Skip to content

Commit d5ba556

Browse files
juagargijuagargi
authored
new drkey version. (#420)
Different keys in sd and cs. All hosts must get new config. Update test data.
1 parent 6822d9f commit d5ba556

File tree

9 files changed

+55
-64
lines changed

9 files changed

+55
-64
lines changed

scionlab/config_tar.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@
3434
# the scionlab-config.json manifest file in the configuration tar ball.
3535
# This version number should be incremented whenever code changes globally affect the generated
3636
# configuration of hosts.
37-
CONFIG_GEN_VERSION = 16
37+
CONFIG_GEN_VERSION = 17
3838

3939

4040
def generate_user_as_config_tar(user_as, archive):

scionlab/scion/config.py

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@
1717
from collections import OrderedDict
1818

1919
from scionlab.models.core import Service
20-
from scionlab.models.pki import Key
2120
from scionlab.models.trc import TRC
2221
from scionlab.scion.topology import TopologyInfo
2322

@@ -317,13 +316,12 @@ def build_cs_conf(self, service):
317316
'address': _join_host_port(service.host.internal_ip, CS_QUIC_PORT),
318317
},
319318
'drkey': {
320-
'drkey_db': {
321-
'connection': '%s.drkey.db' % os.path.join(self.var_dir, service.instance_name),
319+
'sv_db': {
320+
'connection': '%s.sv.db' % os.path.join(self.var_dir, service.instance_name),
321+
},
322+
'lvl1_db': {
323+
'connection': '%s.lvl1.db' % os.path.join(self.var_dir, service.instance_name),
322324
},
323-
'cert_file': os.path.join(self.config_dir, 'crypto', 'as', service.AS
324-
.certificates_latest().get(key__usage=Key.CP_AS)
325-
.filename()),
326-
'key_file': os.path.join(self.config_dir, 'crypto', 'as', 'cp-as.key'),
327325
'delegation': {
328326
# the internal IP of all CO services has rights to derive DS "colibri":
329327
'colibri': [str(s.host.internal_ip) for s in service.AS.services
@@ -373,7 +371,7 @@ def build_sciond_conf(self, host):
373371
'trust_db': {
374372
'connection': '%s.trust.db' % os.path.join(self.var_dir, instance_name),
375373
},
376-
'drkey_db': {
374+
'drkey_lvl2_db': {
377375
'connection': '%s.drkey.db' % os.path.join(self.var_dir, instance_name),
378376
},
379377
})

scionlab/tests/data/test_config_tar/host_1.yml

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -498,10 +498,6 @@ etc/scion/cs-1.toml: |
498498
[ca]
499499
mode = "in-process"
500500
501-
[drkey]
502-
cert_file = "/etc/scion/crypto/as/ISD17-ASffaa_0_1101.pem"
503-
key_file = "/etc/scion/crypto/as/cp-as.key"
504-
505501
[general]
506502
config_dir = "/etc/scion"
507503
id = "cs-1"
@@ -525,8 +521,11 @@ etc/scion/cs-1.toml: |
525521
[drkey.delegation]
526522
colibri = [ "127.0.0.1",]
527523
528-
[drkey.drkey_db]
529-
connection = "/var/lib/scion/cs-1.drkey.db"
524+
[drkey.lvl1_db]
525+
connection = "/var/lib/scion/cs-1.lvl1.db"
526+
527+
[drkey.sv_db]
528+
connection = "/var/lib/scion/cs-1.sv.db"
530529
531530
[log.console]
532531
level = "info"
@@ -613,7 +612,7 @@ scionlab-config.json: |-
613612
"etc/scion/crypto/voting/ISD17-ASffaa_0_1101.sensitive.crt": "131ec8597fbf56d7f65c9bba48874c5cd64c157a",
614613
"etc/scion/crypto/voting/regular-voting.key": "48fd836d8c4f7a3cb2bec2045d03a46c2ca99337",
615614
"etc/scion/crypto/voting/sensitive-voting.key": "0ca15a73e4d864f32228f4687f29505ac093dbfc",
616-
"etc/scion/cs-1.toml": "dce4c4f6293a5cb2d799fa15305eae1df86400a9",
615+
"etc/scion/cs-1.toml": "f0480358b5fefdc159b8494918baaed8cc85956d",
617616
"etc/scion/keys/master0.key": "9a91ea3b0c0121326d29224de5d444a31c74ef20",
618617
"etc/scion/keys/master1.key": "9a91ea3b0c0121326d29224de5d444a31c74ef20",
619618
"etc/scion/topology.json": "c1afb4da9e309ca7a1c697cb0238e41fc84ae96b"
@@ -628,5 +627,5 @@ scionlab-config.json: |-
628627
"scion-dispatcher.service"
629628
],
630629
"url": "http://localhost:8000",
631-
"version": "16.8"
630+
"version": "17.8"
632631
}

scionlab/tests/data/test_config_tar/host_16.yml

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -524,10 +524,6 @@ etc/scion/cs-1.toml: |
524524
origination_interval = "5s"
525525
propagation_interval = "5s"
526526
527-
[drkey]
528-
cert_file = "/etc/scion/crypto/as/ISD17-ASffaa_1_1.pem"
529-
key_file = "/etc/scion/crypto/as/cp-as.key"
530-
531527
[general]
532528
config_dir = "/etc/scion"
533529
id = "cs-1"
@@ -551,8 +547,11 @@ etc/scion/cs-1.toml: |
551547
[drkey.delegation]
552548
colibri = [ "127.0.0.1",]
553549
554-
[drkey.drkey_db]
555-
connection = "/var/lib/scion/cs-1.drkey.db"
550+
[drkey.lvl1_db]
551+
connection = "/var/lib/scion/cs-1.lvl1.db"
552+
553+
[drkey.sv_db]
554+
connection = "/var/lib/scion/cs-1.sv.db"
556555
557556
[log.console]
558557
level = "info"
@@ -615,7 +614,7 @@ scionlab-config.json: |-
615614
"etc/scion/co-1.toml": "5f44683ff73c2f105908e20476b8a6f9a17caf26",
616615
"etc/scion/crypto/as/ISD17-ASffaa_1_1.pem": "d7c2c86acea31bb986430baf5994d8ed5ac6d5df",
617616
"etc/scion/crypto/as/cp-as.key": "5fac5f3c239a6f9b7bac858977e806e2003d8f52",
618-
"etc/scion/cs-1.toml": "184cd6d33fe54808104a3a73e7f82f3c4823f308",
617+
"etc/scion/cs-1.toml": "a1e8010335ef27fc2b2243b16b91bd133050ac38",
619618
"etc/scion/keys/master0.key": "5b95d59a993b11fe65e3ca747ed6c3ea7293a70d",
620619
"etc/scion/keys/master1.key": "5b95d59a993b11fe65e3ca747ed6c3ea7293a70d",
621620
"etc/scion/topology.json": "2b3ad3b6e2e899c60cb128c45d5adb862ecda9e4"
@@ -630,5 +629,5 @@ scionlab-config.json: |-
630629
"scion-dispatcher.service"
631630
],
632631
"url": "http://localhost:8000",
633-
"version": "16.6"
632+
"version": "17.6"
634633
}

scionlab/tests/data/test_config_tar/host_17.yml

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -401,10 +401,6 @@ etc/scion/cs-1.toml: |
401401
origination_interval = "5s"
402402
propagation_interval = "5s"
403403
404-
[drkey]
405-
cert_file = "/etc/scion/crypto/as/ISD19-ASffaa_1_2.pem"
406-
key_file = "/etc/scion/crypto/as/cp-as.key"
407-
408404
[general]
409405
config_dir = "/etc/scion"
410406
id = "cs-1"
@@ -428,8 +424,11 @@ etc/scion/cs-1.toml: |
428424
[drkey.delegation]
429425
colibri = [ "127.0.0.1",]
430426
431-
[drkey.drkey_db]
432-
connection = "/var/lib/scion/cs-1.drkey.db"
427+
[drkey.lvl1_db]
428+
connection = "/var/lib/scion/cs-1.lvl1.db"
429+
430+
[drkey.sv_db]
431+
connection = "/var/lib/scion/cs-1.sv.db"
433432
434433
[log.console]
435434
level = "info"
@@ -492,7 +491,7 @@ scionlab-config.json: |-
492491
"etc/scion/co-1.toml": "5f44683ff73c2f105908e20476b8a6f9a17caf26",
493492
"etc/scion/crypto/as/ISD19-ASffaa_1_2.pem": "7e8a1969e90d904cb13266ea0141b52b9f42cf24",
494493
"etc/scion/crypto/as/cp-as.key": "c4f2edd92dc88ddfc81c1515500b24f1038da1c3",
495-
"etc/scion/cs-1.toml": "c9a497ae0a7310205b4ab78afaf0a1a6f3a7dbeb",
494+
"etc/scion/cs-1.toml": "a1e8010335ef27fc2b2243b16b91bd133050ac38",
496495
"etc/scion/keys/master0.key": "f1f0ecf7545ffa2035579bfaa0f4b4921df250ec",
497496
"etc/scion/keys/master1.key": "f1f0ecf7545ffa2035579bfaa0f4b4921df250ec",
498497
"etc/scion/topology.json": "d4e69284d31d71a05528cb99855899ad63f85695"
@@ -507,5 +506,5 @@ scionlab-config.json: |-
507506
"scion-dispatcher.service"
508507
],
509508
"url": "http://localhost:8000",
510-
"version": "16.5"
509+
"version": "17.5"
511510
}

scionlab/tests/data/test_config_tar/host_4.yml

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -530,10 +530,6 @@ etc/scion/cs-1.toml: |
530530
origination_interval = "5s"
531531
propagation_interval = "5s"
532532
533-
[drkey]
534-
cert_file = "/etc/scion/crypto/as/ISD17-ASffaa_0_1107.pem"
535-
key_file = "/etc/scion/crypto/as/cp-as.key"
536-
537533
[general]
538534
config_dir = "/etc/scion"
539535
id = "cs-1"
@@ -557,8 +553,11 @@ etc/scion/cs-1.toml: |
557553
[drkey.delegation]
558554
colibri = [ "127.0.0.1",]
559555
560-
[drkey.drkey_db]
561-
connection = "/var/lib/scion/cs-1.drkey.db"
556+
[drkey.lvl1_db]
557+
connection = "/var/lib/scion/cs-1.lvl1.db"
558+
559+
[drkey.sv_db]
560+
connection = "/var/lib/scion/cs-1.sv.db"
562561
563562
[log.console]
564563
level = "info"
@@ -634,7 +633,7 @@ scionlab-config.json: |-
634633
"etc/scion/co-1.toml": "5f44683ff73c2f105908e20476b8a6f9a17caf26",
635634
"etc/scion/crypto/as/ISD17-ASffaa_0_1107.pem": "e4239e470a5b169d71c135b66bed25ebd4902129",
636635
"etc/scion/crypto/as/cp-as.key": "106b5e0c2b178641c9fdc99bc1d7a99e712c7197",
637-
"etc/scion/cs-1.toml": "7922708831c71fb9b0c185e3690586e3b94171a4",
636+
"etc/scion/cs-1.toml": "a1e8010335ef27fc2b2243b16b91bd133050ac38",
638637
"etc/scion/keys/master0.key": "7b87dcf6b8fda0f0facd3efb3e3b84c1c5c58cb1",
639638
"etc/scion/keys/master1.key": "7b87dcf6b8fda0f0facd3efb3e3b84c1c5c58cb1",
640639
"etc/scion/topology.json": "8cc26714431b5044f160f28ef10d22a6d1a81c0d"
@@ -650,5 +649,5 @@ scionlab-config.json: |-
650649
"scion-dispatcher.service"
651650
],
652651
"url": "http://localhost:8000",
653-
"version": "16.10"
652+
"version": "17.10"
654653
}

scionlab/tests/data/test_config_tar/user_as_18.yml

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -403,10 +403,6 @@ etc/scion/cs-1.toml: |
403403
origination_interval = "5s"
404404
propagation_interval = "5s"
405405
406-
[drkey]
407-
cert_file = "/etc/scion/crypto/as/ISD20-ASffaa_1_3.pem"
408-
key_file = "/etc/scion/crypto/as/cp-as.key"
409-
410406
[general]
411407
config_dir = "/etc/scion"
412408
id = "cs-1"
@@ -430,8 +426,11 @@ etc/scion/cs-1.toml: |
430426
[drkey.delegation]
431427
colibri = [ "127.0.0.1",]
432428
433-
[drkey.drkey_db]
434-
connection = "/var/lib/scion/cs-1.drkey.db"
429+
[drkey.lvl1_db]
430+
connection = "/var/lib/scion/cs-1.lvl1.db"
431+
432+
[drkey.sv_db]
433+
connection = "/var/lib/scion/cs-1.sv.db"
435434
436435
[log.console]
437436
level = "info"
@@ -493,7 +492,7 @@ scionlab-config.json: |-
493492
"etc/scion/co-1.toml": "5f44683ff73c2f105908e20476b8a6f9a17caf26",
494493
"etc/scion/crypto/as/ISD20-ASffaa_1_3.pem": "ba1b681c70af686558bec871e519f396a14019e9",
495494
"etc/scion/crypto/as/cp-as.key": "0fc4fdc2abf7d5aa5d5029b9bd0700977b3da85f",
496-
"etc/scion/cs-1.toml": "7b22a10f14b2fcfb6b22133d64e1a7c99d7a6651",
495+
"etc/scion/cs-1.toml": "a1e8010335ef27fc2b2243b16b91bd133050ac38",
497496
"etc/scion/keys/master0.key": "d36156acb222984eb19866acf01f80b14326b310",
498497
"etc/scion/keys/master1.key": "d36156acb222984eb19866acf01f80b14326b310",
499498
"etc/scion/topology.json": "c4c65f6f792007d668b06c42819940cc74a717de"
@@ -508,5 +507,5 @@ scionlab-config.json: |-
508507
"scion-dispatcher.service"
509508
],
510509
"url": "http://localhost:8000",
511-
"version": "16.5"
510+
"version": "17.5"
512511
}

scionlab/tests/data/test_config_tar/user_as_19.yml

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -526,10 +526,6 @@ etc/scion/cs-1.toml: |
526526
origination_interval = "5s"
527527
propagation_interval = "5s"
528528
529-
[drkey]
530-
cert_file = "/etc/scion/crypto/as/ISD20-ASffaa_1_4.pem"
531-
key_file = "/etc/scion/crypto/as/cp-as.key"
532-
533529
[general]
534530
config_dir = "/etc/scion"
535531
id = "cs-1"
@@ -553,8 +549,11 @@ etc/scion/cs-1.toml: |
553549
[drkey.delegation]
554550
colibri = [ "127.0.0.1",]
555551
556-
[drkey.drkey_db]
557-
connection = "/var/lib/scion/cs-1.drkey.db"
552+
[drkey.lvl1_db]
553+
connection = "/var/lib/scion/cs-1.lvl1.db"
554+
555+
[drkey.sv_db]
556+
connection = "/var/lib/scion/cs-1.sv.db"
558557
559558
[log.console]
560559
level = "info"
@@ -617,7 +616,7 @@ scionlab-config.json: |-
617616
"etc/scion/co-1.toml": "5f44683ff73c2f105908e20476b8a6f9a17caf26",
618617
"etc/scion/crypto/as/ISD20-ASffaa_1_4.pem": "328dc2230dc2354f84c54955f3c27b062f3156f9",
619618
"etc/scion/crypto/as/cp-as.key": "5b108e8bcb9ae6dddaef910bace302e143b0f5a9",
620-
"etc/scion/cs-1.toml": "c92e12f965614db9300f4f2b77cd98e8f986b5e8",
619+
"etc/scion/cs-1.toml": "a1e8010335ef27fc2b2243b16b91bd133050ac38",
621620
"etc/scion/keys/master0.key": "df4e0ab5188491c3993e5718deae6c7bf9f653b1",
622621
"etc/scion/keys/master1.key": "df4e0ab5188491c3993e5718deae6c7bf9f653b1",
623622
"etc/scion/topology.json": "e71204be12f25cba1a3bd34c71af1e1cc47875b3"
@@ -632,5 +631,5 @@ scionlab-config.json: |-
632631
"scion-dispatcher.service"
633632
],
634633
"url": "http://localhost:8000",
635-
"version": "16.6"
634+
"version": "17.6"
636635
}

scionlab/tests/data/test_config_tar/user_as_20.yml

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -403,10 +403,6 @@ gen/ASffaa_1_5/cs-1.toml: |
403403
origination_interval = "5s"
404404
propagation_interval = "5s"
405405
406-
[drkey]
407-
cert_file = "gen/ASffaa_1_5/crypto/as/ISD17-ASffaa_1_5.pem"
408-
key_file = "gen/ASffaa_1_5/crypto/as/cp-as.key"
409-
410406
[general]
411407
config_dir = "gen/ASffaa_1_5"
412408
id = "cs-1"
@@ -430,8 +426,11 @@ gen/ASffaa_1_5/cs-1.toml: |
430426
[drkey.delegation]
431427
colibri = [ "127.0.0.1",]
432428
433-
[drkey.drkey_db]
434-
connection = "gen-cache/cs-1.drkey.db"
429+
[drkey.lvl1_db]
430+
connection = "gen-cache/cs-1.lvl1.db"
431+
432+
[drkey.sv_db]
433+
connection = "gen-cache/cs-1.sv.db"
435434
436435
[log.console]
437436
level = "info"
@@ -440,7 +439,7 @@ gen/ASffaa_1_5/keys/master0.key: |-
440439
gen/ASffaa_1_5/keys/master1.key: |-
441440
yXRsWitUgTwm/BQ1jl/zgw==
442441
gen/ASffaa_1_5/sd.toml: |
443-
[drkey_db]
442+
[drkey_lvl2_db]
444443
connection = "gen-cache/sd.drkey.db"
445444
446445
[general]

0 commit comments

Comments
 (0)