2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-26 19:40:12 +00:00

Do not disarm until client notify done

In the unlikely event of a hiccup during the credserver connection,
defer the disarm until the server has transmitted success.
This commit is contained in:
Jarrod Johnson 2024-04-09 10:28:21 -04:00
parent 7b2e32009f
commit e8fed28a21

View File

@ -58,6 +58,7 @@ class CredServer(object):
self.cfm = cfm.ConfigManager(None)
async def handle_client(self, client, peer):
disarm = None
try:
apiarmed = None
hmackey = None
@ -125,16 +126,22 @@ class CredServer(object):
if hmacval != hmac.new(hmackey, etok, hashlib.sha256).digest():
client.close()
return
cfgupdate = {nodename: {'crypted.selfapikey': {'hashvalue': echotoken}, 'deployment.sealedapikey': '', 'deployment.apiarmed': ''}}
if hmackey and apiarmed != 'continuous':
self.cfm.clear_node_attributes([nodename], ['secret.selfapiarmtoken'])
if apiarmed == 'continuous':
del cfgupdate[nodename]['deployment.apiarmed']
cfgupdate = {nodename: {'crypted.selfapikey': {'hashvalue': echotoken}}}
self.cfm.set_node_attributes(cfgupdate)
await cloop.sock_recv(client, 2) # drain end of message
await cloop.sock_send(client, b'\x05\x00') # report success
if hmackey and apiarmed != 'continuous':
self.cfm.clear_node_attributes([nodename], ['secret.selfapiarmtoken'])
if apiarmed != 'continuous':
disarm = {nodename: {'deployment.sealedapikey': '', 'deployment.apiarmed': ''}}
finally:
client.close()
try:
client.close()
except Exception:
pass
if disarm:
self.cfm.set_node_attributes(disarm)
async def main():
a = CredServer()