#!/usr/bin/python -tt # vim:set ts=4 sw=4 expandtab: # NodeManager plugin to empower slivers to make API calls """ Sliver authentication support for NodeManager. """ import errno import os import random import string import tempfile import logger import tools def start(options, conf): # XXX REMOVE ME return logger.log("sliverauth plugin starting up...") def SetSliverTag(plc, slice, tagname, value): node_id = tools.node_id() slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname}) if len(slivertags)==0: slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id) else: slivertag_id=slivertags[0]['slice_tag_id'] plc.UpdateSliceTag(slivertag_id,value) def GetSlivers(data, config, plc): if 'slivers' not in data: logger.log("sliverauth: getslivers data lack's sliver information. IGNORING!") return random.seed(42) for sliver in data['slivers']: found_hmac = False for attribute in sliver['attributes']: name = attribute.get('tagname',attribute.get('name','')) if name == 'hmac': found_hmac = True hmac = attribute['value'] break if not found_hmac: d = [random.choice(string.letters) for x in xrange(32)] hmac = "".join(d) SetSliverTag(plc,sliver['name'],'hmac',hmac) path = '/vservers/%s/etc/planetlab' % sliver['name'] if os.path.exists(path): keyfile = '%s/key' % path oldhmac = '' if os.path.exists(keyfile): f = open(keyfile,'r') oldhmac = f.read() f.close() if oldhmac <> hmac: # create a temporary file in the vserver fd, name = tempfile.mkstemp('','key',path) os.write(fd,hmac) os.close(fd) if os.path.exists(keyfile): os.unlink(keyfile) os.rename(name,keyfile) os.chmod(keyfile,0400)