[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[minion-cvs] Remove half-completed keysets if any are found. [Bug 13]
Update of /home/minion/cvsroot/src/minion/lib/mixminion/server
In directory moria.mit.edu:/tmp/cvs-serv27003/lib/mixminion/server
Modified Files:
ServerKeys.py
Log Message:
Remove half-completed keysets if any are found. [Bug 13]
If, because of a bug or an inopportune crash, a keyset is half
generated, the old code would fail gracelessly upon trying to load the
serverdesc [Bug 13]. This should fix that: if a keyset isn't valid, we
remove it.
Index: ServerKeys.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/server/ServerKeys.py,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -d -r1.53 -r1.54
--- ServerKeys.py 20 Oct 2003 18:20:28 -0000 1.53
+++ ServerKeys.py 20 Oct 2003 18:49:11 -0000 1.54
@@ -34,6 +34,7 @@
ceilDiv, createPrivateDir, checkPrivateFile, formatBase64, formatDate, \
formatTime, previousMidnight, readFile, secureDelete, tryUnlink, \
UIError, writeFile
+from mixminion.Config import ConfigError
#----------------------------------------------------------------------
@@ -96,6 +97,7 @@
are invalid.
"""
self.keySets = []
+ badKeySets = []
firstKey = sys.maxint
lastKey = 0
@@ -104,7 +106,7 @@
if not os.path.exists(self.keyDir):
LOG.info("Creating server keystore at %s", self.keyDir)
createPrivateDir(self.keyDir)
-
+
# Iterate over the entires in HOME/keys
for dirname in os.listdir(self.keyDir):
# Skip any that aren't directories named "key_INT"
@@ -127,13 +129,38 @@
# Find the server descriptor...
keyset = ServerKeyset(self.keyDir, keysetname, self.hashDir)
- t1, t2 = keyset.getLiveness()
- self.keySets.append( (t1, t2, keyset) )
+ ok = 1
+ try:
+ keyset.checkKeys()
+ except MixError:
+ LOG.warn("Error checking private keys in keyset %s: %s",
+ keysetname, val)
+ ok = 0
+
+ try:
+ if ok:
+ keyset.getServerDescriptor()
+ except (ConfigError, IOError), e:
+ LOG.warn("Key set %s has invalid/missing descriptor: %s",
+ keysetname, str(e))
+ ok = 0
+
+ if ok:
+ t1, t2 = keyset.getLiveness()
+ self.keySets.append( (t1, t2, keyset) )
- LOG.trace("Found key %s (valid from %s to %s)",
- dirname, formatDate(t1), formatDate(t2))
+ LOG.trace("Found key %s (valid from %s to %s)",
+ dirname, formatDate(t1), formatDate(t2))
+ else:
+ badKeySets.append(keyset)
- LOG.debug("Found %s keys.", len(self.keySets))
+ LOG.debug("Found %s keysets: %s were incomplete or invalid.",
+ len(self.keySets), len(badKeySets))
+
+ if badKeySets:
+ LOG.warn("Removing %s invalid keysets")
+ for b in badKeySets:
+ b.delete()
# Now, sort the key intervals by starting time.
self.keySets.sort()
@@ -591,11 +618,15 @@
mixminion.server.HashLog.deleteHashLog(self.hashlogFile)
os.rmdir(self.keydir)
+ def checkKeys(self):
+ """DOCDOC"""
+ checkPrivateFile(self.packetKeyFile)
+ checkPrivateFile(self.mmtpKeyFile)
+
def load(self, password=None):
"""Read the short-term keys from disk. Must be called before
getPacketKey or getMMTPKey."""
- checkPrivateFile(self.packetKeyFile)
- checkPrivateFile(self.mmtpKeyFile)
+ self.checkKeys()
self.packetKey = mixminion.Crypto.pk_PEM_load(self.packetKeyFile,
password)
self.mmtpKey = mixminion.Crypto.pk_PEM_load(self.mmtpKeyFile,
@@ -606,6 +637,11 @@
password)
mixminion.Crypto.pk_PEM_save(self.mmtpKey, self.mmtpKeyFile,
password)
+
+ def clear(self):
+ """DOCDOC"""
+ self.packetKey = self.mmtpKey = None
+
def getCertFileName(self): return self.certFile
def getHashLogFileName(self): return self.hashlogFile
def getDescriptorFileName(self): return self.descFile