[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[minion-cvs] Remove half-completed keysets if any are found. [Bug 13]



Update of /home/minion/cvsroot/src/minion/lib/mixminion/server
In directory moria.mit.edu:/tmp/cvs-serv27003/lib/mixminion/server

Modified Files:
	ServerKeys.py 
Log Message:
Remove half-completed keysets if any are found. [Bug 13]

If, because of a bug or an inopportune crash, a keyset is half
generated, the old code would fail gracelessly upon trying to load the
serverdesc [Bug 13].  This should fix that: if a keyset isn't valid, we
remove it.


Index: ServerKeys.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/server/ServerKeys.py,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -d -r1.53 -r1.54
--- ServerKeys.py	20 Oct 2003 18:20:28 -0000	1.53
+++ ServerKeys.py	20 Oct 2003 18:49:11 -0000	1.54
@@ -34,6 +34,7 @@
      ceilDiv, createPrivateDir, checkPrivateFile, formatBase64, formatDate, \
      formatTime, previousMidnight, readFile, secureDelete, tryUnlink, \
      UIError, writeFile
+from mixminion.Config import ConfigError
 
 #----------------------------------------------------------------------
 
@@ -96,6 +97,7 @@
            are invalid.
            """
         self.keySets = []
+        badKeySets = []
         firstKey = sys.maxint
         lastKey = 0
 
@@ -104,7 +106,7 @@
         if not os.path.exists(self.keyDir):
             LOG.info("Creating server keystore at %s", self.keyDir)
             createPrivateDir(self.keyDir)
-        
+
         # Iterate over the entires in HOME/keys
         for dirname in os.listdir(self.keyDir):
             # Skip any that aren't directories named "key_INT"
@@ -127,13 +129,38 @@
 
             # Find the server descriptor...
             keyset = ServerKeyset(self.keyDir, keysetname, self.hashDir)
-            t1, t2 = keyset.getLiveness()
-            self.keySets.append( (t1, t2, keyset) )
+            ok = 1
+            try:
+                keyset.checkKeys()
+            except MixError:
+                LOG.warn("Error checking private keys in keyset %s: %s",
+                         keysetname, val)
+                ok = 0
+
+            try:
+                if ok:
+                    keyset.getServerDescriptor()
+            except (ConfigError, IOError), e:
+                LOG.warn("Key set %s has invalid/missing descriptor: %s",
+                         keysetname, str(e))
+                ok = 0
+
+            if ok:
+                t1, t2 = keyset.getLiveness()
+                self.keySets.append( (t1, t2, keyset) )
                 
-            LOG.trace("Found key %s (valid from %s to %s)",
-                      dirname, formatDate(t1), formatDate(t2))
+                LOG.trace("Found key %s (valid from %s to %s)",
+                          dirname, formatDate(t1), formatDate(t2))
+            else:
+                badKeySets.append(keyset)
 
-        LOG.debug("Found %s keys.", len(self.keySets))
+        LOG.debug("Found %s keysets: %s were incomplete or invalid.",
+                  len(self.keySets), len(badKeySets))
+
+        if badKeySets:
+            LOG.warn("Removing %s invalid keysets")
+        for b in badKeySets:
+            b.delete()
 
         # Now, sort the key intervals by starting time.
         self.keySets.sort()
@@ -591,11 +618,15 @@
         mixminion.server.HashLog.deleteHashLog(self.hashlogFile)
         os.rmdir(self.keydir)
 
+    def checkKeys(self):
+        """DOCDOC"""
+        checkPrivateFile(self.packetKeyFile)
+        checkPrivateFile(self.mmtpKeyFile)        
+
     def load(self, password=None):
         """Read the short-term keys from disk.  Must be called before
            getPacketKey or getMMTPKey."""
-        checkPrivateFile(self.packetKeyFile)
-        checkPrivateFile(self.mmtpKeyFile)
+        self.checkKeys()
         self.packetKey = mixminion.Crypto.pk_PEM_load(self.packetKeyFile,
                                                       password)
         self.mmtpKey = mixminion.Crypto.pk_PEM_load(self.mmtpKeyFile,
@@ -606,6 +637,11 @@
                                      password)
         mixminion.Crypto.pk_PEM_save(self.mmtpKey, self.mmtpKeyFile,
                                      password)
+
+    def clear(self):
+        """DOCDOC"""
+        self.packetKey = self.mmtpKey = None
+
     def getCertFileName(self): return self.certFile
     def getHashLogFileName(self): return self.hashlogFile
     def getDescriptorFileName(self): return self.descFile