key") logging.info(self.config.__dict__) self._hash_tree = None self._hash_tree_lock = Lock() self._next_tree = None self._init_hash_tree() self.ifid_state = {} for ifid in self.ifid2br: self.ifid_state[ifid] = InterfaceState() self.ifid_state_lock = RLock() self.CTRL_PLD_CLASS_MAP = { PayloadClass.PCB: { None: self.handle_pcb }, PayloadClass.IFID: { None: self.handle_ifid_packet }, PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request, CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply, CertMgmtType.TRC_REPLY: self.process_trc_reply, CertMgmtType.TRC_REQ: self.process_trc_request, }, PayloadClass.PATH: { PMT.IFSTATE_REQ: self._handle_ifstate_request, PMT.REVOCATION: self._handle_revocation, }, } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: { SCMPPathClass.REVOKED_IF: self._handle_scmp_revocation, }, } zkid = ZkID.from_values(self.addr.isd_as, self.id, [(self.addr.host, self._port)]).pack() self.zk = Zookeeper(self.addr.isd_as, BEACON_SERVICE, zkid, self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.pcb_cache = ZkSharedCache(self.zk, self.ZK_PCB_CACHE_PATH, self._handle_pcbs_from_zk) self.revobjs_cache = ZkSharedCache(self.zk, self.ZK_REVOCATIONS_PATH, self.process_rev_objects) self.local_rev_cache = ExpiringDict( 1000, HASHTREE_EPOCH_TIME + HASHTREE_EPOCH_TOLERANCE) self._rev_seg_lock = RLock()
def __init__( self, server_id, conf_dir, ): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__( server_id, conf_dir, ) self.interface = None for border_router in self.topology.get_all_border_routers(): if border_router.name == self.id: self.interface = border_router.interface break assert self.interface is not None logging.info("Interface: %s", self.interface.__dict__) self.is_core_router = self.topology.is_core_as self.of_gen_key = kdf(self.config.master_as_key, b"Derive OF Key") self.sibra_key = kdf(self.config.master_as_key, b"Derive SIBRA Key") self.if_states = defaultdict(InterfaceState) self.revocations = ExpiringDict(1000, self.FWD_REVOCATION_TIMEOUT) self.pre_ext_handlers = { SibraExtBase.EXT_TYPE: self.handle_sibra, TracerouteExt.EXT_TYPE: self.handle_traceroute, OneHopPathExt.EXT_TYPE: self.handle_one_hop_path, ExtHopByHopType.SCMP: self.handle_scmp, } self.post_ext_handlers = { SibraExtBase.EXT_TYPE: False, TracerouteExt.EXT_TYPE: False, ExtHopByHopType.SCMP: False, OneHopPathExt.EXT_TYPE: False, } self.sibra_state = SibraState( self.interface.bandwidth, "%s#%s -> %s" % (self.addr.isd_as, self.interface.if_id, self.interface.isd_as)) self.CTRL_PLD_CLASS_MAP = { PayloadClass.IFID: { None: self.process_ifid_request }, PayloadClass.PATH: defaultdict(lambda: self.process_path_mgmt_packet), } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: { SCMPPathClass.REVOKED_IF: self.process_revocation }, } self._remote_sock = UDPSocket( bind=(str(self.interface.addr), self.interface.udp_port), addr_type=self.interface.addr.TYPE, ) self._socks.add(self._remote_sock, self.handle_recv) logging.info("IP %s:%d", self.interface.addr, self.interface.udp_port)
def __init__(self, server_id, conf_dir): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__(server_id, conf_dir) self.down_segments = PathSegmentDB(max_res_no=self.MAX_SEG_NO) self.core_segments = PathSegmentDB(max_res_no=self.MAX_SEG_NO) self.pending_req = defaultdict(list) # Dict of pending requests. # Used when l/cPS doesn't have up/dw-path. self.waiting_targets = defaultdict(list) self.revocations = ExpiringDict(1000, HASHTREE_EPOCH_TIME) # Contains PCBs that include revocations. self.pcb_cache = ExpiringDict(100, HASHTREE_EPOCH_TIME) self.pcb_cache_lock = Lock() # A mapping from (hash tree root of AS, IFID) to segments self.htroot_if2seg = ExpiringDict(1000, HASHTREE_TTL) self.htroot_if2seglock = Lock() self.CTRL_PLD_CLASS_MAP = { PayloadClass.PATH: { PMT.REQUEST: self.path_resolution, PMT.REPLY: self.handle_path_segment_record, PMT.REG: self.handle_path_segment_record, PMT.REVOCATION: self._handle_revocation, PMT.SYNC: self.handle_path_segment_record, }, } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: { SCMPPathClass.REVOKED_IF: self._handle_scmp_revocation, }, } self._segs_to_zk = deque() self._revs_to_zk = deque() self._zkid = ZkID.from_values(self.addr.isd_as, self.id, [(self.addr.host, self._port)]) self.zk = Zookeeper(self.topology.isd_as, PATH_SERVICE, self._zkid.copy().pack(), self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.path_cache = ZkSharedCache(self.zk, self.ZK_PATH_CACHE_PATH, self._cached_entries_handler) self.rev_cache = ZkSharedCache(self.zk, self.ZK_REV_CACHE_PATH, self._rev_entries_handler)
def __init__(self, server_id, conf_dir): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__(server_id, conf_dir) # TODO: add 2 policies self.path_policy = PathPolicy.from_file( os.path.join(conf_dir, PATH_POLICY_FILE)) self.unverified_beacons = deque() self.trc_requests = {} self.trcs = {} sig_key_file = get_sig_key_file_path(self.conf_dir) self.signing_key = base64.b64decode(read_file(sig_key_file)) self.of_gen_key = PBKDF2(self.config.master_as_key, b"Derive OF Key") logging.info(self.config.__dict__) self.if2rev_tokens = {} self._if_rev_token_lock = threading.Lock() self.revs_to_downstream = ExpiringDict(max_len=1000, max_age_seconds=60) self.ifid_state = {} for ifid in self.ifid2er: self.ifid_state[ifid] = InterfaceState() self.CTRL_PLD_CLASS_MAP = { PayloadClass.PCB: { PCBType.SEGMENT: self.handle_pcb }, PayloadClass.IFID: { IFIDType.PAYLOAD: self.handle_ifid_packet }, PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_rep, CertMgmtType.TRC_REPLY: self.process_trc_rep, }, PayloadClass.PATH: { PMT.IFSTATE_REQ: self._handle_ifstate_request }, } # Add more IPs here if we support dual-stack name_addrs = "\0".join( [self.id, str(SCION_UDP_PORT), str(self.addr.host)]) self.zk = Zookeeper(self.addr.isd_as, BEACON_SERVICE, name_addrs, self.topology.zookeepers) self.zk.retry("Joining party", self.zk.party_setup) self.incoming_pcbs = deque() self.pcb_cache = ZkSharedCache(self.zk, self.ZK_PCB_CACHE_PATH, self.process_pcbs) self.revobjs_cache = ZkSharedCache(self.zk, self.ZK_REVOCATIONS_PATH, self.process_rev_objects)
def __init__(self, dns_servers, domain, lifetime=5.0): # pragma: no cover """ :param list dns_servers: DNS server IP addresses as strings. E.g. ``["127.0.0.1", "8.8.8.8"]`` :param string domain: The DNS domain to query. :param float lifetime: Number of seconds in total to try resolving before failing. """ super().__init__(dns_servers, domain, lifetime=lifetime) self.cache = ExpiringDict(max_len=DNS_CACHE_MAX_SIZE, max_age_seconds=DNS_CACHE_MAX_AGE)
def __init__(self, conf_dir, addr, api_addr, run_local_api=False, port=None, spki_cache_dir=GEN_CACHE_PATH, prom_export=None, delete_sock=False): """ Initialize an instance of the class SCIONDaemon. """ super().__init__("sciond", conf_dir, spki_cache_dir=spki_cache_dir, prom_export=prom_export, public=[(addr, port)]) up_labels = {**self._labels, "type": "up"} if self._labels else None down_labels = {**self._labels, "type": "down"} if self._labels else None core_labels = {**self._labels, "type": "core"} if self._labels else None self.up_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL, labels=up_labels) self.down_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL, labels=down_labels) self.core_segments = PathSegmentDB(segment_ttl=self.SEGMENT_TTL, labels=core_labels) self.rev_cache = RevCache() # Keep track of requested paths. self.requested_paths = ExpiringDict(self.MAX_REQS, PATH_REQ_TOUT) self.req_path_lock = threading.Lock() self._api_sock = None self.daemon_thread = None os.makedirs(SCIOND_API_SOCKDIR, exist_ok=True) self.api_addr = (api_addr or get_default_sciond_path()) if delete_sock: try: os.remove(self.api_addr) except OSError as e: if e.errno != errno.ENOENT: logging.error("Could not delete socket %s: %s" % (self.api_addr, e)) self.CTRL_PLD_CLASS_MAP = { PayloadClass.PATH: { PMT.REPLY: self.handle_path_reply, PMT.REVOCATION: self.handle_revocation, }, PayloadClass.CERT: { CertMgmtType.CERT_CHAIN_REQ: self.process_cert_chain_request, CertMgmtType.CERT_CHAIN_REPLY: self.process_cert_chain_reply, CertMgmtType.TRC_REPLY: self.process_trc_reply, CertMgmtType.TRC_REQ: self.process_trc_request, }, } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: {SCMPPathClass.REVOKED_IF: self.handle_scmp_revocation}, } if run_local_api: self._api_sock = ReliableSocket(bind_unix=(self.api_addr, "sciond")) self._socks.add(self._api_sock, self.handle_accept)
def __init__( self, server_id, conf_dir, ): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. """ super().__init__( server_id, conf_dir, ) self.interface = None for edge_router in self.topology.get_all_edge_routers(): if edge_router.addr == self.addr.host: self.interface = edge_router.interface break assert self.interface is not None logging.info("Interface: %s", self.interface.__dict__) self.of_gen_key = PBKDF2(self.config.master_as_key, b"Derive OF Key") self.sibra_key = PBKDF2(self.config.master_as_key, b"Derive SIBRA Key") self.if_states = defaultdict(InterfaceState) self.revocations = ExpiringDict(1000, self.FWD_REVOCATION_TIMEOUT) self.pre_ext_handlers = { SibraExtBase.EXT_TYPE: self.handle_sibra, TracerouteExt.EXT_TYPE: self.handle_traceroute, ExtHopByHopType.SCMP: self.handle_scmp, HORNETPlugin.EXT_TYPE: HORNETPlugin(self.id, conf_dir, self.config.master_as_key, self.addr, self.interface).pre_routing } self.post_ext_handlers = { SibraExtBase.EXT_TYPE: False, TracerouteExt.EXT_TYPE: False, ExtHopByHopType.SCMP: False, HORNETPlugin.EXT_TYPE: False } self.sibra_state = SibraState( self.interface.bandwidth, "%s#%s -> %s" % (self.addr.isd_as, self.interface.if_id, self.interface.isd_as)) self.CTRL_PLD_CLASS_MAP = { PayloadClass.PCB: { PCBType.SEGMENT: self.process_pcb }, PayloadClass.IFID: { IFIDType.PAYLOAD: self.process_ifid_request }, PayloadClass.CERT: defaultdict(lambda: self.relay_cert_server_packet), PayloadClass.PATH: defaultdict(lambda: self.process_path_mgmt_packet), PayloadClass.SIBRA: { SIBRAPayloadType.EMPTY: self.fwd_sibra_service_pkt }, } self.SCMP_PLD_CLASS_MAP = { SCMPClass.PATH: { SCMPPathClass.REVOKED_IF: self.process_revocation }, } self._remote_sock = UDPSocket( bind=(str(self.interface.addr), self.interface.udp_port), addr_type=AddrType.IPV4, ) self._socks.add(self._remote_sock, self.handle_recv) logging.info("IP %s:%d", self.interface.addr, self.interface.udp_port)
def __init__(self, server_id, conf_dir, public=None, bind=None, spki_cache_dir=GEN_CACHE_PATH, prom_export=None): """ :param str server_id: server identifier. :param str conf_dir: configuration directory. :param list public: (host_addr, port) of the element's public address (i.e. the address visible to other network elements). :param list bind: (host_addr, port) of the element's bind address, if any (i.e. the address the element uses to identify itself to the local operating system, if it differs from the public address due to NAT). :param str spki_cache_dir: Path for caching TRCs and certificate chains. :param str prom_export: String of the form 'addr:port' specifying the prometheus endpoint. If no string is provided, no metrics are exported. """ self.id = server_id self.conf_dir = conf_dir self.ifid2br = {} self.topology = Topology.from_file( os.path.join(self.conf_dir, TOPO_FILE)) # Labels attached to every exported metric. self._labels = {"server_id": self.id, "isd_as": str(self.topology.isd_as)} # Must be over-ridden by child classes: self.CTRL_PLD_CLASS_MAP = {} self.SCMP_PLD_CLASS_MAP = {} self.public = public self.bind = bind if self.SERVICE_TYPE: own_config = self.topology.get_own_config(self.SERVICE_TYPE, server_id) if public is None: self.public = own_config.public if bind is None: self.bind = own_config.bind self.init_ifid2br() self.trust_store = TrustStore(self.conf_dir, spki_cache_dir, self.id, self._labels) self.total_dropped = 0 self._core_ases = defaultdict(list) # Mapping ISD_ID->list of core ASes self.init_core_ases() self.run_flag = threading.Event() self.run_flag.set() self.stopped_flag = threading.Event() self.stopped_flag.clear() self._in_buf = queue.Queue(MAX_QUEUE) self._socks = SocketMgr() self._startup = time.time() if self.USE_TCP: self._DefaultMeta = TCPMetadata else: self._DefaultMeta = UDPMetadata self.unverified_segs = ExpiringDict(500, 60 * 60) self.unv_segs_lock = threading.RLock() self.requested_trcs = {} self.req_trcs_lock = threading.Lock() self.requested_certs = {} self.req_certs_lock = threading.Lock() # TODO(jonghoonkwon): Fix me to setup sockets for multiple public addresses host_addr, self._port = self.public[0] self.addr = SCIONAddr.from_values(self.topology.isd_as, host_addr) if prom_export: self._export_metrics(prom_export) self._init_metrics() self._setup_sockets(True) lib_sciond.init(os.path.join(SCIOND_API_SOCKDIR, "sd%s.sock" % self.addr.isd_as))