2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-23 01:53:28 +00:00

Fix dispatch of commands with InputData

Inputdata needed to be serialized for the network.  Further, had
to have a JSON-safe payload for indicating name for certificate look
up, to avoid doing pickle load on client input prior to client
validation.
This commit is contained in:
Jarrod Johnson 2018-06-22 14:41:41 -04:00
parent f45228c067
commit c6a0aeca3b
3 changed files with 19 additions and 10 deletions

View File

@ -89,6 +89,14 @@ def send(handle, data):
handle.sendall(struct.pack("!I", tl))
handle.sendall(sdata)
def recvall(handle, size):
rd = handle.recv(size)
while len(rd) < size:
nd = handle.recv(size - len(rd))
if not nd:
raise Exception("Error reading data")
rd += nd
return rd
def recv(handle):
tl = handle.recv(4)

View File

@ -575,12 +575,13 @@ def abbreviate_noderange(configmanager, inputdata, operation):
return (msg.KeyValueData({'noderange': noderange.ReverseNodeRange(inputdata['nodes'], configmanager).noderange}),)
def handle_dispatch(connection, cert, dispatch):
def handle_dispatch(connection, cert, dispatch, peername):
cert = crypto.dump_certificate(crypto.FILETYPE_ASN1, cert)
if not util.cert_matches(
cfm.get_collective_member(dispatch['name'])['fingerprint'], cert):
cfm.get_collective_member(peername)['fingerprint'], cert):
connection.close()
return
dispatch = pickle.loads(dispatch)
configmanager = cfm.ConfigManager(dispatch['tenant'])
nodes = dispatch['nodes']
inputdata = dispatch['inputdata']
@ -802,12 +803,11 @@ def dispatch_request(nodes, manager, element, configmanager, inputdata,
tlvdata.recv(remote)
tlvdata.recv(remote)
myname = collective.get_myname()
tlvdata.send(remote,
{'dispatch': {'name': myname, 'nodes': list(nodes),
'path': element,
'tenant': configmanager.tenant,
'operation': operation,
'inputdata': inputdata}})
dreq = pickle.dumps({'name': myname, 'nodes': list(nodes),
'path': element,'tenant': configmanager.tenant,
'operation': operation, 'inputdata': inputdata})
tlvdata.send(remote, {'dispatch': {'name': myname, 'length': len(dreq)}})
remote.sendall(dreq)
while True:
rlen = remote.recv(8)
while len(rlen) < 8:

View File

@ -123,8 +123,9 @@ def sessionhdl(connection, authname, skipauth=False, cert=None):
return collective.handle_connection(connection, cert,
response['collective'])
if 'dispatch' in response:
return pluginapi.handle_dispatch(connection, cert,
response['dispatch'])
dreq = tlvdata.recvall(connection, response['dispatch']['length'])
return pluginapi.handle_dispatch(connection, cert, dreq,
response['dispatch']['name'])
if 'proxyconsole' in response:
return start_proxy_term(connection, cert, response['proxyconsole'])
authname = response['username']