Commit 091a0b62 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Frontend and parser portion of two event system changes:

* Generate a shared secret key for the event system. This key is
  stored into the DB, and passed to the node via tmcd. It is also
  stashed into a file in the experiment directory (can be accessed
  only by the project/group members). The key is used to attach a
  HMAC (hashed message authentication) to each event, which is checked
  by the receivers to ensure that the event is not bogus. More details
  on this later when I commit the event library/client changes.

* Added "virt_programs" table to store info about each program object
  defined by the user. The intent is to no longer send the command
  string in the event, but to fix it in the DB, and transfer it via
  tmcd. This removes our "remote execution facility" which was always
  a bad idea (we have ssh for that, and that is a lot more secure then
  the event system!).

  Note that for the time being we need to continue send the command in
  the event because of old images, but the new images will now ignore
  that part of the event.
parent c21683ef
......@@ -173,7 +173,7 @@ use Exporter;
TBDB_ROUTERTYPE_NONE TBDB_ROUTERTYPE_OSPF
TBDB_ROUTERTYPE_STATIC TBDB_ROUTERTYPE_MANUAL
TBDB_EVENTKEY
max min
);
......@@ -546,6 +546,9 @@ sub TBDB_ROUTERTYPE_OSPF() { "ospf"; }
sub TBDB_ROUTERTYPE_STATIC() { "static"; }
sub TBDB_ROUTERTYPE_MANUAL() { "manual"; }
# Event Stuff
sub TBDB_EVENTKEY($$) { TBExptUserDir($_[0],$_[1]) . "/tbdata/eventkey"; }
#
# Auth stuff.
#
......@@ -2667,6 +2670,7 @@ sub TBGetSiteVar($)
"virt_agents",
"virt_routes",
"virt_vtypes",
"virt_programs",
"virt_node_desires",
"nseconfigs",
"eventlist",
......
......@@ -50,6 +50,7 @@ my %virtual_tables = ("experiments" => undef,
"virt_node_desires" => undef,
"virt_routes" => undef,
"virt_vtypes" => undef,
"virt_programs" => undef,
"nseconfigs" => undef,
"eventlist" => undef);
......
......@@ -39,6 +39,7 @@ my $optlist = "iE:d:g:x:e:p:sa:l:n:fq";
my $TB = "@prefix@";
my $DBNAME = "@TBDBNAME@";
my $PROJROOT = "/proj";
my $EVENTSYS = @EVENTSYS@;
#
# Testbed Support libraries
......@@ -159,9 +160,11 @@ if (!$immediate && TBSiteVarExists("idle/batch_threshold")) {
}
#
# Grab me a secret key!
# Grab me a secret key for accessing tar/rpm files via the web interface.
# Grab another secret key for the event system HMACs.
#
my $secretkey = TBGenSecretKey();
my $webkey = TBGenSecretKey();
my $eventkey = TBGenSecretKey();
#
# Create an experiment record. The pid/eid has to be unique, so lock the
......@@ -189,12 +192,12 @@ if (! DBQueryWarn("INSERT INTO experiments ".
"(eid, pid, gid, expt_created, expt_expires, expt_name,".
" expt_head_uid,expt_swap_uid, state, priority, swappable,".
" idleswap, idleswap_timeout, autoswap, autoswap_timeout,".
" idle_ignore, keyhash, batchstate, expt_locked) ".
" idle_ignore, keyhash, batchstate, expt_locked, eventkey) ".
"VALUES ('$eid', '$pid', '$gid', now(), '$expires', ".
"$description,'$dbuid', '$dbuid', '$exptstate', $priority, ".
"$swappable, $idleswap, '$swaptime', $autoswap, ".
"'$autoswaptime', $idleignore, '$secretkey', ".
"'$swapstate', now())")) {
"'$autoswaptime', $idleignore, '$webkey', ".
"'$swapstate', now(), '$eventkey')")) {
DBQueryWarn("unlock tables");
die("*** $0:\n".
" Database error inserting record for $pid/$eid!\n");
......@@ -235,6 +238,16 @@ if (system("$mkexpdir $pid $gid $eid") != 0) {
fatal("$mkexpdir failed");
}
#
# Dump the eventkey into a file in the experiment directory.
#
if ($EVENTSYS) {
open(KEY, ">" . TBDB_EVENTKEY($pid, $eid)) or
fatal("Could not create eventkey file: $!");
print KEY $eventkey;
close(KEY);
}
#
# If no NS file, we are done. We must unlock it and reset its state
# appropriately. We leave the experiment in the "new" state so that
......@@ -385,7 +398,7 @@ sub ParseArgs()
$tempnsfile = $ARGV[0];
# Note different taint check (allow /).
if ($tempnsfile =~ /^([-\@\w.\/]+)$/) {
if ($tempnsfile =~ /^([-\@\w\.\/]+)$/) {
$tempnsfile = $1;
}
else {
......
......@@ -118,25 +118,23 @@ if (! ($expstate = ExpState($pid, $eid))) {
}
#
# Do not allow an event system to be controlled if the experiment is not
# active (or swapping). We will eventually give the user the ability
# to control the event system directly.
# Check permission. Only people with permission to destroy the experiment
# can do this.
#
if ($expstate ne EXPTSTATE_ACTIVE &&
$expstate ne EXPTSTATE_ACTIVATING &&
$expstate ne EXPTSTATE_SWAPPING) {
if (! TBExptAccessCheck($UID, $pid, $eid, TB_EXPT_DESTROY)) {
die("*** $0:\n".
" Experiment $pid/$eid must active (or swapping)!\n");
" You do not have permission to control the event system!\n");
}
#
# Check permission. Only people with permission to destroy the experiment
# can do this.
# Do not allow an event system to be controlled if the experiment is not
# active (or swapping).
#
if ($UID &&
! TBExptAccessCheck($UID, $pid, $eid, TB_EXPT_DESTROY)) {
if ($expstate ne EXPTSTATE_ACTIVE &&
$expstate ne EXPTSTATE_ACTIVATING &&
$expstate ne EXPTSTATE_SWAPPING) {
die("*** $0:\n".
" You do not have permission to control the event system!\n");
" Experiment $pid/$eid must active (or swapping)!\n");
}
#
......@@ -262,5 +260,5 @@ if (my $childpid = TBBackGround("$path/logs/event-sched.log")) {
}
exit(0);
}
system("$evsched -dd -s $BOSSADDR $pid $eid");
system("$evsched -dd -s $BOSSADDR -k ".TBDB_EVENTKEY($pid,$eid)." $pid $eid");
exit($? >> 0);
......@@ -63,6 +63,9 @@ Program instproc updatedb {DB} {
set progvnode [$node set nsenode]
}
# Update the DB
spitxml_data "virt_programs" [list "vnode" "vname" "command"] [list $progvnode $self $command ]
$sim spitxml_data "virt_agents" [list "vnode" "vname" "objecttype" ] [list $progvnode $self $objtypes(PROGRAM) ]
}
......@@ -602,6 +602,8 @@ Simulator instproc at {time eventstring} {
switch -- $cmd {
"start" {
set etype START
# Must leave this here for the benefit of old
# images that expect the command line in the event.
set arg [$obj set command]
set args "COMMAND=$arg"
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment