1. 15 Mar, 2012 1 commit
  2. 30 Jan, 2012 2 commits
    • Leigh Stoller's avatar
      Changes to make it easier for ProtoGeni users! · 3dac3cb8
      Leigh Stoller authored
      * When generating an encrypted SSL certificate, derive an SSH public
        key from the private key and store in the pubkeys table for the
        user. Note that SSH version 2 RSA keys are actually just openssl RSA
        keys, and that ssh-keygen can extract an ssh compatible public key
        from it.
      
      * Change getsslcert.php3 to return the ssh private and public key when
        give the "ssh" boolean argument. This is mostly for the benefit of
        Flack; we probably need a better UI for the user to get this stuff. 
      
      * Remove the requirement that users must upload an SSH key to use
        protogeni, since we now create one for them when they create their
        encrypted SSL certificate.
      
      * Some cleanup; instead of looking at the comment field to determine
        what pubkeys are Emulab created (and should not be deleted), use new
        internal and nodelete flags.
      3dac3cb8
    • Leigh Stoller's avatar
  3. 02 Dec, 2011 1 commit
    • Leigh Stoller's avatar
      Changes to allow new users to request their encrypted SSL certificate · 8def7e94
      Leigh Stoller authored
      on the join/start project pages. At the moment this is conditional
      under the PROTOGENI flag, since users on non-protogeni sites rarely
      need an encrypted SSL certificate. The initial passphrase has to be
      store someplace since we cannot built the certificate until the user
      is approved, so put it into the users table, and delete when the first
      certificate is built (at approval).
      8def7e94
  4. 07 Nov, 2011 1 commit
  5. 30 Aug, 2011 2 commits
  6. 22 Aug, 2011 1 commit
  7. 12 Aug, 2011 1 commit
  8. 10 Aug, 2011 1 commit
  9. 07 Jul, 2011 1 commit
  10. 20 Apr, 2011 1 commit
    • Leigh Stoller's avatar
      Changes our ssh key/account handling in RedeemTicket() and · 03c2107c
      Leigh Stoller authored
      CreateSliver(), to handle multiple accounts.  This somewhat reflects
      the Geni AM API for keys, which allows the client to specify multiple
      users, each with a set of ssh keys.
      
      The keys argument to the CM now looks like the following (note that
      the old format is still accepted and will be for a while).
      
      [{'urn'   => 'urn:blabla'
        'login' => 'dopey',
        'keys'  => [ list of keys like before ]},
       {'login' => "leebee",
        'keys'  => [ list of keys ... ]}];
      
      Key Points:
      
      1. You can supply a urn or a login or both. Typically, it is going to
         be the result of getkeys() at the PG SA, and so it will include
         both.
      
      2. If a login is provided, use that. Otherwise use the id from the urn.
      
      3. No matter what, verify that the token is valid for Emulab an uid
         (standard 8 char unix login that is good on just about any unix
         variant), and transform it if not.
      
      4. For now, getkeys() at the SA will continue to return the old format
         (unless you supply version=2 argument) since we do not want to
         default to a keylist that most CMs will barf on.
      
      5. I have modified the AM code to transform the Geni AM version of the
         "users" argument into the above structure. Bottom line here, is
         that users of the AM interface will not actually need to do
         anything, although now multiple users are actually supported
         instead of ignored.
      
      Still to be done are the changes to the login services structure in
      the manifest. We have yet to settle on what these changes will look
      like, but since people generally supply valid login ids, you probably
      will not need this, since no transformation will take place.
      03c2107c
  11. 04 Nov, 2010 1 commit
    • David Johnson's avatar
      Add a method that explicitly returns *only* Emulab-generated pubkeys. · 649a30ac
      David Johnson authored
      This method looks to see if these keys were *likely* generated by us.
      The regular GetSSHKeys specifically filters these out.  This new method
      should be used carefully, since these keys are not passphrase-protected.
      For instance, I'm only using it for loading keys on switches that are
      only locally accessible right now.
      649a30ac
  12. 12 Oct, 2010 2 commits
  13. 11 Oct, 2010 1 commit
    • Leigh Stoller's avatar
      Work on an optimization to the perl code. Maybe you have noticed, but · 92f83e48
      Leigh Stoller authored
      starting any one of our scripts can take a second or two. That time is
      spent including and compiling 10000s of thousands of lines of perl
      code, both from our libraries and from the perl libraries.
      
      Mostly this is just a maintenance thing; we just never thought about
      it much and we have a lot more code these days.
      
      So I have done two things.
      
      1) I have used SelfLoader() on some of our biggest perl modules.
         SelfLoader delays compilation until code is used. This is not as
         good as AutoLoader() though, and so I did it with just a few 
         modules (the biggest ones).
      
      2) Mostly I reorganized things:
      
        a) Split libdb into an EmulabConstants module and all the rest of
           the code, which is slowly getting phased out.
      
        b) Move little things around to avoid including libdb or Experiment
           (the biggest files).
      
        c) Change "use foo" in many places to a "require foo" in the
           function that actually uses that module. This was really a big
           win cause we have dozens of cases where we would include a
           module, but use it in only one place and typically not all.
      
      Most things are now starting up in 1/3 the time. I am hoping this will
      help to reduce the load spiking we see on boss, and also help with the
      upcoming Geni tutorial (which kill boss last time).
      92f83e48
  14. 22 Mar, 2010 1 commit
    • Leigh Stoller's avatar
      Finish up user deletion. The big visible change is that when a user is · 2965922b
      Leigh Stoller authored
      deleted, they still remain in the user table with a status of
      "archived", but since all the queries in the system now use uid_idx
      instead of uid, it is safe to reuse a uid since they are no longer
      ambiguous. 
      
      The reason for not deleting users from the users table is so that the
      stats records can refer to the original record (who was that person
      named "mike"). This is very handy and worth the additional effort it
      has taken.
      
      There is no way to ressurect a user, but it would not be hard to add.
      2965922b
  15. 07 Dec, 2009 1 commit
    • Leigh Stoller's avatar
      No longer use the ssh keys in the Emulab database when the protogeni · d60b9acd
      Leigh Stoller authored
      user is a local user. Instead, all users have to send along their keys
      in the RedeemTicket() call, and those keys land in the new Emulab
      table called nonlocal_user_pubkeys, and tmcd will use that table when
      sending keys over local nodes.
      
      This change removes the inconsistency in key handling between slivers
      created locally and slivers created at a foreign CM.
      d60b9acd
  16. 24 Jun, 2009 1 commit
  17. 11 Jun, 2009 1 commit
  18. 27 Feb, 2009 1 commit
  19. 17 Nov, 2008 1 commit
  20. 04 Nov, 2008 1 commit
  21. 25 Sep, 2008 1 commit
  22. 03 Jun, 2008 1 commit
  23. 30 May, 2008 1 commit
  24. 13 May, 2008 1 commit
  25. 07 May, 2008 1 commit
  26. 05 May, 2008 1 commit
  27. 24 Apr, 2008 1 commit
  28. 05 Dec, 2007 1 commit
  29. 08 Nov, 2007 1 commit
    • Russ Fish's avatar
      Fix whitespace and null string handling problems. · fea90641
      Russ Fish authored
               www/beginexp_form.php3 - No initial whitespace in plab Slice Description textarea.
               sql/database-fill.sql - Use default:fulltext for 'experiments','expt_name'
                   to allow multi-line Slice Description in plab_ez->beginexp->batchexp.
               www/moduserinfo.php3 - Pass null string for optional usr_addr2 and notes fields.
               backend/moduserinfo.in - Null string attr comes from XML as an undef value.
               db/User.pm.in - Distinguish between undef and null string in ModUserInfo.
      fea90641
  30. 16 Oct, 2007 1 commit
    • Russ Fish's avatar
      Move editgroup page form logic to a backend Perl script. · 8fffc2f3
      Russ Fish authored
           www/editgroup.php3 - The reworked PHP page.
           www/editgroup_form.php3 - Removed, form merged into editgroup.php3 .
           www/showgroup.php3 - Link to editgroup.php3, rather than editgroup_form.php3 .
           www/group_defs.php - Add an Image::EditGroup class method
                                  bridging to the script via XML.
           backend/{editgroup,GNUmakefile}.in configure configure.in - New backend script.
           db/Group.pm.in - Add an EditGroup worker class method for script arg checking.
                            Also the missing NonMemberList and CheckTrustConsistency methods,
                            and a GETTRUST flag to MemberList, as in the PHP version.
           db/User.pm.in - Add the missing but tiny {Set,Get}TempData methods.
           sql/database-fill.sql - Add gid_idx to the table_regex 'groups' checking patterns.
      8fffc2f3
  31. 29 Sep, 2007 1 commit
  32. 19 Sep, 2007 1 commit
    • Russ Fish's avatar
      Move moduserinfo page form logic to a backend Perl script and methods. · 8965aad8
      Russ Fish authored
       GNUmakefile.in configure configure.in  - Add the testbed/backend directory.
       www/moduserinfo.php3 - The reworked PHP page.
       www/user_defs.php - Add a ModUserInfo method bridging to the script via XML,
           and remove the ChangeProfile method that is being replaced.
       backend/{moduserinfo,GNUmakefile}.in - Add the Perl script.
       db/User.pm.in - Add a ModUserInfo worker class method for script arg checking.
           Also SetUserInterface, SetWindowsPassword, and AccessCheck methods,
           and a copy of the escapeshellarg fn.
       sql/database-fill.sql - Add some to the table_regex 'users' checking patterns.
      
      Support stuff:
       account/tbacct.in - Update the UpdateWindowsPassword() function.
       db/libdb.pm.in - Add TBDB_USER_INTERFACE_EMULAB and TBDB_USER_INTERFACE_PLAB().
       tbsetup/libtestbed.pm.in - Add TB*EMAIL, TBMAIL_* vars (OPS, WWW, AUDIT).
      8965aad8
  33. 13 Sep, 2007 1 commit
  34. 02 Aug, 2007 1 commit
  35. 19 Jun, 2007 1 commit
    • Leigh Stoller's avatar
      Big update to the stats gathering code ... · 495f6803
      Leigh Stoller authored
      This change attempts to make the stats gathering code more reliable by
      not relying on the testbed_stats records to reconstruct usage
      statistics.  The main source of errors and total confusion in the
      current stats code is that testbed_stats includes all the errors and
      transitions, from which I have to reconstruct what happened in order
      to determine usage by a project or user.
      
      The new stats code still generates the testbed_stats code, but actual
      usage is recorded as it happens, in the experiment_resources table, as
      swapins, swapouts, and swapmods occur. Its also much faster to compute
      the data for the tables in the web interface, not having to scan a
      zillion testbed_stats records in php.
      
      There is a time consuming update to the records that takes place with
      a lot of tables locked.
      495f6803
  36. 26 Apr, 2007 1 commit
  37. 17 Apr, 2007 1 commit