2019-10-25 06:42:40 +00:00
|
|
|
import binascii
|
2019-11-18 17:39:57 +00:00
|
|
|
import ipaddress
|
2019-11-02 15:42:24 +00:00
|
|
|
import random
|
|
|
|
import subprocess as sp
|
2019-12-14 15:23:31 +00:00
|
|
|
import logging
|
2019-11-18 17:39:57 +00:00
|
|
|
import requests
|
2019-12-03 11:49:10 +00:00
|
|
|
|
2019-10-25 06:42:40 +00:00
|
|
|
from pyotp import TOTP
|
2019-11-18 17:39:57 +00:00
|
|
|
|
2019-12-22 07:26:48 +00:00
|
|
|
from ucloud.shared import shared
|
|
|
|
from ucloud.settings import settings
|
2019-10-25 06:42:40 +00:00
|
|
|
|
2019-12-23 07:58:04 +00:00
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
2019-12-14 15:23:31 +00:00
|
|
|
|
2019-10-25 06:42:40 +00:00
|
|
|
def check_otp(name, realm, token):
|
|
|
|
try:
|
|
|
|
data = {
|
2019-12-22 07:26:48 +00:00
|
|
|
"auth_name": settings['otp']['auth_name'],
|
|
|
|
"auth_token": TOTP(settings['otp']['auth_seed']).now(),
|
|
|
|
"auth_realm": settings['otp']['auth_realm'],
|
2019-10-25 06:42:40 +00:00
|
|
|
"name": name,
|
|
|
|
"realm": realm,
|
|
|
|
"token": token,
|
|
|
|
}
|
2019-12-14 15:23:31 +00:00
|
|
|
except binascii.Error as err:
|
|
|
|
logger.error(
|
2019-12-22 07:26:48 +00:00
|
|
|
"Cannot compute OTP for seed: {}".format(settings['otp']['auth_seed'])
|
2019-12-14 15:23:31 +00:00
|
|
|
)
|
2019-10-25 06:42:40 +00:00
|
|
|
return 400
|
|
|
|
|
2019-11-25 06:52:36 +00:00
|
|
|
response = requests.post(
|
2019-12-22 07:26:48 +00:00
|
|
|
settings['otp']['verification_controller_url'], json=data
|
2019-10-25 06:42:40 +00:00
|
|
|
)
|
|
|
|
return response.status_code
|
|
|
|
|
|
|
|
|
|
|
|
def resolve_vm_name(name, owner):
|
|
|
|
"""Return UUID of Virtual Machine of name == name and owner == owner
|
2019-12-08 12:09:52 +00:00
|
|
|
|
2019-10-25 06:42:40 +00:00
|
|
|
Input: name of vm, owner of vm.
|
|
|
|
Output: uuid of vm if found otherwise None
|
|
|
|
"""
|
|
|
|
result = next(
|
|
|
|
filter(
|
|
|
|
lambda vm: vm.value["owner"] == owner and vm.value["name"] == name,
|
2019-12-22 07:26:48 +00:00
|
|
|
shared.vm_pool.vms,
|
2019-10-25 06:42:40 +00:00
|
|
|
),
|
|
|
|
None,
|
|
|
|
)
|
|
|
|
if result:
|
|
|
|
return result.key.split("/")[-1]
|
|
|
|
|
|
|
|
return None
|
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
|
|
|
|
def resolve_image_name(name, etcd_client):
|
|
|
|
"""Return image uuid given its name and its store
|
2019-12-08 12:09:52 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
* If the provided name is not in correct format
|
|
|
|
i.e {store_name}:{image_name} return ValueError
|
|
|
|
* If no such image found then return KeyError
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
seperator = ":"
|
2019-11-18 17:39:57 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
# Ensure, user/program passed valid name that is of type string
|
|
|
|
try:
|
|
|
|
store_name_and_image_name = name.split(seperator)
|
|
|
|
|
|
|
|
"""
|
|
|
|
Examples, where it would work and where it would raise exception
|
|
|
|
"images:alpine" --> ["images", "alpine"]
|
2019-12-08 12:09:52 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
"images" --> ["images"] it would raise Exception as non enough value to unpack
|
2019-12-08 12:09:52 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
"images:alpine:meow" --> ["images", "alpine", "meow"] it would raise Exception
|
|
|
|
as too many values to unpack
|
|
|
|
"""
|
|
|
|
store_name, image_name = store_name_and_image_name
|
|
|
|
except Exception:
|
|
|
|
raise ValueError("Image name not in correct format i.e {store_name}:{image_name}")
|
|
|
|
|
2019-12-22 07:26:48 +00:00
|
|
|
images = etcd_client.get_prefix(settings['etcd']['image_prefix'], value_in_json=True)
|
2019-11-02 15:42:24 +00:00
|
|
|
|
|
|
|
# Try to find image with name == image_name and store_name == store_name
|
|
|
|
try:
|
2019-12-03 10:40:41 +00:00
|
|
|
image = next(filter(lambda im: im.value['name'] == image_name
|
|
|
|
and im.value['store_name'] == store_name, images))
|
2019-11-02 15:42:24 +00:00
|
|
|
except StopIteration:
|
|
|
|
raise KeyError("No image with name {} found.".format(name))
|
|
|
|
else:
|
|
|
|
image_uuid = image.key.split('/')[-1]
|
2019-11-18 17:39:57 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
return image_uuid
|
2019-10-25 06:42:40 +00:00
|
|
|
|
2019-11-11 18:42:57 +00:00
|
|
|
|
2019-10-25 06:42:40 +00:00
|
|
|
def random_bytes(num=6):
|
|
|
|
return [random.randrange(256) for _ in range(num)]
|
|
|
|
|
2019-11-11 18:42:57 +00:00
|
|
|
|
2019-10-25 06:42:40 +00:00
|
|
|
def generate_mac(uaa=False, multicast=False, oui=None, separator=':', byte_fmt='%02x'):
|
|
|
|
mac = random_bytes()
|
|
|
|
if oui:
|
|
|
|
if type(oui) == str:
|
|
|
|
oui = [int(chunk) for chunk in oui.split(separator)]
|
2019-11-18 17:39:57 +00:00
|
|
|
mac = oui + random_bytes(num=6 - len(oui))
|
2019-10-25 06:42:40 +00:00
|
|
|
else:
|
|
|
|
if multicast:
|
2019-11-18 17:39:57 +00:00
|
|
|
mac[0] |= 1 # set bit 0
|
2019-10-25 06:42:40 +00:00
|
|
|
else:
|
2019-11-18 17:39:57 +00:00
|
|
|
mac[0] &= ~1 # clear bit 0
|
2019-10-25 06:42:40 +00:00
|
|
|
if uaa:
|
2019-11-18 17:39:57 +00:00
|
|
|
mac[0] &= ~(1 << 1) # clear bit 1
|
2019-10-25 06:42:40 +00:00
|
|
|
else:
|
2019-11-18 17:39:57 +00:00
|
|
|
mac[0] |= 1 << 1 # set bit 1
|
2019-10-25 06:42:40 +00:00
|
|
|
return separator.join(byte_fmt % b for b in mac)
|
2019-11-02 15:42:24 +00:00
|
|
|
|
2019-11-11 18:42:57 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
def get_ip_addr(mac_address, device):
|
|
|
|
"""Return IP address of a device provided its mac address / link local address
|
|
|
|
and the device with which it is connected.
|
2019-12-08 12:09:52 +00:00
|
|
|
|
2019-11-02 15:42:24 +00:00
|
|
|
For Example, if we call get_ip_addr(mac_address="52:54:00:12:34:56", device="br0")
|
|
|
|
the following two scenarios can happen
|
|
|
|
1. It would return None if we can't be able to find device whose mac_address is equal
|
|
|
|
to the arg:mac_address or the mentioned arg:device does not exists or the ip address
|
|
|
|
we found is local.
|
|
|
|
2. It would return ip_address of device whose mac_address is equal to arg:mac_address
|
2019-12-08 12:09:52 +00:00
|
|
|
and is connected/neighbor of arg:device
|
2019-11-02 15:42:24 +00:00
|
|
|
"""
|
|
|
|
try:
|
2019-11-18 17:39:57 +00:00
|
|
|
output = sp.check_output(['ip', '-6', 'neigh', 'show', 'dev', device], stderr=sp.PIPE)
|
2019-11-02 15:42:24 +00:00
|
|
|
except sp.CalledProcessError:
|
|
|
|
return None
|
|
|
|
else:
|
|
|
|
result = []
|
|
|
|
output = output.strip().decode("utf-8")
|
|
|
|
output = output.split("\n")
|
|
|
|
for entry in output:
|
|
|
|
entry = entry.split()
|
|
|
|
if entry:
|
|
|
|
ip = ipaddress.ip_address(entry[0])
|
|
|
|
mac = entry[2]
|
|
|
|
if ip.is_global and mac_address == mac:
|
|
|
|
result.append(ip)
|
|
|
|
return result
|
2019-11-11 18:42:57 +00:00
|
|
|
|
|
|
|
|
2019-11-15 16:11:45 +00:00
|
|
|
def mac2ipv6(mac, prefix):
|
|
|
|
# only accept MACs separated by a colon
|
|
|
|
parts = mac.split(":")
|
|
|
|
|
|
|
|
# modify parts to match IPv6 value
|
|
|
|
parts.insert(3, "ff")
|
|
|
|
parts.insert(4, "fe")
|
|
|
|
parts[0] = "%x" % (int(parts[0], 16) ^ 2)
|
|
|
|
|
|
|
|
# format output
|
2019-12-03 10:40:41 +00:00
|
|
|
ipv6_parts = [str(0)] * 4
|
2019-11-15 16:11:45 +00:00
|
|
|
for i in range(0, len(parts), 2):
|
2019-12-03 10:40:41 +00:00
|
|
|
ipv6_parts.append("".join(parts[i:i + 2]))
|
2019-11-18 17:39:57 +00:00
|
|
|
|
2019-12-03 10:40:41 +00:00
|
|
|
lower_part = ipaddress.IPv6Address(":".join(ipv6_parts))
|
2019-11-15 16:11:45 +00:00
|
|
|
prefix = ipaddress.IPv6Address(prefix)
|
|
|
|
return str(prefix + int(lower_part))
|