Permalink
Browse files

Keys mismatched fault and 'patch' fix in Makefile

    - Fixing Makefile so build breaks if 'patch' is not present
    - Added fault 1007 to NC or CC (keys mismatched)
    - Switched to localtime_r() for C-land fault log

    Related to EUCA-2954
    Fixes EUCA-3685, EUCA-3560
  • Loading branch information...
dmitrii committed Oct 8, 2012
1 parent cafbf39 commit 081cba313529ce04150dc9217b91a5924a77f0db
Showing with 98 additions and 14 deletions.
  1. +5 −0 cluster/CCclient.c
  2. +3 −4 cluster/Makefile
  3. +5 −0 cluster/handlers.c
  4. +5 −0 cluster/shutdownCC.c
  5. +5 −4 node/Makefile
  6. +5 −0 node/NCclient.c
  7. +8 −5 node/handlers.c
  8. +7 −0 util/euca_axis.c
  9. +1 −1 util/fault.c
  10. +50 −0 util/faults/en_US/1009.xml
  11. +4 −0 util/misc.h
View
@@ -74,6 +74,11 @@
#define MODE 0
#endif
+#ifndef NO_COMP
+const char * euca_this_component_name = "cc";
+const char * euca_client_component_name = "clc";
+#endif
+
ncMetadata mymeta;
int main(int argc, char **argv) {
View
@@ -100,11 +100,10 @@ generated/stubs: $(CCWSDL) $(NCWSDL)
@echo Adding marshalling calls to server stubs
# ../tools/add_marshalling.pl generated/axis2_skel_*.c generated/axis2_svc_skel_*.c
../tools/add_marshalling.pl generated/axis2_skel_*.c
-# @echo Compiling the stubs
-# cd generated; patch -p1 < ../axis2_svc_generated.patch; $(CC) -c $(CFLAGS) $(INCLUDES) *.c
- cd generated; patch -p1 < ../axis2_svc_generated.patch; cd ../
+ @echo Compiling the stubs
+ patch --directory=generated -p1 <axis2_svc_generated.patch
@cp ../tools/Makefile.gen generated/Makefile
-# cd generated; $(MAKE); cd ..
+ $(MAKE) -C generated
@echo "this is a cute little makefile marker" >generated/stubs
@echo Stubs generated.
View
@@ -120,6 +120,11 @@ sensorResourceCache *ccSensorResourceCache=NULL;
sem_t *locks[ENDLOCK];
int mylocks[ENDLOCK];
+#ifndef NO_COMP
+const char * euca_this_component_name = "cc";
+const char * euca_client_component_name = "clc";
+#endif
+
void doInitCC(void) {
initialize(NULL);
}
View
@@ -67,6 +67,11 @@
#include <data.h>
#include <cc-client-marshal.h>
+#ifndef NO_COMP
+const char * euca_this_component_name = "cc";
+const char * euca_client_component_name = "clc";
+#endif
+
ncMetadata mymeta;
int main(int argc, char **argv) {
View
@@ -98,10 +98,11 @@ generated/stubs: $(NCWSDL)
../tools/add_marshalling.pl generated/axis2_skel_*.c
@echo Generating client stubs
sh $(WSDL2C) -uri $(NCWSDL) -g -d adb -u -uw -f -o generated | grep -v 'the classpath'
-# @echo Compiling the stubs
- cd generated; patch -p1 < ../axis2_svc_generated.patch; cd ../
+ @echo Compiling the stubs
+ patch --directory=generated -p1 <axis2_svc_generated.patch
@cp ../tools/Makefile.gen generated/Makefile
-# cd generated; $(MAKE); cd ..
+ $(MAKE) -C generated
+ cd ..
@echo "this is a cute little makefile marker" >generated/stubs
@echo Stubs generated.
@@ -167,7 +168,7 @@ $(CLIENT): generated/stubs $(STORAGE_OBJS) ../util/log.o ../util/misc.o ../util/
$(CLIENT)_fake: generated/stubs $(STORAGE_OBJS) ../util/log.o ../util/misc.o ../util/sensor.o ../util/data.o client-marshal-adb.o client-marshal-local.o client-marshal-fake.o $(CLIENT).c ../storage/vbr.o
$(CLIENT)_local: generated/stubs $(STORAGE_OBJS) ../util/log.o ../util/misc.o ../util/sensor.o ../util/data.o client-marshal-adb.o client-marshal-local.o handlers.o $(NC_HANDLERS) $(CLIENT).c ../util/euca_auth.o ../storage/vbr.o
- $(CC) -o $(CLIENT)_local $(INCLUDES) $(CFLAGS) client-marshal-local.o ../util/*.o $(STORAGE_OBJS) ../net/*.o handlers.o $(NC_HANDLERS) $(CLIENT).c $(NC_LIBS) ../storage/http.o ../storage/storage-windows.o
+ $(CC) -o $(CLIENT)_local -DNO_COMP $(INCLUDES) $(CFLAGS) client-marshal-local.o ../util/*.o $(STORAGE_OBJS) ../net/*.o handlers.o $(NC_HANDLERS) $(CLIENT).c $(NC_LIBS) ../storage/http.o ../storage/storage-windows.o
test: test.c ../util/log.o ../util/misc.o ../util/sensor.o ../util/data.o
$(CC) $(CFLAGS) $(INCLUDES) $(NC_LIBS) -o test test.c ../util/log.o ../util/misc.o ../util/sensor.o ../storage/diskutil.o ../util/data.o ../util/euca_auth.o $(OPENSSL_LIBS) ../util/ipc.o
View
@@ -80,6 +80,11 @@
#define BUFSIZE 1024
char debug = 0;
+#ifndef NO_COMP
+const char * euca_this_component_name = "nc";
+const char * euca_client_component_name = "user";
+#endif
+
void usage (void)
{
fprintf (stderr, "usage: NCclient [command] [options]\n"
View
@@ -109,14 +109,18 @@
#define PER_INSTANCE_BUFFER_MB 20 // by default reserve this much extra room (in MB) per instance (for kernel, ramdisk, and metadata overhead)
#define MAX_SENSOR_RESOURCES MAXINSTANCES
#define SEC_PER_MB ((1024*1024)/512)
-#define FAULT_COMPONENT_NAME "nc"
#ifdef EUCA_COMPILE_TIMESTAMP
static char * compile_timestamp_str = EUCA_COMPILE_TIMESTAMP;
#else
static char * compile_timestamp_str = "";
#endif
+#ifndef NO_COMP
+const char * euca_this_component_name = "nc";
+const char * euca_client_component_name = "cc";
+#endif
+
/* used by lower level handlers */
sem *hyp_sem; /* semaphore for serializing domain creation */
sem *inst_sem; /* guarding access to global instance structs */
@@ -648,10 +652,10 @@ monitoring_thread (void *arg)
long long cache_fs_avail_mb = (long long)(cache_meta.fs_bytes_available/MEGABYTE);
if (work_fs_avail_mb < ((work_fs_size_mb * DISK_TOO_LOW_PERCENT) / 100)) {
- log_eucafault ("1003", "component", FAULT_COMPONENT_NAME, "file", work_meta.path, NULL);
+ log_eucafault ("1003", "component", euca_this_component_name, "file", work_meta.path, NULL);
}
if (cache_fs_size_mb > 0 && cache_fs_avail_mb < ((cache_fs_size_mb * DISK_TOO_LOW_PERCENT) / 100)) {
- log_eucafault ("1003", "component", FAULT_COMPONENT_NAME, "file", cache_meta.path, NULL);
+ log_eucafault ("1003", "component", euca_this_component_name, "file", cache_meta.path, NULL);
}
// TODO: add more faults (cache or work reserved exceeds available space on file system)
@@ -962,7 +966,6 @@ static int init (void)
return 1;
bzero (&nc_state, sizeof(struct nc_state_t)); // ensure that MAXes are zeroed out
-
// read in configuration - this should be first!
// determine home ($EUCALYPTUS)
@@ -1140,7 +1143,7 @@ static int init (void)
return ERROR_FATAL;
}
- if (init_eucafaults (FAULT_COMPONENT_NAME) == 0) {
+ if (init_eucafaults (euca_this_component_name) == 0) {
logprintfl (EUCAFATAL, "failed to initialize fault-logging subsystem\n");
return ERROR_FATAL;
}
View
@@ -111,6 +111,7 @@
#include <axis2_stub.h>
#include "misc.h" /* check_file, logprintf */
+#include "fault.h" // log_eucafault
#include "euca_axis.h"
#define NO_U_FAIL(x) do{ \
@@ -231,6 +232,12 @@ axis2_status_t __euca_authenticate(const axutil_env_t *env,axis2_msg_ctx_t *out_
AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI," --------- Local x509 certificate value! ---------" );
AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI, recv_x509_buf );
AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI," ---------------------------------------------------" );
+ init_eucafaults (euca_this_component_name);
+ log_eucafault ("1009",
+ "sender", euca_client_component_name,
+ "receiver", euca_this_component_name,
+ "keys_dir", "$EUCALYPTUS/var/lib/eucalyptus/keys/",
+ NULL);
NO_U_FAIL("The certificate specified is invalid!");
}
if(verify_references(sig_node, env, out_msg_ctx, soap_envelope, rampart_context) == AXIS2_FAILURE) {
View
@@ -783,7 +783,7 @@ format_eucafault (const char *fault_id, const char_map **map)
// Get time.
secs = time (NULL);
- if (gmtime_r (&secs, &lt) == NULL) {
+ if (localtime_r (&secs, &lt) == NULL) {
// Someone call Dr. Who.
lt.tm_year = lt.tm_mon = lt.tm_mday = 0;
lt.tm_hour = lt.tm_min = lt.tm_sec = 0;
View
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright 2012 Eucalyptus Systems, Inc.
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 3 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+
+ Please contact Eucalyptus Systems, Inc., 6755 Hollister Ave., Goleta
+ CA 93117, USA or visit http://www.eucalyptus.com/licenses/ if you need
+ additional information or have any questions.
+ -->
+<eucafaults version="1" description="Templates for the fault subsystem">
+ <fault
+ id="1009"
+ message="Mismatched cryptographical keys.">
+
+ <condition
+ message="Key that an incoming message was signed with differs from key on disk."/>
+
+ <cause
+ message="Keys are not synchronized between communicating components."/>
+
+ <initiator
+ message="${sender}"/>
+
+ <location
+ message="localhost"/>
+
+ <resolution>
+ <message>
+ 1) Ensure that the keys (.pem files) in
+
+ ${keys_dir}
+
+ are the same on ${sender} and ${receiver}.
+
+ 2) Restart ${sender} and ${receiver}.
+ </message>
+ </resolution>
+ </fault>
+</eucafaults>
View
@@ -70,6 +70,10 @@
#include <linux/limits.h>
#include <stdint.h> // uint32_t
+// these must be defined by each euca component
+extern const char * euca_client_component_name;
+extern const char * euca_this_component_name;
+
typedef unsigned char boolean;
#define TRUE 1
#define FALSE 0

0 comments on commit 081cba3

Please sign in to comment.