X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=hippotat.git;a=blobdiff_plain;f=hippotatlib%2F__init__.py;h=de939c86b09621dbddb7c5f1445ad1bf4ed4b717;hp=1460d5ac5cb4f9eb13e1da0e7a1c44d7e9780bc0;hb=a14782d3bb7fe3e65f19e45d913d2e5f5d8662bb;hpb=00ea54437e092ecc925df543d3c6fec30a32d667 diff --git a/hippotatlib/__init__.py b/hippotatlib/__init__.py index 1460d5a..de939c8 100644 --- a/hippotatlib/__init__.py +++ b/hippotatlib/__init__.py @@ -50,6 +50,9 @@ from functools import partial import collections import time +import hmac +import hashlib +import base64 import codecs import traceback @@ -126,7 +129,7 @@ class LogNotBoringTwisted: #---------- default config ---------- defcfg = ''' -[DEFAULT] +[COMMON] max_batch_down = 65536 max_queue_time = 10 target_requests_outstanding = 3 @@ -139,6 +142,7 @@ port = 80 vroutes = '' ifname_client = hippo%%d ifname_server = shippo%%d +max_clock_skew = 300 #[server] or [] overrides ipif = userv root ipif %(local)s,%(peer)s,%(mtu)s,slip,%(ifname)s %(rnets)s @@ -157,7 +161,7 @@ vvnetwork = 172.24.230.192 # [] -# password = # used by both, must match +# secret = # used by both, must match [LIMIT] max_batch_down = 262144 @@ -367,6 +371,34 @@ def crash_on_critical(event): if event.get('log_level') >= LogLevel.critical: crash(twisted.logger.formatEvent(event)) +#---------- authentication tokens ---------- + +_authtoken_digest = hashlib.sha256 + +def _authtoken_time(): + return int(time.time()) + +def _authtoken_hmac(secret, hextime): + return hmac.new(secret, hextime, _authtoken_digest).digest() + +def authtoken_make(secret): + hextime = ('%x' % _authtoken_time()).encode('ascii') + mac = _authtoken_hmac(secret, hextime) + return hextime + b' ' + base64.b64encode(mac) + +def authtoken_check(secret, token, maxskew): + (hextime, theirmac64) = token.split(b' ') + now = _authtoken_time() + then = int(hextime, 16) + skew = then - now; + if (abs(skew) > maxskew): + raise ValueError('too much clock skew (client %ds ahead)' % skew) + theirmac = base64.b64decode(theirmac64) + ourmac = _authtoken_hmac(secret, hextime) + if not hmac.compare_digest(theirmac, ourmac): + raise ValueError('invalid token (wrong secret?)') + pass + #---------- config processing ---------- def _cfg_process_putatives(): @@ -386,11 +418,21 @@ def _cfg_process_putatives(): server_pat = r'[-.0-9A-Za-z]+' client_pat = r'[.:0-9a-f]+' server_re = regexp.compile(server_pat) - serverclient_re = regexp.compile(server_pat + r' ' + client_pat) + serverclient_re = regexp.compile( + server_pat + r' ' + '(?:' + client_pat + '|LIMIT)') for cs in cfg.sections(): - if cs == 'LIMIT': - # plan A "[LIMIT]" + def dbg(m): + log_debug_config('putatives: section [%s] %s' % (cs, m)) + + def log_ignore(why): + dbg('X ignore: %s' % (why)) + print('warning: ignoring config section [%s] (%s)' % (cs, why), + file=sys.stderr) + + if cs == 'LIMIT' or cs == 'COMMON': + # plan A "[LIMIT]" or "[COMMON]" + dbg('A ignore') continue try: @@ -400,6 +442,7 @@ def _cfg_process_putatives(): if server_re.fullmatch(cs): # plan C "[]" + dbg('C ') putative(servers, cs, cs) continue @@ -409,32 +452,37 @@ def _cfg_process_putatives(): if pcs == 'LIMIT': # plan E "[ LIMIT]" + dbg('E LIMIT') continue try: # plan D "[ ]" part 2 - ci = ipaddr(pc) + ci = ipaddr(pcs) except AddressValueError: - # plan F "[]" - # well, we ignore this - print('warning: ignoring config section %s' % cs, file=sys.stderr) + # plan F branch 1 "[]" + log_ignore('bad-addr') continue else: # no AddressValueError - # plan D "[ ]" part 3 + dbg('D ') putative(clients, ci, pcs) putative(servers, pss, pss) continue + else: + # plan F branch 2 "[]" + log_ignore('nomatch '+ repr(serverclient_re)) else: # no AddressValueError # plan B "[" part 2 + dbg('B ') putative(clients, ci, cs) continue return (servers, clients) -def cfg_process_common(c, ss): - c.mtu = cfg.getint(ss, 'mtu') +def cfg_process_general(c, ss): + c.mtu = cfg1getint(ss, 'mtu') def cfg_process_saddrs(c, ss): class ServerAddr(): @@ -460,20 +508,20 @@ def cfg_process_saddrs(c, ss): def __repr__(self): return 'ServerAddr'+repr((self.port,self.addr)) - c.port = cfg.getint(ss,'port') + c.port = cfg1getint(ss,'port') c.saddrs = [ ] - for addrspec in cfg.get(ss, 'addrs').split(): + for addrspec in cfg1get(ss, 'addrs').split(): sa = ServerAddr(c.port, addrspec) c.saddrs.append(sa) def cfg_process_vnetwork(c, ss): - c.vnetwork = ipnetwork(cfg.get(ss,'vnetwork')) + c.vnetwork = ipnetwork(cfg1get(ss,'vnetwork')) if c.vnetwork.num_addresses < 3 + 2: raise ValueError('vnetwork needs at least 2^3 addresses') def cfg_process_vaddr(c, ss): try: - c.vaddr = cfg.get(ss,'vaddr') + c.vaddr = cfg1get(ss,'vaddr') except NoOptionError: cfg_process_vnetwork(c, ss) c.vaddr = next(c.vnetwork.hosts()) @@ -484,29 +532,40 @@ def cfg_search_section(key,sections): return section raise NoOptionError(key, repr(sections)) +def cfg_get_raw(*args, **kwargs): + # for passing to cfg_search + return cfg.get(*args, raw=True, **kwargs) + def cfg_search(getter,key,sections): section = cfg_search_section(key,sections) return getter(section, key) +def cfg1get(section,key, getter=cfg.get,**kwargs): + section = cfg_search_section(key,[section,'COMMON']) + return getter(section,key,**kwargs) + +def cfg1getint(section,key, **kwargs): + return cfg1get(section,key, getter=cfg.getint,**kwargs); + def cfg_process_client_limited(cc,ss,sections,key): - val = cfg_search(cfg.getint, key, sections) - lim = cfg_search(cfg.getint, key, ['%s LIMIT' % ss, 'LIMIT']) + val = cfg_search(cfg1getint, key, sections) + lim = cfg_search(cfg1getint, key, ['%s LIMIT' % ss, 'LIMIT']) cc.__dict__[key] = min(val,lim) def cfg_process_client_common(cc,ss,cs,ci): - # returns sections to search in, iff password is defined, otherwise None + # returns sections to search in, iff secret is defined, otherwise None cc.ci = ci sections = ['%s %s' % (ss,cs), cs, ss, - 'DEFAULT'] + 'COMMON'] - try: pwsection = cfg_search_section('password', sections) + try: pwsection = cfg_search_section('secret', sections) except NoOptionError: return None - pw = cfg.get(pwsection, 'password') - cc.password = pw.encode('utf-8') + pw = cfg1get(pwsection, 'secret') + cc.secret = pw.encode('utf-8') cfg_process_client_limited(cc,ss,sections,'target_requests_outstanding') cfg_process_client_limited(cc,ss,sections,'http_timeout') @@ -518,11 +577,14 @@ def cfg_process_ipif(c, sections, varmap): try: v = getattr(c, s) except AttributeError: continue setattr(c, d, v) + for d in ('mtu',): + v = cfg_search(cfg.get, d, sections) + setattr(c, d, v) #print('CFGIPIF',repr((varmap, sections, c.__dict__)),file=sys.stderr) section = cfg_search_section('ipif', sections) - c.ipif_command = cfg.get(section,'ipif', vars=c.__dict__) + c.ipif_command = cfg1get(section,'ipif', vars=c.__dict__) #---------- startup ---------- @@ -580,7 +642,7 @@ def common_startup(process_cfg): def read_defconfig(): readconfig('/etc/hippotat/config.d', False) - readconfig('/etc/hippotat/passwords.d', False) + readconfig('/etc/hippotat/secrets.d', False) readconfig('/etc/hippotat/master.cfg', False) def oc_defconfig(od,os, value, op):