From 2d2a85edf02c635b592dfdb52c92dfa97b845f68 Mon Sep 17 00:00:00 2001 From: Thierry Parmentelat Date: Sun, 27 May 2018 14:10:38 +0200 Subject: [PATCH] the big cleanup: no more flash policy --- config/default_config.xml | 44 ++------- flashpolicy/sfa_flashpolicy.py | 126 ------------------------- flashpolicy/sfa_flashpolicy_config.xml | 8 -- setup.py | 2 - sfa.spec | 12 --- 5 files changed, 9 insertions(+), 183 deletions(-) delete mode 100644 flashpolicy/sfa_flashpolicy.py delete mode 100644 flashpolicy/sfa_flashpolicy_config.xml diff --git a/config/default_config.xml b/config/default_config.xml index de707b79..499bd6e7 100644 --- a/config/default_config.xml +++ b/config/default_config.xml @@ -3,7 +3,7 @@ @@ -21,7 +21,7 @@ Thierry Parmentelat Generic Flavour pl - This string refers to a class located in sfa.generic that describes + This string refers to a class located in sfa.generic that describes which specific implementation needs to be used for api, manager and driver objects. PlanetLab users do not need to change this setting. @@ -44,7 +44,7 @@ Thierry Parmentelat 0 Logging level; 0=minimum, 1=info, 2=debug - + Max Slice Renew 60 @@ -55,11 +55,11 @@ Thierry Parmentelat User Session Keys Path /var/lib/sfa/session_keys Some services will peform operations on behalf of a user, but make - it look like the user is the one performing the operation. Doing this requires a - valid key pair and credential for the user. This option defines the path where + it look like the user is the one performing the operation. Doing this requires a + valid key pair and credential for the user. This option defines the path where key pairs and credentials are generated and stored. - This functionality is used by the SFA web GUI. - + This functionality is used by the SFA web GUI. + @@ -231,32 +231,6 @@ Thierry Parmentelat - - - SFA Flash Policy - The settings that affect the flash policy server that will run - as part of this SFA instance. - - - - Enable Flash Policy Server - false - Allows this local SFA instance to run a - flash policy server. - - - Flash policy config file - /etc/sfa/sfa_flashpolicy_config.xml - The path to where the flash policy config file can be reached. - - - Flash policy port - 843 - The flash policy server port. - - - - @@ -301,13 +275,13 @@ Thierry Parmentelat SFA Flash Policy - The settings that affect how SFA connects to + The settings that affect how SFA connects to the Nova/EC2 API Sfa nova user novaadmin - Account/context to use when performing + Account/context to use when performing administrative nova operations diff --git a/flashpolicy/sfa_flashpolicy.py b/flashpolicy/sfa_flashpolicy.py deleted file mode 100644 index 6d266c27..00000000 --- a/flashpolicy/sfa_flashpolicy.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/env python -# -# flashpolicyd.py -# Simple socket policy file server for Flash -# -# Usage: flashpolicyd.py [--port=N] --file=FILE -# -# Logs to stderr -# Requires Python 2.5 or later - -from __future__ import with_statement -import os -import sys -import optparse -import socket -import thread -import exceptions -import contextlib - -VERSION = 0.1 - - -def daemon(): - """Daemonize the current process.""" - if os.fork() != 0: - os._exit(0) - os.setsid() - if os.fork() != 0: - os._exit(0) - os.umask(0) - devnull = os.open(os.devnull, os.O_RDWR) - os.dup2(devnull, 0) - # xxx fixme - this is just to make sure that nothing gets stupidly lost - - # should use devnull - crashlog = os.open('/var/log/sfa_flashpolicy.log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644) - os.dup2(crashlog, 1) - os.dup2(crashlog, 2) - - -class policy_server(object): - - def __init__(self, port, path): - self.port = port - self.path = path - self.policy = self.read_policy(path) - self.log('Listening on port %d\n' % port) - try: - self.sock = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) - except AttributeError: - # AttributeError catches Python built without IPv6 - self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - except socket.error: - # socket.error catches OS with IPv6 disabled - self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) - self.sock.bind(('', port)) - self.sock.listen(5) - - def read_policy(self, path): - with open(path, 'rb') as f: - policy = f.read(10001) - if len(policy) > 10000: - raise exceptions.RuntimeError('File probably too large to be a policy file', - path) - if 'cross-domain-policy' not in policy: - raise exceptions.RuntimeError('Not a valid policy file', - path) - return policy - - def run(self): - try: - while True: - thread.start_new_thread(self.handle, self.sock.accept()) - except socket.error as e: - self.log('Error accepting connection: %s' % e[1]) - - def handle(self, conn, addr): - addrstr = '%s:%s' % (addr[0], addr[1]) - try: - self.log('Connection from %s' % addrstr) - with contextlib.closing(conn): - # It's possible that we won't get the entire request in - # a single recv, but very unlikely. - request = conn.recv(1024).strip() - # if request != '\0': - # self.log('Unrecognized request from %s: %s' % (addrstr, request)) - # return - self.log('Valid request received from %s' % addrstr) - conn.sendall(self.policy) - self.log('Sent policy file to %s' % addrstr) - except socket.error as e: - self.log('Error handling connection from %s: %s' % (addrstr, e[1])) - except Exception as e: - self.log('Error handling connection from %s: %s' % (addrstr, e[1])) - - def log(self, str): - print >>sys.stderr, str - - -def main(): - parser = optparse.OptionParser(usage='%prog [--port=PORT] --file=FILE', - version='%prog ' + str(VERSION)) - parser.add_option('-p', '--port', dest='port', type=int, default=843, - help='listen on port PORT', metavar='PORT') - parser.add_option('-f', '--file', dest='path', - help='server policy file FILE', metavar='FILE') - parser.add_option("-d", "--daemon", dest="daemon", action="store_true", - help="Run as daemon.", default=False) - opts, args = parser.parse_args() - if args: - parser.error('No arguments are needed. See help.') - if not opts.path: - parser.error('File must be specified. See help.') - - try: - if opts.daemon: - daemon() - policy_server(opts.port, opts.path).run() - except Exception as e: - print >> sys.stderr, e - sys.exit(1) - except KeyboardInterrupt: - pass - -if __name__ == '__main__': - main() diff --git a/flashpolicy/sfa_flashpolicy_config.xml b/flashpolicy/sfa_flashpolicy_config.xml deleted file mode 100644 index 842f5868..00000000 --- a/flashpolicy/sfa_flashpolicy_config.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - diff --git a/setup.py b/setup.py index f14941a5..c98d71e0 100755 --- a/setup.py +++ b/setup.py @@ -35,7 +35,6 @@ scripts = glob("clientbin/*.py") + [ 'systemd/sfa-setup.sh', 'sfatables/sfatables', 'keyconvert/keyconvert.py', - 'flashpolicy/sfa_flashpolicy.py', ] packages = [ @@ -78,7 +77,6 @@ data_files = [ 'sfa/trust/sig.xsd', 'sfa/trust/xml.xsd', 'sfa/trust/protogeni-rspec-common.xsd', - 'flashpolicy/sfa_flashpolicy_config.xml', ]), ('/etc/sfatables/matches/', glob('sfatables/matches/*.xml')), ('/etc/sfatables/targets/', glob('sfatables/targets/*.xml')), diff --git a/sfa.spec b/sfa.spec index bc958762..ce705abf 100644 --- a/sfa.spec +++ b/sfa.spec @@ -62,11 +62,6 @@ Summary: the SFA layer around MyPLC Group: Applications/System Requires: sfa -%package flashpolicy -Summary: SFA support for flash clients -Group: Applications/System -Requires: sfa - %package federica Summary: the SFA layer around Federica Group: Applications/System @@ -113,9 +108,6 @@ sfi.py, together with other utilities. This package implements the SFA interface which serves as a layer between the existing PlanetLab interfaces and the SFA API. -%description flashpolicy -This package provides support for adobe flash client applications. - %description federica The SFA driver for FEDERICA. @@ -202,10 +194,6 @@ rm -rf $RPM_BUILD_ROOT /etc/sfa/protogeni-rspec-common.xsd /etc/sfa/topology -%files flashpolicy -%{_bindir}/sfa_flashpolicy.py* -/etc/sfa/sfa_flashpolicy_config.xml - %files federica %{python_sitelib}/sfa/federica -- 2.43.0