mirror of
https://github.com/valitydev/salt.git
synced 2024-11-07 17:09:03 +00:00
Merge pull request #14446 from SmithSamuelM/sam_2014.7
Updated SaltKeep Removed eid from RaetKey files since not one to one anymore
This commit is contained in:
Samuel Smith
commit
566dd127e9
@ -65,54 +65,15 @@ class SaltKeep(RoadKeep):
|
||||
data.update(sighex=srkdata['sign'], prihex=srkdata['priv'], auto=self.auto)
|
||||
return data
|
||||
|
||||
def dumpLocal(self, local):
|
||||
def loadRemoteData(self, name):
|
||||
'''
|
||||
Dump local estate
|
||||
Load and Return the data from the remote file
|
||||
'''
|
||||
data = odict([
|
||||
('uid', local.uid),
|
||||
('name', local.name),
|
||||
('ha', local.ha),
|
||||
('main', local.main),
|
||||
('sid', local.sid),
|
||||
('neid', local.neid),
|
||||
('role', local.role),
|
||||
])
|
||||
if self.verifyLocalData(data, localFields = self.LocalDumpFields):
|
||||
self.dumpLocalData(data)
|
||||
|
||||
self.saltRaetKey.write_local(local.priver.keyhex, local.signer.keyhex)
|
||||
|
||||
def dumpRemote(self, remote):
|
||||
'''
|
||||
Dump remote estate
|
||||
'''
|
||||
data = odict([
|
||||
('uid', remote.uid),
|
||||
('name', remote.name),
|
||||
('ha', remote.ha),
|
||||
('sid', remote.sid),
|
||||
('joined', remote.joined),
|
||||
('role', remote.role),
|
||||
])
|
||||
if self.verifyRemoteData(data, remoteFields=self.RemoteDumpFields):
|
||||
self.dumpRemoteData(data, remote.name)
|
||||
|
||||
self.saltRaetKey.status(remote.role,
|
||||
remote.uid,
|
||||
remote.pubber.keyhex,
|
||||
remote.verfer.keyhex)
|
||||
|
||||
def loadRemote(self, remote):
|
||||
'''
|
||||
Load and Return the data from the remote estate file
|
||||
Override this in sub class
|
||||
'''
|
||||
data = super(SaltKeep, self).loadRemote(remote)
|
||||
data = super(SaltKeep, self).loadRemoteData(name)
|
||||
if not data:
|
||||
return None
|
||||
|
||||
mid = remote.role
|
||||
mid = data['role']
|
||||
statae = raeting.ACCEPTANCES.keys()
|
||||
for status in statae:
|
||||
keydata = self.saltRaetKey.read_remote(mid, status)
|
||||
@ -152,6 +113,68 @@ class SaltKeep(RoadKeep):
|
||||
super(SaltKeep, self).clearAllRemoteData()
|
||||
self.saltRaetKey.delete_all()
|
||||
|
||||
def dumpLocal(self, local):
|
||||
'''
|
||||
Dump local estate
|
||||
'''
|
||||
data = odict([
|
||||
('uid', local.uid),
|
||||
('name', local.name),
|
||||
('ha', local.ha),
|
||||
('main', local.main),
|
||||
('sid', local.sid),
|
||||
('neid', local.neid),
|
||||
('role', local.role),
|
||||
])
|
||||
if self.verifyLocalData(data, localFields = self.LocalDumpFields):
|
||||
self.dumpLocalData(data)
|
||||
|
||||
self.saltRaetKey.write_local(local.priver.keyhex, local.signer.keyhex)
|
||||
|
||||
def dumpRemote(self, remote):
|
||||
'''
|
||||
Dump remote estate
|
||||
'''
|
||||
data = odict([
|
||||
('uid', remote.uid),
|
||||
('name', remote.name),
|
||||
('ha', remote.ha),
|
||||
('sid', remote.sid),
|
||||
('joined', remote.joined),
|
||||
('role', remote.role),
|
||||
])
|
||||
if self.verifyRemoteData(data, remoteFields=self.RemoteDumpFields):
|
||||
self.dumpRemoteData(data, remote.name)
|
||||
|
||||
self.saltRaetKey.status(remote.role,
|
||||
remote.pubber.keyhex,
|
||||
remote.verfer.keyhex)
|
||||
|
||||
def loadRemote(self, remote):
|
||||
'''
|
||||
Load and Return the data from the remote estate file
|
||||
Override this in sub class
|
||||
'''
|
||||
data = super(SaltKeep, self).loadRemote(remote)
|
||||
if not data:
|
||||
return None
|
||||
|
||||
mid = remote.role
|
||||
statae = raeting.ACCEPTANCES.keys()
|
||||
for status in statae:
|
||||
keydata = self.saltRaetKey.read_remote(mid, status)
|
||||
if keydata:
|
||||
break
|
||||
|
||||
if not keydata:
|
||||
return None
|
||||
|
||||
data.update(acceptance=raeting.ACCEPTANCES[status],
|
||||
verhex=keydata['verify'],
|
||||
pubhex=keydata['pub'])
|
||||
|
||||
return data
|
||||
|
||||
def replaceRemoteRole(self, remote, old):
|
||||
'''
|
||||
Replace the Salt RaetKey record at old role when remote.role has changed
|
||||
@ -168,13 +191,12 @@ class SaltKeep(RoadKeep):
|
||||
|
||||
self.saltRaetKey.delete_key(old) #now delete old key file
|
||||
|
||||
def statusRemote(self, remote, verhex, pubhex, main=True):
|
||||
def statusRemote(self, remote, verhex, pubhex, main=True, dump=True):
|
||||
'''
|
||||
Evaluate acceptance status of remote estate per its keys
|
||||
persist key data differentially based on status
|
||||
'''
|
||||
status = raeting.ACCEPTANCES[self.saltRaetKey.status(remote.role,
|
||||
remote.eid,
|
||||
pubhex,
|
||||
verhex)]
|
||||
|
||||
@ -191,9 +213,9 @@ class SaltKeep(RoadKeep):
|
||||
'''
|
||||
Set acceptance status to rejected
|
||||
'''
|
||||
remote.acceptance = raeting.acceptances.rejected
|
||||
mid = remote.role
|
||||
self.saltRaetKey.reject(match=mid, include_accepted=True)
|
||||
remote.acceptance = raeting.acceptances.rejected
|
||||
|
||||
def pendRemote(self, remote):
|
||||
'''
|
||||
@ -205,9 +227,9 @@ class SaltKeep(RoadKeep):
|
||||
'''
|
||||
Set acceptance status to accepted
|
||||
'''
|
||||
remote.acceptance = raeting.acceptances.accepted
|
||||
mid = remote.role
|
||||
self.saltRaetKey.accept(match=mid, include_rejected=True)
|
||||
remote.acceptance = raeting.acceptances.accepted
|
||||
|
||||
def clearAllKeep(dirpath):
|
||||
'''
|
||||
|
||||
@ -136,9 +136,9 @@ class BasicTestCase(unittest.TestCase):
|
||||
other1 = self.createRoadData(name='other1', base=self.baseDirpath)
|
||||
other2 = self.createRoadData(name='other2', base=self.baseDirpath)
|
||||
|
||||
status = self.mainKeeper.status(other1['name'], 2, other1['pubhex'], other1['verhex'])
|
||||
status = self.mainKeeper.status(other1['name'], other1['pubhex'], other1['verhex'])
|
||||
self.assertEqual(status, 'accepted')
|
||||
status = self.mainKeeper.status(other2['name'], 3, other2['pubhex'], other2['verhex'])
|
||||
status = self.mainKeeper.status(other2['name'], other2['pubhex'], other2['verhex'])
|
||||
self.assertEqual(status, 'accepted')
|
||||
|
||||
allkeys = self.mainKeeper.all_keys()
|
||||
@ -148,16 +148,14 @@ class BasicTestCase(unittest.TestCase):
|
||||
'rejected': []} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other1['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 2,
|
||||
'minion_id': 'other1',
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other1',
|
||||
'pub': other1['pubhex'],
|
||||
'verify': other1['verhex']} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other2['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 3,
|
||||
'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
|
||||
listkeys = self.mainKeeper.list_keys()
|
||||
self.assertDictEqual(listkeys, {'accepted': ['other1', 'other2'],
|
||||
@ -170,14 +168,13 @@ class BasicTestCase(unittest.TestCase):
|
||||
{'verify': other1['verhex'],
|
||||
'minion_id': 'other1',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other1['pubhex'],
|
||||
'device_id': 2},
|
||||
'pub': other1['pubhex'],},
|
||||
'other2':
|
||||
{'verify': other2['verhex'],
|
||||
'minion_id': 'other2',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other2['pubhex'],
|
||||
'device_id': 3}})
|
||||
'pub': other2['pubhex'],}
|
||||
})
|
||||
|
||||
|
||||
def testManualAccept(self):
|
||||
@ -209,9 +206,9 @@ class BasicTestCase(unittest.TestCase):
|
||||
other1 = self.createRoadData(name='other1', base=self.baseDirpath)
|
||||
other2 = self.createRoadData(name='other2', base=self.baseDirpath)
|
||||
|
||||
status = self.mainKeeper.status(other1['name'], 2, other1['pubhex'], other1['verhex'])
|
||||
status = self.mainKeeper.status(other1['name'], other1['pubhex'], other1['verhex'])
|
||||
self.assertEqual(status, 'pending')
|
||||
status = self.mainKeeper.status(other2['name'], 3, other2['pubhex'], other2['verhex'])
|
||||
status = self.mainKeeper.status(other2['name'], other2['pubhex'], other2['verhex'])
|
||||
self.assertEqual(status, 'pending')
|
||||
|
||||
allkeys = self.mainKeeper.all_keys()
|
||||
@ -237,14 +234,13 @@ class BasicTestCase(unittest.TestCase):
|
||||
{'verify': other1['verhex'],
|
||||
'minion_id': 'other1',
|
||||
'acceptance': 'pending',
|
||||
'pub': other1['pubhex'],
|
||||
'device_id': 2},
|
||||
'pub': other1['pubhex'],},
|
||||
'other2':
|
||||
{'verify': other2['verhex'],
|
||||
'minion_id': 'other2',
|
||||
'acceptance': 'pending',
|
||||
'pub': other2['pubhex'],
|
||||
'device_id': 3}})
|
||||
'pub': other2['pubhex'],}
|
||||
})
|
||||
|
||||
self.mainKeeper.accept_all()
|
||||
|
||||
@ -255,16 +251,14 @@ class BasicTestCase(unittest.TestCase):
|
||||
'rejected': []} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other1['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 2,
|
||||
'minion_id': 'other1',
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other1',
|
||||
'pub': other1['pubhex'],
|
||||
'verify': other1['verhex']} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other2['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 3,
|
||||
'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
|
||||
listkeys = self.mainKeeper.list_keys()
|
||||
self.assertDictEqual(listkeys, {'accepted': ['other1', 'other2'],
|
||||
@ -277,14 +271,13 @@ class BasicTestCase(unittest.TestCase):
|
||||
{'verify': other1['verhex'],
|
||||
'minion_id': 'other1',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other1['pubhex'],
|
||||
'device_id': 2},
|
||||
'pub': other1['pubhex'],},
|
||||
'other2':
|
||||
{'verify': other2['verhex'],
|
||||
'minion_id': 'other2',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other2['pubhex'],
|
||||
'device_id': 3}})
|
||||
'pub': other2['pubhex'],}
|
||||
})
|
||||
|
||||
def testDelete(self):
|
||||
'''
|
||||
@ -315,9 +308,9 @@ class BasicTestCase(unittest.TestCase):
|
||||
other1 = self.createRoadData(name='other1', base=self.baseDirpath)
|
||||
other2 = self.createRoadData(name='other2', base=self.baseDirpath)
|
||||
|
||||
status = self.mainKeeper.status(other1['name'], 2, other1['pubhex'], other1['verhex'])
|
||||
status = self.mainKeeper.status(other1['name'], other1['pubhex'], other1['verhex'])
|
||||
self.assertEqual(status, 'accepted')
|
||||
status = self.mainKeeper.status(other2['name'], 3, other2['pubhex'], other2['verhex'])
|
||||
status = self.mainKeeper.status(other2['name'], other2['pubhex'], other2['verhex'])
|
||||
self.assertEqual(status, 'accepted')
|
||||
|
||||
allkeys = self.mainKeeper.all_keys()
|
||||
@ -327,16 +320,14 @@ class BasicTestCase(unittest.TestCase):
|
||||
'rejected': []} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other1['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 2,
|
||||
'minion_id': 'other1',
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other1',
|
||||
'pub': other1['pubhex'],
|
||||
'verify': other1['verhex']} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other2['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 3,
|
||||
'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
|
||||
listkeys = self.mainKeeper.list_keys()
|
||||
self.assertDictEqual(listkeys, {'accepted': ['other1', 'other2'],
|
||||
@ -349,14 +340,13 @@ class BasicTestCase(unittest.TestCase):
|
||||
{'verify': other1['verhex'],
|
||||
'minion_id': 'other1',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other1['pubhex'],
|
||||
'device_id': 2},
|
||||
'pub': other1['pubhex']},
|
||||
'other2':
|
||||
{'verify': other2['verhex'],
|
||||
'minion_id': 'other2',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other2['pubhex'],
|
||||
'device_id': 3}})
|
||||
'pub': other2['pubhex'],}
|
||||
})
|
||||
|
||||
self.mainKeeper.delete_key(match=other1['name'])
|
||||
|
||||
@ -370,10 +360,9 @@ class BasicTestCase(unittest.TestCase):
|
||||
self.assertDictEqual(remotekeys, {} )
|
||||
|
||||
remotekeys = self.mainKeeper.read_remote(other2['name'])
|
||||
self.assertDictEqual(remotekeys, { 'device_id': 3,
|
||||
'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
self.assertDictEqual(remotekeys, { 'minion_id': 'other2',
|
||||
'pub': other2['pubhex'],
|
||||
'verify': other2['verhex']} )
|
||||
|
||||
listkeys = self.mainKeeper.list_keys()
|
||||
self.assertDictEqual(listkeys, {'accepted': [ 'other2'],
|
||||
@ -387,8 +376,8 @@ class BasicTestCase(unittest.TestCase):
|
||||
{'verify': other2['verhex'],
|
||||
'minion_id': 'other2',
|
||||
'acceptance': 'accepted',
|
||||
'pub': other2['pubhex'],
|
||||
'device_id': 3}})
|
||||
'pub': other2['pubhex'],}
|
||||
})
|
||||
|
||||
|
||||
|
||||
|
||||
@ -866,7 +866,7 @@ class RaetKey(Key):
|
||||
ret['local'].append(fn_)
|
||||
return ret
|
||||
|
||||
def status(self, minion_id, device_id, pub, verify):
|
||||
def status(self, minion_id, pub, verify):
|
||||
'''
|
||||
Accepts the minion id, device id, curve public and verify keys.
|
||||
If the key is not present, put it in pending and return "pending",
|
||||
@ -880,7 +880,6 @@ class RaetKey(Key):
|
||||
# open mode is turned on, force accept the key
|
||||
keydata = {
|
||||
'minion_id': minion_id,
|
||||
'device_id': device_id,
|
||||
'pub': pub,
|
||||
'verify': verify}
|
||||
if self.opts['open_mode']: # always accept and overwrite
|
||||
|
||||
Loading…
Reference in New Issue
Block a user