From d3731285e1e3638e7f4877c78ed9e27e1fd72233 Mon Sep 17 00:00:00 2001 Message-Id: From: Mark Wooding Date: Sat, 5 Jan 2013 07:52:43 +0000 Subject: [PATCH] Explicit close-down notifications. Organization: Straylight/Edgeware From: Mark Wooding Suppose I have a mobile device, and I roam from one peer to another in the same organization. The old peer will continue to believe that I'm connected through it until it notices, some time later, that pings aren't getting through to me; it will therefore be sending packets to me through its broken tunnel. Suppose further that the organization is using some dynamic routing protocol in order to propagate information about how packets to me ought to be routed: then, this old peer will be continuing to advertise its broken route to me, and all hosts closer to the old peer than the new one will use the wrong route, until the connection gets pinged out. We can fix this by having the mobile peer send some explicit notification. It doesn't have to be completely reliable, fortunately. This change touches a fair few pieces of the code, but in simple ways. * `connect' grows a new command to map a user name to a peer name. * `watch' grows the ability to issue a `disconnect' command. * The default `peers.in' file passes an explicit argument in its `connect' SSH rune, and adds a `disconnect' rune with a different action argument. * The contributed `knock' script knows about these new actions, and how to pass them about. This is pretty much a rewrite, but it was a very simple program before. --- contrib/knock.in | 53 +++++++++++++++++++++++++++++++++----------- debian/changelog | 7 ++++++ peerdb/peers.in | 5 ++++- peerdb/peers.in.5.in | 4 ++++ svc/connect.8.in | 11 ++++++++- svc/connect.in | 13 ++++++++++- svc/watch.8.in | 15 +++++++++++++ svc/watch.in | 19 ++++++++++++++++ 8 files changed, 111 insertions(+), 16 deletions(-) diff --git a/contrib/knock.in b/contrib/knock.in index be55f2b9..28d8e532 100755 --- a/contrib/knock.in +++ b/contrib/knock.in @@ -25,23 +25,50 @@ set -e : ${tripectl=$bindir/tripectl} export TRIPEDIR TRIPESOCK -case "$#,$1,$2" in - - 2,-c,*:*) - ## Proxy through to another server. - server=${2%:*} user=${2##*:} - exec ssh "$server" "$user" +## Make sure we're being called properly, and figure out the peer identity. +case "$#,$1" in + 2,-c) ;; + *) + echo >&2 "usage: $0 -c '[SERVER:]PEER [hello|goodbye]'" + exit 1 ;; +esac - 2,-c,*) - ## Connect to the local tripe server. - exec $tripectl SVCSUBMIT connect passive "$2" - ;; +## SSH has smushed all of our arguments together, so let's split them apart +## again. +set -- $2 + +## Examine the peer identifier and work out how to proceed. +case "$#,$1" in + 0,*) echo >&2 "$0: missing peer identifier"; exit 1 ;; + *:*) mode=proxy server=${1%:*} user=${1##*:} ;; + *) mode=local user=$1 ;; +esac +shift +## If there's no action then check to see whether SSH has hidden one +## somewhere. Make sure the command looks sensible. +case "$#" in 0) set -- $SSH_ORIGINAL_COMMAND ;; esac +case "$#,$1" in + 0, | 1,hello) act=hello ;; + 1,goodbye) act=goodbye ;; + *) echo >&2 "$0: unknown action spec \`$*'"; exit 1 ;; +esac + +## Now actually do something. +case "$mode,$act" in + proxy,*) + exec ssh "$server" "$user" "$act" + ;; + local,hello) + exec $tripectl SVCSUBMIT connect passive "$user" + ;; + local,goodbye) + peer=$($tripectl SVCSUBMIT connect userpeer "$user") + exec $tripectl KILL "$peer" + ;; *) - ## Anything else is an error. - echo >&2 "usage: $0 -c [SERVER:]PEER" + echo >&2 "$0: unknown mode/action $mode/$act" exit 1 ;; - esac diff --git a/debian/changelog b/debian/changelog index ccbcf58f..ce929b62 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +tripe (1.0.0pre12) experimental; urgency=low + + * tripe-peer-services: Add machinery for notifying a peer that we no + longer require its services. + + -- Mark Wooding Sat, 05 Jan 2013 07:50:33 +0000 + tripe (1.0.0pre11.1) experimental; urgency=low * tripe: Fix segfault from PEERINFO command. diff --git a/peerdb/peers.in b/peerdb/peers.in index 5e381bdd..53eef5b2 100644 --- a/peerdb/peers.in +++ b/peerdb/peers.in @@ -85,7 +85,10 @@ ssh-user = tripe ;; connect: shell command to use to wake up the remote peer and establish the ;; connection. -connect = ssh -q $(ssh-user)@$[$(host)] +connect = ssh -q $(ssh-user)@$[$(host)] hello + +;; disconnect: shell command to use to shut the remote peer down. +disconnect = ssh -q $(ssh-user)@$[$(host)] goodbye ;; keepalive: how often to send NOP packets to keep the connection alive, at ;; least in the minds of intermediate stateful firewalls and NAT routers. diff --git a/peerdb/peers.in.5.in b/peerdb/peers.in.5.in index 48f69b3b..e31d0e37 100644 --- a/peerdb/peers.in.5.in +++ b/peerdb/peers.in.5.in @@ -138,6 +138,10 @@ Shell command for initiating connection to this peer. Used by Don't initiate immediate key exchange. Used by .BR connect (8). .TP +.B disconnect +Shell command for closing down connection to this peer. Used by +.BR watch (8). +.TP .B every Interval for checking that the peer is still alive and well. Used by .BR watch (8). diff --git a/svc/connect.8.in b/svc/connect.8.in index d529918d..2cc3c5ce 100644 --- a/svc/connect.8.in +++ b/svc/connect.8.in @@ -302,6 +302,13 @@ for days, hours, minutes or seconds respectively; if no suffix is given, seconds are assumed. .\"-opts .RE +.SP +.BI "userpeer " user +Output a single +.B INFO +line identifying the peer corresponding to the +.I user +name. . .\"-------------------------------------------------------------------------- .SH "ERROR MESSAGES" @@ -341,7 +348,9 @@ has no record in the database. .SP .BI "unknown-user " user (For -.BR passive .) +.B passive +and +.BR userinfo .) There is no record of .I user in the database. diff --git a/svc/connect.in b/svc/connect.in index 5f8940e3..0031d36f 100644 --- a/svc/connect.in +++ b/svc/connect.in @@ -130,6 +130,16 @@ def cmd_info(name): for i in items: T.svcinfo('%s=%s' % (i, peer.get(i))) +def cmd_userpeer(user): + """ + userpeer USER: Report the peer name for the named user. + """ + try: + peer = CDB.init(opts.cdb)['U' + user] + except KeyError: + raise T.TripeJobError('unknown-user', user) + T.svcinfo(peer) + ## Dictionary mapping challenges to waiting passive-connection coroutines. chalmap = {} @@ -241,7 +251,8 @@ service_info = [('connect', VERSION, { 'passive': (1, None, '[OPTIONS] USER', cmd_passive), 'active': (1, 1, 'PEER', cmd_active), 'info': (1, 1, 'PEER', cmd_info), - 'list': (0, 0, '', cmd_list) + 'list': (0, 0, '', cmd_list), + 'userpeer': (1, 1, 'USER', cmd_userpeer) })] if __name__ == '__main__': diff --git a/svc/watch.8.in b/svc/watch.8.in index 3e402510..79ddbef9 100644 --- a/svc/watch.8.in +++ b/svc/watch.8.in @@ -248,6 +248,17 @@ command will issue a command such as where .I our-name is the remote peer's name for this host. +.PP +Similarly, if the database record has a +.B disconnect +entry, then +.B watch +will use this to give the peer explicit notification that its services +are no longer needed. The value f the +.B disconnect +key is invoked as a Bourne shell command. This ought to result in a +.B KILL +command being issued to the peer's server. .SS "Operation" On startup, .B watch @@ -451,6 +462,10 @@ under various circumstances. The process identifiers are as follows. A child spawned in order to establish a dynamic connection with .IR peer . .SP +.BI "disconnect " peer +A child spawned in order to shut down a dynamic connection with +.IR peer . +.SP .BI "ifdown " peer A child spawned to deconfigure the network interface for .IR peer . diff --git a/svc/watch.in b/svc/watch.in index 5917c79e..4aaf20be 100644 --- a/svc/watch.in +++ b/svc/watch.in @@ -329,6 +329,22 @@ def connect(peer, conn = None): q.get() potwatch('connect', peer, q) +def disconnect(peer, disconn = None): + """ + Start the job of disconnecting from a passive PEER. + + The DISCONN string is a shell command which will disconnect from the peer. + """ + if disconn is None: + try: + conn = peerinfo(peer)['disconnect'] + except KeyError: + return + q = T.Queue() + cmd = Command(['disconnect', peer], q, 'disconnect', + ['/bin/sh', '-c', disconn], None) + potwatch('disconnect', peer, q) + _pingseq = 0 class PingPeer (object): """ @@ -641,6 +657,9 @@ def delpeer(peer): pinger.kill(peer) except KeyError: pass + if 'disconnect' in info: + T.Coroutine(disconnect, name = 'disconnect %s' % peer) \ + .switch(peer, info['disconnect']) if 'ifdown' in info: T.Coroutine(ifupdown, name = 'ifdown %s' % peer) \ .switch('ifdown', peer, info) -- [mdw]