From 699ae9e3d86dd3b9eac346b88b5b6753da4816fa Mon Sep 17 00:00:00 2001
From: Sapan Bhatia <sapanb@cs.princeton.edu>
Date: Wed, 28 Oct 2009 21:32:11 +0000
Subject: [PATCH] The idea of changing a 'standard' tag to drop a file is not
 good, since somebody may refer this tag in the future. I am undoing the
 change. This tag is now identical to its state when module-tag was called.

---
 plugins/sliverauth.py | 74 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 plugins/sliverauth.py

diff --git a/plugins/sliverauth.py b/plugins/sliverauth.py
new file mode 100644
index 0000000..1327326
--- /dev/null
+++ b/plugins/sliverauth.py
@@ -0,0 +1,74 @@
+#!/usr/bin/python -tt
+# vim:set ts=4 sw=4 expandtab:
+# NodeManager plugin to empower slivers to make API calls
+
+"""
+Sliver authentication support for NodeManager.
+
+"""
+
+import errno
+import os
+import random
+import string
+import tempfile
+import time
+
+import logger
+import tools
+
+def start(options, conf):
+    logger.log("sliverauth plugin starting up...")
+
+def SetSliverTag(plc, slice, tagname, value):
+    node_id = tools.node_id()
+    slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname})
+    if len(slivertags)==0:
+        slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id)
+    else:
+        slivertag_id=slivertags[0]['slice_tag_id']
+        plc.UpdateSliceTag(slivertag_id,value)
+
+def GetSlivers(data, config, plc):
+    if 'slivers' not in data:
+        logger.log("sliverauth: getslivers data lack's sliver information. IGNORING!")
+        return
+
+    for sliver in data['slivers']:
+        found_hmac = False
+        for attribute in sliver['attributes']:
+            name = attribute.get('tagname',attribute.get('name',''))
+            if name == 'hmac':
+                found_hmac = True
+                hmac = attribute['value']
+                break
+
+        if not found_hmac:
+            # XXX need a better random seed?!
+            random.seed(time.time())
+            d = [random.choice(string.letters) for x in xrange(32)]
+            hmac = "".join(d)
+            SetSliverTag(plc,sliver['name'],'hmac',hmac)
+            logger.log("sliverauth setting %s hmac" % sliver['name'])
+
+        path = '/vservers/%s/etc/planetlab' % sliver['name']
+        if os.path.exists(path):
+            keyfile = '%s/key' % path 
+            oldhmac = ''
+            if os.path.exists(keyfile):
+                f = open(keyfile,'r')
+                oldhmac = f.read()
+                f.close()
+
+            if oldhmac <> hmac:
+                # create a temporary file in the vserver
+                fd, name = tempfile.mkstemp('','key',path)
+                os.write(fd,hmac)
+                os.close(fd)
+                if os.path.exists(keyfile):
+                    os.unlink(keyfile)
+                os.rename(name,keyfile)
+                logger.log("sliverauth writing hmac to %s " % keyfile)
+
+            os.chmod(keyfile,0400)
+
-- 
2.47.0