diff options
author | Linus Nordberg <linus@nordu.net> | 2017-02-07 17:02:44 +0100 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2017-02-07 17:02:44 +0100 |
commit | 70a87a1d878106aa97205507c3cd3eb9ba1667f2 (patch) | |
tree | 1ef06e6bd7a704f07bfd4457c8a8920969c81b1b | |
parent | 71cc72d3c5e977355ebb0aa8bcb065a08207ec2f (diff) |
Create and use the minsize file.
-rwxr-xr-x | test/scripts/light-system-test-prepare.sh | 1 | ||||
-rwxr-xr-x | test/scripts/light-system-test-start.sh | 5 | ||||
-rwxr-xr-x | test/scripts/light-system-test-stop.sh | 2 | ||||
-rwxr-xr-x | test/scripts/light-system-test.sh | 2 | ||||
-rw-r--r-- | tools/certtools.py | 1 | ||||
-rwxr-xr-x | tools/compileconfig.py | 1 | ||||
-rwxr-xr-x | tools/initlog.py | 107 |
7 files changed, 69 insertions, 50 deletions
diff --git a/test/scripts/light-system-test-prepare.sh b/test/scripts/light-system-test-prepare.sh index 6c706fd..1f68ed1 100755 --- a/test/scripts/light-system-test-prepare.sh +++ b/test/scripts/light-system-test-prepare.sh @@ -42,7 +42,6 @@ mkdir keys (cd keys ; ${top_srcdir}/tools/create-key.sh logkey) openssl pkcs8 -topk8 -nocrypt -in keys/logkey-private.pem -out keys/logkey-private.pkcs8 mkdir mergedb -touch mergedb/logorder mkdir mergedb-secondary touch mergedb-secondary/logorder printf 0 > mergedb-secondary/verifiedsize diff --git a/test/scripts/light-system-test-start.sh b/test/scripts/light-system-test-start.sh index 985a23c..cdfda8c 100755 --- a/test/scripts/light-system-test-start.sh +++ b/test/scripts/light-system-test-start.sh @@ -41,6 +41,9 @@ for i in 1 2 3 4 5 6 7 8 9 10; do fi done -[ $# -gt 0 ] && [ "$1" = "initlog" ] && $top_srcdir/tools/initlog.py --config machine/merge/catlfish-test.cfg --localconfig machine/merge/catlfish-test-local-merge.cfg +if [ $# -gt 0 ] && [ "$1" = "initlog" ]; then + shift 1 + $top_srcdir/tools/initlog.py --config machine/merge/catlfish-test.cfg --localconfig machine/merge/catlfish-test-local-merge.cfg $@ +fi start_node $(echo ${MERGEPRIMARYNODE} | tr ':' ' ') diff --git a/test/scripts/light-system-test-stop.sh b/test/scripts/light-system-test-stop.sh index 2265a34..aef9c76 100755 --- a/test/scripts/light-system-test-stop.sh +++ b/test/scripts/light-system-test-stop.sh @@ -14,7 +14,7 @@ stop_node() { for nodegroup in $FRONTENDNODES $MERGEPRIMARYNODE $STORAGENODES $MERGESECONDARYNODES $SIGNINGNODES; do for node in $nodegroup; do - echo "starting $node" + echo "stopping $node" stop_node $(echo $node | tr ':' ' ') done done diff --git a/test/scripts/light-system-test.sh b/test/scripts/light-system-test.sh index d2d242c..ad3daca 100755 --- a/test/scripts/light-system-test.sh +++ b/test/scripts/light-system-test.sh @@ -49,7 +49,7 @@ echo echo echo ${SCRIPTS}/light-system-test-prepare-merge-takeover.sh -tests_start initlog +tests_start initlog --promote-secondary ${SCRIPTS}/light-system-test-run-3.sh || (echo "Tests failed"; sleep 5; tests_stop; false) sleep 5 tests_stop diff --git a/tools/certtools.py b/tools/certtools.py index 82339aa..f5482cb 100644 --- a/tools/certtools.py +++ b/tools/certtools.py @@ -17,6 +17,7 @@ import zipfile import shutil import requests import warnings +import logging from certkeys import publickeys diff --git a/tools/compileconfig.py b/tools/compileconfig.py index a5f013a..84b2a4a 100755 --- a/tools/compileconfig.py +++ b/tools/compileconfig.py @@ -374,6 +374,7 @@ def gen_config(nodename, config, localconfig): plopconfig.append((Symbol("sth_path"), paths["mergedb"] + "/sth")) plopconfig.append((Symbol("fetched_path"), paths["mergedb"] + "/fetched")) plopconfig.append((Symbol("verified_path"), paths["mergedb"] + "/verified")) + plopconfig.append((Symbol("minsize_path"), paths["mergedb"] + "/minsize")) reloadableplopconfig.append((Symbol("signing_nodes"), signingnodeaddresses)) reloadableplopconfig.append((Symbol("backup_quorum"), config["backup-quorum-size"])) allowed_servers += allowed_servers_primarymerge(frontendnodenames, mergesecondarynames, signingnodenames) diff --git a/tools/initlog.py b/tools/initlog.py index 3ef5720..9b30979 100755 --- a/tools/initlog.py +++ b/tools/initlog.py @@ -15,10 +15,11 @@ import errno from time import time from base64 import b64encode from certtools import build_merkle_tree, write_file, generate_tree_head_signature -from mergetools import get_sth, perm, get_logorder +from mergetools import get_sth, perm, get_logorder, hexencode def parse_args(): parser = argparse.ArgumentParser(description="") + parser.add_argument('--promote-secondary', action='store_true') parser.add_argument('--config', help="System configuration", required=True) parser.add_argument('--localconfig', help="Local configuration", @@ -30,70 +31,84 @@ def parse_args(): return (args, config, localconfig) +# TODO: Add a `--init-secondary' option too? + def main(): """ - Initialise a log by creating - - sth file - - must not exist before - - consulting 'logorder' if it exists - - perm database if it doesn't exist + Initialise a log, either from scratch or by promoting a secondary + merge node (--promote-secondary). + + Refuse to do anything if there's an sth file present. + + When initialising from scratch, do + - touch logorder + - write -1 to fetched + - write 0 to minsize + - create perm database if it doesn't exist + + When promoting a secondary (--promote-secondary), do + - read logorder, let n = length of logorder + - write n-1 to fetched + - write n to minsize + - create perm database if it doesn't exist """ args, config, localconfig = parse_args() - signingnodes = config["signingnodes"] paths = localconfig["paths"] own_key = (localconfig["nodename"], "%s/%s-private.pem" % (paths["privatekeys"], localconfig["nodename"])) mergedb = paths["mergedb"] - logorderfile = mergedb + "/logorder" sthfile = mergedb + "/sth" + logorderfile = mergedb + "/logorder" + currentsizefile = mergedb + "/fetched" + minsizefile = mergedb + "/minsize" + + # Make sure that we can find our keyfile. + if not file_exists(own_key[1]): + print >>sys.stderr, "Unable to open keyfile: %s" % own_key[1] + return 1 # Don't do anything if there's already an sth file. - sth = get_sth(sthfile) - if sth['tree_size'] >= 0: - print >>sys.stderr, \ - "This log has an STH file with tree size %s." % sth['tree_size'] + if file_exists(sthfile): + print >>sys.stderr, "This log already has an STH file: %s" % sthfile print >>sys.stderr, "I refuse to destroy this log." - return 1 + return 2 - # Ensure that we can find our keyfile. - try: - os.stat(own_key[1]) - except OSError, e: - if e.errno == errno.ENOENT: - print >>sys.stderr, "Unable to open keyfile: %s" % own_key[1] - return 1 - raise + # Read or touch logorder. + if args.promote_secondary: + logorder = get_logorder(logorderfile) + size = len(logorder) + last_hash = logorder[size-1] + else: + if file_exists(logorderfile): + print >>sys.stderr, "This log already has logorder file: %s" % logorderfile + print >>sys.stderr, "I refuse to destroy this log." + return 3 + open(logorderfile, "a").close() + size = 0 + last_hash = '' - # Create a chains database. - chainsdb = perm(localconfig.get("dbbackend", "filedb"), mergedb + "/chains") + # Write fetched. + currentsize = {"index": size - 1, "hash": hexencode(last_hash)} + write_file(currentsizefile, currentsize) - # Create sth file. - tree_size = 0 - root_hash = build_merkle_tree('')[-1][0] - try: - logorder = get_logorder(logorderfile) - tree_size = len(logorder) - root_hash = build_merkle_tree(logorder[:tree_size])[-1][0] - except IOError, e: - if e.errno == errno.ENOENT: - pass - timestamp = int(time() * 1000) - tree_head_signature = \ - generate_tree_head_signature(signingnodes, own_key, - tree_size, timestamp, root_hash) - if tree_head_signature == None: - return 1 + # Write minsize. + minsize = {"size": size} + write_file(minsizefile, minsize) - sth = {"tree_size": tree_size, - "timestamp": timestamp, - "sha256_root_hash": b64encode(root_hash), - "tree_head_signature": b64encode(tree_head_signature)} - print "Creating sth file with tree size", tree_size, \ - "and timestamp", timestamp - write_file(sthfile, sth) + # Create a chains database. + perm(localconfig.get("dbbackend", "filedb"), mergedb + "/chains") return 0 +def file_exists(path): + try: + os.stat(path) + except OSError, e: + if e.errno == errno.ENOENT: + return False + raise + return True + if __name__ == '__main__': sys.exit(main()) |