You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@warble.apache.org by hu...@apache.org on 2018/06/26 14:17:56 UTC
[incubator-warble-node] branch master updated (8e4fdc3 -> 5adf60e)
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-warble-node.git.
from 8e4fdc3 replace hard py errors for common issues with more helpful messages
new 15e754c pull in changes to crypto from server repo
new 104ef99 register node on init, check for eligibility with optional --wait arg
new ada194c fix path
new e0cff8d use optionally supplied path here
new 5adf60e startup banner + tweak wording
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
node.py | 69 ++++++++++++++++++++++++++++++++++++++++++------
plugins/basics/crypto.py | 25 +++++++++++++++++-
2 files changed, 85 insertions(+), 9 deletions(-)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@warble.apache.org
For additional commands, e-mail: commits-help@warble.apache.org
[incubator-warble-node] 05/05: startup banner + tweak wording
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-warble-node.git
commit 5adf60e3803691f87c75da6e28386197b7a6a688
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Jun 26 09:16:44 2018 -0500
startup banner + tweak wording
---
node.py | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/node.py b/node.py
index f63b1c3..c85ef8f 100644
--- a/node.py
+++ b/node.py
@@ -62,6 +62,7 @@ if __name__ == "__main__":
print("Bork: --config passed to program, but could not find config file %s" % args.config)
sys.exit(-1)
+ print("INFO: Starting Warble node software, version %s" % _VERSION)
# Init yaml, load configuration.
# We use ruamel.yaml here, because it preserves the existing structure and
# comments, unlike the traditional yaml library.
@@ -79,7 +80,7 @@ if __name__ == "__main__":
# If key exists, load it...
if os.path.exists(keypath):
- print("Loading private key from %s" % keypath)
+ print("INFO: Loading private key from %s" % keypath)
try:
privkey = plugins.basics.crypto.loadprivate(keypath)
except Exception as err:
@@ -135,16 +136,16 @@ if __name__ == "__main__":
apikey = payload['key']
if payload['encrypted']:
apikey = str(plugins.basics.crypto.decrypt(privkey, base64.b64decode(apikey)), 'ascii')
- print("Fetched API key %s from server" % apikey)
+ print("INFO: Fetched API key %s from server" % apikey)
gconf['client']['apikey'] = apikey
# Save updated changes to disk
yaml.dump(gconf, open(configpath, "w"))
else:
- print("Got unexpected status code %u from Warble server!")
+ print("ALERT: Got unexpected status code %u from Warble server!")
print(rv.text)
sys.exit(-1)
except Exception as err:
- print("Could not connect to the Warble server at %s: %s" % (serverurl, err))
+ print("ALERT: Could not connect to the Warble server at %s: %s" % (serverurl, err))
sys.exit(-1)
else:
apikey = gconf['client'].get('apikey')
@@ -160,13 +161,13 @@ if __name__ == "__main__":
break # We're enabled, yaaay
else:
if args.wait:
- print("Node not eligible yet, but --wait passed, so waiting 30 seconds...")
+ print("WARNING: Node not eligible yet, but --wait passed, so waiting 30 seconds...")
time.sleep(30)
else:
- print("Node has not been marked as enabled on the server, exiting")
+ print("WARNING: Node has not been marked as enabled on the server, exiting")
sys.exit(0)
else:
- print("Unexpected status code %u from Warble server!" % rv.status_code)
+ print("ALERT: Unexpected status code %u from Warble server!" % rv.status_code)
print(rv.text)
sys.exit(-1)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@warble.apache.org
For additional commands, e-mail: commits-help@warble.apache.org
[incubator-warble-node] 01/05: pull in changes to crypto from
server repo
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-warble-node.git
commit 15e754cc5d28c97fa0d238974870c025aba9564d
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Jun 26 09:01:21 2018 -0500
pull in changes to crypto from server repo
---
plugins/basics/crypto.py | 25 ++++++++++++++++++++++++-
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/plugins/basics/crypto.py b/plugins/basics/crypto.py
index af662a9..291a25a 100644
--- a/plugins/basics/crypto.py
+++ b/plugins/basics/crypto.py
@@ -31,6 +31,7 @@ import cryptography.hazmat.primitives.asymmetric.rsa
import cryptography.hazmat.primitives.asymmetric.utils
import cryptography.hazmat.primitives.asymmetric.padding
import cryptography.hazmat.primitives.hashes
+import hashlib
def keypair(bits = 4096):
""" Generate a private+public key pair for encryption/signing """
@@ -60,6 +61,14 @@ def loadpublic(filepath):
)
return public_key
+def loads(text):
+ """ Loads a public key from a string """
+ public_key = cryptography.hazmat.primitives.serialization.load_pem_public_key(
+ bytes(text, 'ascii', errors = 'strict'),
+ backend=cryptography.hazmat.backends.default_backend()
+ )
+ return public_key
+
def pem(key):
""" Turn a key (public or private) into PEM format """
# Private key?
@@ -75,7 +84,21 @@ def pem(key):
encoding=cryptography.hazmat.primitives.serialization.Encoding.PEM,
format=cryptography.hazmat.primitives.serialization.PublicFormat.SubjectPublicKeyInfo
)
-
+
+
+def fingerprint(key):
+ """ Derives a digest fingerprint from a key """
+ print(type(key))
+ if isinstance(key, cryptography.hazmat.backends.openssl.rsa._RSAPublicKey):
+ _pem = pem(key)
+ print("key is rsa")
+ elif type(key) is str:
+ _pem = bytes(key, 'ascii', errors = 'replace')
+ else:
+ _pem = key
+ sha = hashlib.sha256(_pem).hexdigest()
+ return sha
+
def decrypt(key, text):
""" Decrypt a message encrypted with the public key, by using the private key on-disk """
retval = b""
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@warble.apache.org
For additional commands, e-mail: commits-help@warble.apache.org
[incubator-warble-node] 03/05: fix path
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-warble-node.git
commit ada194c87b6eacfe5de9cc79af850af5a2d36f9b
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Jun 26 09:13:35 2018 -0500
fix path
---
node.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/node.py b/node.py
index ad71d3f..2f4b557 100644
--- a/node.py
+++ b/node.py
@@ -121,7 +121,7 @@ if __name__ == "__main__":
# If no api key has been retrieved yet, get one
if gconf['client'].get('apikey', 'UNSET') == 'UNSET':
if not serverurl:
- print("ALERT: Could not find the URL for the Warble server. Please set it in conf/warble.yaml first.")
+ print("ALERT: Could not find the URL for the Warble server. Please set it in conf/node.yaml first.")
sys.exit(-1)
print("Uninitialized node, trying to register and fetch API key from %s" % serverurl)
try:
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@warble.apache.org
For additional commands, e-mail: commits-help@warble.apache.org
[incubator-warble-node] 02/05: register node on init,
check for eligibility with optional --wait arg
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-warble-node.git
commit 104ef99a66f310562986f436f9a27aa92a1f47ea
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Jun 26 09:12:23 2018 -0500
register node on init, check for eligibility with optional --wait arg
---
node.py | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 59 insertions(+), 7 deletions(-)
diff --git a/node.py b/node.py
index 5a23df2..ad71d3f 100644
--- a/node.py
+++ b/node.py
@@ -28,6 +28,8 @@ import ruamel.yaml
import requests
import datetime
import argparse
+import socket
+import base64
# Warble-specific libraries
import plugins.tests
@@ -36,12 +38,14 @@ import plugins.basics.crypto
basepath = os.path.dirname(os.path.realpath(__file__))
configpath = "%s/conf/node.yaml" % basepath
+hostname = socket.gethostname()
if __name__ == "__main__":
parser = argparse.ArgumentParser(description = "Run-time configuration options for Apache Warble (incubating)")
parser.add_argument('--version', action = 'store_true', help = 'Print node version and exit')
parser.add_argument('--test', action = 'store_true', help = 'Run debug unit tests')
+ parser.add_argument('--wait', action = 'store_true', help = 'Wait for node to be fully registered on server before continuing')
parser.add_argument('--config', type = str, help = 'Load a specific configuration file')
args = parser.parse_args()
@@ -103,7 +107,7 @@ if __name__ == "__main__":
if args.test:
print("Testing crypto library")
plugins.basics.crypto.test()
-
+
print("Running unit tests...")
import plugins.basics.unittests
gconf['version'] = _VERSION
@@ -111,13 +115,61 @@ if __name__ == "__main__":
sys.exit(0)
- # If no app id set, get a unique app id for this node.
- if gconf['client'].get('appid', 'UNSET') == 'UNSET':
- gconf['client']['appid'] = plugins.basics.misc.appid()
- print("Uninitialized node, setting base App ID to %s" % gconf['client']['appid'])
- # Save updated changes to disk
- yaml.dump(gconf, open(configpath, "w"))
+ serverurl = gconf['client'].get('server')
+
+ # If no api key has been retrieved yet, get one
+ if gconf['client'].get('apikey', 'UNSET') == 'UNSET':
+ if not serverurl:
+ print("ALERT: Could not find the URL for the Warble server. Please set it in conf/warble.yaml first.")
+ sys.exit(-1)
+ print("Uninitialized node, trying to register and fetch API key from %s" % serverurl)
+ try:
+ rv = requests.post('%s/api/node/register' % serverurl, json = {
+ 'version': _VERSION,
+ 'hostname': hostname,
+ 'pubkey': str(plugins.basics.crypto.pem(privkey.public_key()), 'ascii')
+ })
+ if rv.status_code == 200:
+ payload = rv.json()
+ apikey = payload['key']
+ if payload['encrypted']:
+ apikey = str(plugins.basics.crypto.decrypt(privkey, base64.b64decode(apikey)), 'ascii')
+ print("Fetched API key %s from server" % apikey)
+ gconf['client']['apikey'] = apikey
+ # Save updated changes to disk
+ yaml.dump(gconf, open(configpath, "w"))
+ else:
+ print("Got unexpected status code %u from Warble server!")
+ print(rv.text)
+ sys.exit(-1)
+ except Exception as err:
+ print("Could not connect to the Warble server at %s: %s" % (serverurl, err))
+ sys.exit(-1)
+ else:
+ apikey = gconf['client'].get('apikey')
+
+ # Now we check if we're eligible to do tests.
+ # If --wait is passed, we'll pause and retry until we get our way.
+ print("INFO: Checking for node eligibility...")
+ while True:
+ rv = requests.get('%s/api/node/status' % serverurl, headers = {'APIKey': apikey})
+ if rv.status_code == 200:
+ payload = rv.json()
+ if payload.get('enabled'):
+ break # We're enabled, yaaay
+ else:
+ if args.wait:
+ print("Node not eligible yet, but --wait passed, so waiting 30 seconds...")
+ time.sleep(30)
+ else:
+ print("Node has not been marked as enabled on the server, exiting")
+ sys.exit(0)
+ else:
+ print("Unexpected status code %u from Warble server!" % rv.status_code)
+ print(rv.text)
+ sys.exit(-1)
+
# Set node software version for tests
gconf['version'] = _VERSION
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@warble.apache.org
For additional commands, e-mail: commits-help@warble.apache.org
[incubator-warble-node] 04/05: use optionally supplied path here
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-warble-node.git
commit e0cff8d05fea613d02ac7a36371b3c24f2e52e03
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Jun 26 09:14:02 2018 -0500
use optionally supplied path here
---
node.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/node.py b/node.py
index 2f4b557..f63b1c3 100644
--- a/node.py
+++ b/node.py
@@ -121,7 +121,7 @@ if __name__ == "__main__":
# If no api key has been retrieved yet, get one
if gconf['client'].get('apikey', 'UNSET') == 'UNSET':
if not serverurl:
- print("ALERT: Could not find the URL for the Warble server. Please set it in conf/node.yaml first.")
+ print("ALERT: Could not find the URL for the Warble server. Please set it in %s first." % configpath)
sys.exit(-1)
print("Uninitialized node, trying to register and fetch API key from %s" % serverurl)
try:
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@warble.apache.org
For additional commands, e-mail: commits-help@warble.apache.org