svn:keywords
[bootmanager.git] / source / steps / AuthenticateWithPLC.py
1 #!/usr/bin/python
2 #
3 # $Id$
4 # $URL$
5 #
6 # Copyright (c) 2003 Intel Corporation
7 # All rights reserved.
8 #
9 # Copyright (c) 2004-2006 The Trustees of Princeton University
10 # All rights reserved.
11
12
13 import os
14
15 from Exceptions import *
16 import BootAPI
17
18
19 AUTH_FAILURE_COUNT_FILE= "/tmp/authfailurecount"
20
21
22 def Run( vars, log ):
23     """
24     Authenticate this node with PLC. This ensures that the node can operate
25     as normal, and that our management authority has authorized it.
26
27     For this, just call the PLC api function BootCheckAuthentication
28
29     Return 1 if authorized, a BootManagerException if not or the
30     call fails entirely.
31
32     If there are two consecutive authentication failures, put the node
33     into debug mode and exit the bootmanager.
34
35     Expect the following variables from the store:
36     NUM_AUTH_FAILURES_BEFORE_DEBUG    How many failures before debug
37     """
38
39     log.write( "\n\nStep: Authenticating node with PLC.\n" )
40
41     # make sure we have the variables we need
42     try:
43         NUM_AUTH_FAILURES_BEFORE_DEBUG= int(vars["NUM_AUTH_FAILURES_BEFORE_DEBUG"])
44     except KeyError, var:
45         raise BootManagerException, "Missing variable in vars: %s\n" % var
46     except ValueError, var:
47         raise BootManagerException, "Variable in vars, shouldn't be: %s\n" % var
48
49     try:
50         authorized= BootAPI.call_api_function( vars, "BootCheckAuthentication", () )
51         if authorized == 1:
52             log.write( "Authentication successful.\n" )
53
54             try:
55                 os.unlink( AUTH_FAILURE_COUNT_FILE )
56             except OSError, e:
57                 pass
58             
59             return 1
60     except BootManagerException, e:
61         log.write( "Authentication failed: %s.\n" % e )
62     except:
63         # This is ugly.
64         if vars['DISCONNECTED_OPERATION']:
65             vars['API_SERVER_INST']= None
66             return 1
67         else:
68             raise
69
70     # increment auth failure
71     auth_failure_count= 0
72     try:
73         auth_failure_count= int(file(AUTH_FAILURE_COUNT_FILE,"r").read().strip())
74     except IOError:
75         pass
76     except ValueError:
77         pass
78
79     auth_failure_count += 1
80
81     try:
82         fail_file= file(AUTH_FAILURE_COUNT_FILE,"w")
83         fail_file.write( str(auth_failure_count) )
84         fail_file.close()
85     except IOError:
86         pass
87
88     if auth_failure_count >= NUM_AUTH_FAILURES_BEFORE_DEBUG:
89         log.write( "Maximum number of authentication failures reached.\n" )
90         log.write( "Canceling boot process and going into debug mode.\n" )
91
92     raise BootManagerException, "Unable to authenticate node."
93     
94