From d94247cb9f7746f75b176cbed0a32e9e902e7e7d Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Fri, 20 Jan 2017 00:32:45 +0100 Subject: API keys are now provided in the config file. Also added CA cert verification for internal TLS connections. --- tools/mergetools.py | 38 +++++++++++++++++--------------------- 1 file changed, 17 insertions(+), 21 deletions(-) (limited to 'tools/mergetools.py') diff --git a/tools/mergetools.py b/tools/mergetools.py index 94901a9..19d16ca 100644 --- a/tools/mergetools.py +++ b/tools/mergetools.py @@ -14,7 +14,7 @@ try: import permdb except ImportError: pass -from certtools import get_leaf_hash, http_request, get_leaf_hash +from certtools import get_leaf_hash, http_request, get_leaf_hash, set_api_keys def parselogrow(row): return base64.b16decode(row, casefold=True) @@ -167,8 +167,7 @@ def fsync_logorder(logorderfile): def get_new_entries(node, baseurl, own_key, paths): try: result = http_request(baseurl + "plop/v1/storage/fetchnewentries", - key=own_key, verifynode=node, - publickeydir=paths["publickeys"]) + key=own_key, verifynode=node) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": return [base64.b64decode(entry) for \ @@ -185,7 +184,7 @@ def get_entries(node, baseurl, own_key, paths, hashes, session=None): result = http_request(baseurl + "plop/v1/storage/getentry", params=params, key=own_key, verifynode=node, - publickeydir=paths["publickeys"], session=session) + session=session) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": entries = dict([(base64.b64decode(entry["hash"]), @@ -203,8 +202,7 @@ def get_entries(node, baseurl, own_key, paths, hashes, session=None): def get_curpos(node, baseurl, own_key, paths): try: result = http_request(baseurl + "plop/v1/frontend/currentposition", - key=own_key, verifynode=node, - publickeydir=paths["publickeys"]) + key=own_key, verifynode=node) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": return parsed_result[u"position"] @@ -222,8 +220,7 @@ def frontend_verify_entries(node, baseurl, own_key, paths, size): arguments = {"verify_to": size} result = http_request(baseurl + "plop/v1/frontend/verify-entries", json.dumps(arguments), - key=own_key, verifynode=node, - publickeydir=paths["publickeys"]) + key=own_key, verifynode=node) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": return parsed_result[u"verified"] @@ -236,8 +233,7 @@ def frontend_verify_entries(node, baseurl, own_key, paths, size): def get_verifiedsize(node, baseurl, own_key, paths): try: result = http_request(baseurl + "plop/v1/merge/verifiedsize", - key=own_key, verifynode=node, - publickeydir=paths["publickeys"]) + key=own_key, verifynode=node) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": return parsed_result[u"size"] @@ -252,7 +248,7 @@ def sendlog(node, baseurl, own_key, paths, submission): try: result = http_request(baseurl + "plop/v1/frontend/sendlog", json.dumps(submission), key=own_key, - verifynode=node, publickeydir=paths["publickeys"]) + verifynode=node) return json.loads(result) except requests.exceptions.HTTPError, e: print >>sys.stderr, "ERROR: sendlog", e.response @@ -271,7 +267,7 @@ def backup_sendlog(node, baseurl, own_key, paths, submission): try: result = http_request(baseurl + "plop/v1/merge/sendlog", json.dumps(submission), key=own_key, - verifynode=node, publickeydir=paths["publickeys"]) + verifynode=node) return json.loads(result) except requests.exceptions.HTTPError, e: print >>sys.stderr, "ERROR: backup_sendlog", e.response @@ -296,7 +292,7 @@ def sendentries(node, baseurl, own_key, paths, entries, session=None): result = http_request( baseurl + "plop/v1/frontend/sendentry", json.dumps(json_entries), - key=own_key, verifynode=node, publickeydir=paths["publickeys"], + key=own_key, verifynode=node, session=session) return json.loads(result) except requests.exceptions.HTTPError, e: @@ -320,7 +316,7 @@ def sendentries_merge(node, baseurl, own_key, paths, entries, session=None): result = http_request( baseurl + "plop/v1/merge/sendentry", json.dumps(json_entries), - key=own_key, verifynode=node, publickeydir=paths["publickeys"], + key=own_key, verifynode=node, session=session) return json.loads(result) except requests.exceptions.HTTPError, e: @@ -342,7 +338,7 @@ def publish_sth(node, baseurl, own_key, paths, submission): try: result = http_request(baseurl + "plop/v1/frontend/publish-sth", json.dumps(submission), key=own_key, - verifynode=node, publickeydir=paths["publickeys"]) + verifynode=node) return json.loads(result) except requests.exceptions.HTTPError, e: print >>sys.stderr, "ERROR: publish-sth", e.response @@ -360,7 +356,7 @@ def verifyroot(node, baseurl, own_key, paths, treesize): try: result = http_request(baseurl + "plop/v1/merge/verifyroot", json.dumps({"tree_size":treesize}), key=own_key, - verifynode=node, publickeydir=paths["publickeys"]) + verifynode=node) return json.loads(result) except requests.exceptions.HTTPError, e: print >>sys.stderr, "ERROR: verifyroot", e.response @@ -378,7 +374,7 @@ def setverifiedsize(node, baseurl, own_key, paths, treesize): try: result = http_request(baseurl + "plop/v1/merge/setverifiedsize", json.dumps({"size":treesize}), key=own_key, - verifynode=node, publickeydir=paths["publickeys"]) + verifynode=node) return json.loads(result) except requests.exceptions.HTTPError, e: print >>sys.stderr, "ERROR: setverifiedsize", e.response @@ -395,8 +391,7 @@ def setverifiedsize(node, baseurl, own_key, paths, treesize): def get_missingentries(node, baseurl, own_key, paths): try: result = http_request(baseurl + "plop/v1/frontend/missingentries", - key=own_key, verifynode=node, - publickeydir=paths["publickeys"]) + key=own_key, verifynode=node) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": return parsed_result[u"entries"] @@ -409,8 +404,7 @@ def get_missingentries(node, baseurl, own_key, paths): def get_missingentriesforbackup(node, baseurl, own_key, paths): try: result = http_request(baseurl + "plop/v1/merge/missingentries", - key=own_key, verifynode=node, - publickeydir=paths["publickeys"]) + key=own_key, verifynode=node) parsed_result = json.loads(result) if parsed_result.get(u"result") == u"ok": return parsed_result[u"entries"] @@ -439,6 +433,8 @@ def parse_args(): config = yaml.load(open(args.config)) localconfig = yaml.load(open(args.localconfig)) + set_api_keys(config) + return (args, config, localconfig) def perm(dbtype, path): -- cgit v1.1