Changeset d1d9884 in trunk

Timestamp:

2016-05-04T23:53:04Z (9 years ago)

Author:

Brian Warner <warner@…>

Branches:

master

Children:

93bb3e9, f57d1e9

Parents:

c715e0d

git-author:

Brian Warner <warner@…> (2016-04-28 07:05:30)

git-committer:

Brian Warner <warner@…> (2016-05-04 23:53:04)

Message:

remove "key-generator" node type and client support

closes ticket:2783

Files:

• docs/configuration.rst (modified) (3 diffs)
• docs/frontends/CLI.rst (modified) (1 diff)
• docs/man/man1/tahoe.1 (modified) (1 diff)
• src/allmydata/client.py (modified) (4 diffs)
• src/allmydata/interfaces.py (modified) (1 diff)
• src/allmydata/key_generator.py (deleted)
• src/allmydata/scripts/create_node.py (modified) (1 diff)
• src/allmydata/scripts/keygen.py (deleted)
• src/allmydata/scripts/runner.py (modified) (3 diffs)
• src/allmydata/scripts/startstop_node.py (modified) (1 diff)
• src/allmydata/test/common.py (modified) (7 diffs)
• src/allmydata/test/no_network.py (modified) (1 diff)
• src/allmydata/test/test_cli.py (modified) (1 diff)
• src/allmydata/test/test_keygen.py (deleted)
• src/allmydata/test/test_runner.py (modified) (2 diffs)
• src/allmydata/test/test_system.py (modified) (2 diffs)
• topfiles/2783.docs (added)

docs/configuration.rst ¶

@@ -70 +70 @@
 ==========
 
-A node can be a client/server, an introducer, a statistics gatherer, or a
-key generator.
+A node can be a client/server, an introducer, or a statistics gatherer.
 
 Client/server nodes provide one or more of the following services:
@@ -336 +335 @@
     for uploads. See :doc:`helper` for details.
 
-``key_generator.furl = (FURL string, optional)``
-
-    If provided, the node will attempt to connect to and use the given
-    key-generator service, using RSA keys from the external process rather
-    than generating its own.
-
 ``stats_gatherer.furl = (FURL string, optional)``
 
@@ -612 +605 @@
   This file is used to construct an introducer, and is created by the
   "``tahoe create-introducer``" command.
-
-``tahoe-key-generator.tac``
-
-  This file is used to construct a key generator, and is created by the
-  "``tahoe create-key-gernerator``" command.
 
 ``tahoe-stats-gatherer.tac``

docs/frontends/CLI.rst ¶

@@ -105 +105 @@
 node will produce a ``private/introducer.furl`` file, which should be
 published to all clients.
-
-"``tahoe create-key-generator [NODEDIR]``" is used to create a special
-"key-generation" service, which allows a client to offload their RSA key
-generation to a separate process. Since RSA key generation takes several
-seconds, and must be done each time a directory is created, moving it to a
-separate process allows the first process (perhaps a busy web-API server) to
-continue servicing other requests. The key generator exports a FURL that can
-be copied into a node to enable this functionality.
 
 "``tahoe run [NODEDIR]``" will start a previously-created node in the foreground.

docs/man/man1/tahoe.1 ¶

@@ -46 +46 @@
 .B \f[B]create-introducer\f[]
 Create an introducer node.
-.TP
-.B \f[B]create-key-generator\f[]
-Create a key generator service.
 .TP
 .B \f[B]create-stats-gatherer\f[]

src/allmydata/client.py ¶

@@ -59 +59 @@
     with a built-in default of 2048 bits."""
     def __init__(self):
-        self._remote = None
         self.default_keysize = 2048
 
-    def set_remote_generator(self, keygen):
-        self._remote = keygen
     def set_default_keysize(self, keysize):
         """Call this to override the size of the RSA keys created for new
@@ -81 +78 @@
         keys."""
         keysize = keysize or self.default_keysize
-        if self._remote:
-            d = self._remote.callRemote('get_rsa_key_pair', keysize)
-            def make_key_objs((verifying_key, signing_key)):
-                v = rsa.create_verifying_key_from_string(verifying_key)
-                s = rsa.create_signing_key_from_string(signing_key)
-                return v, s
-            d.addCallback(make_key_objs)
-            return d
-        else:
-            # RSA key generation for a 2048 bit key takes between 0.8 and 3.2
-            # secs
-            signer = rsa.generate(keysize)
-            verifier = signer.get_verifying_key()
-            return defer.succeed( (verifier, signer) )
+        # RSA key generation for a 2048 bit key takes between 0.8 and 3.2
+        # secs
+        signer = rsa.generate(keysize)
+        verifier = signer.get_verifying_key()
+        return defer.succeed( (verifier, signer) )
 
 class Terminator(service.Service):
@@ -146 +134 @@
         key_gen_furl = self.get_config("client", "key_generator.furl", None)
         if key_gen_furl:
-            self.init_key_gen(key_gen_furl)
+            log.msg("[client]key_generator.furl= is now ignored, see #2783")
         self.init_client()
         self.helper = None
@@ -443 +431 @@
         self.tub.registerReference(self.helper, furlFile=helper_furlfile)
 
-    def init_key_gen(self, key_gen_furl):
-        self.tub.connectTo(key_gen_furl, self._got_key_generator)
-
-    def _got_key_generator(self, key_generator):
-        self._key_generator.set_remote_generator(key_generator)
-        key_generator.notifyOnDisconnect(self._lost_key_generator)
-
-    def _lost_key_generator(self):
-        self._key_generator.set_remote_generator(None)
-
     def set_default_mutable_keysize(self, keysize):
         self._key_generator.set_default_keysize(keysize)

src/allmydata/interfaces.py ¶

@@ -2809 +2809 @@
         """
 
-class RIKeyGenerator(RemoteInterface):
-    __remote_name__ = "RIKeyGenerator.tahoe.allmydata.com"
-    """
-    Provides a service offering to make RSA key pairs.
-    """
-
-    def get_rsa_key_pair(key_size=int):
-        """
-        @param key_size: the size of the signature key.
-        @return: tuple(verifying_key, signing_key)
-        """
-        return TupleOf(str, str)
-
-
 class FileTooLargeError(Exception):
     pass

src/allmydata/scripts/create_node.py ¶

@@ -110 +110 @@
     c.write("introducer.furl = %s\n" % config.get("introducer", ""))
     c.write("helper.furl =\n")
-    c.write("#key_generator.furl =\n")
     c.write("#stats_gatherer.furl =\n")
     c.write("\n")

src/allmydata/scripts/runner.py ¶

@@ -6 +6 @@
 
 from allmydata.scripts.common import get_default_nodedir
-from allmydata.scripts import debug, create_node, startstop_node, cli, keygen, stats_gatherer, admin
+from allmydata.scripts import debug, create_node, startstop_node, cli, stats_gatherer, admin
 from allmydata.util.encodingutil import quote_output, quote_local_unicode_path, get_io_encoding
 
@@ -37 +37 @@
     subCommands = ( GROUP("Administration")
                     +   create_node.subCommands
-                    +   keygen.subCommands
                     +   stats_gatherer.subCommands
                     +   admin.subCommands
@@ -86 +85 @@
 
 create_dispatch = {}
-for module in (create_node, keygen, stats_gatherer):
+for module in (create_node, stats_gatherer):
     create_dispatch.update(module.dispatch)
 

src/allmydata/scripts/startstop_node.py ¶

@@ -81 +81 @@
             return IntroducerNode(self.basedir)
         if self.nodetype == "key-generator":
-            from allmydata.key_generator import KeyGeneratorService
-            return KeyGeneratorService(default_key_size=2048)
+            raise ValueError("key-generator support removed, see #2783")
         if self.nodetype == "stats-gatherer":
             from allmydata.stats import StatsGathererService

src/allmydata/test/common.py ¶

@@ -23 +23 @@
 from allmydata.util.consumer import download_to_data
 from allmydata.stats import StatsGathererService
-from allmydata.key_generator import KeyGeneratorService
 import allmydata.test.common_util as testutil
 from allmydata import immutable
@@ -449 +448 @@
         self.stats_gatherer = None
         self.stats_gatherer_furl = None
-        self.key_generator_svc = None
-        self.key_generator_furl = None
 
     def tearDown(self):
@@ -465 +462 @@
         return s
 
-    def set_up_nodes(self, NUMCLIENTS=5,
-                     use_stats_gatherer=False, use_key_generator=False):
+    def set_up_nodes(self, NUMCLIENTS=5, use_stats_gatherer=False):
         self.numclients = NUMCLIENTS
         iv_dir = self.getdir("introducer")
@@ -486 +482 @@
         if use_stats_gatherer:
             d.addCallback(self._set_up_stats_gatherer)
-        if use_key_generator:
-            d.addCallback(self._set_up_key_generator)
         d.addCallback(self._set_up_nodes_2)
         if use_stats_gatherer:
@@ -512 +506 @@
         def get_furl(junk):
             self.stats_gatherer_furl = file(sgf, 'rb').read().strip()
-        d.addCallback(get_furl)
-        return d
-
-    def _set_up_key_generator(self, res):
-        kgsdir = self.getdir("key_generator")
-        fileutil.make_dirs(kgsdir)
-
-        self.key_generator_svc = KeyGeneratorService(kgsdir,
-                                                     display_furl=False,
-                                                     default_key_size=TEST_RSA_KEY_SIZE)
-        self.key_generator_svc.key_generator.pool_size = 4
-        self.key_generator_svc.key_generator.pool_refresh_delay = 60
-        self.add_service(self.key_generator_svc)
-
-        d = fireEventually()
-        def check_for_furl():
-            return os.path.exists(os.path.join(kgsdir, 'key_generator.furl'))
-        d.addCallback(lambda junk: self.poll(check_for_furl, timeout=30))
-        def get_furl(junk):
-            kgf = os.path.join(kgsdir, 'key_generator.furl')
-            self.key_generator_furl = file(kgf, 'rb').read().strip()
         d.addCallback(get_furl)
         return d
@@ -564 +537 @@
 
             if i == 0:
-                # clients[0] runs a webserver and a helper, no key_generator
+                # clients[0] runs a webserver and a helper
                 config += nodeconfig
                 config += "web.port = tcp:0:interface=127.0.0.1\n"
@@ -571 +544 @@
                 config += "enabled = True\n"
             elif i == 3:
-                # clients[3] runs a webserver and uses a helper, uses
-                # key_generator
-                if self.key_generator_furl:
-                    config += "key_generator.furl = %s\n" % self.key_generator_furl
+                # clients[3] runs a webserver and uses a helper
                 config += nodeconfig
                 config += "web.port = tcp:0:interface=127.0.0.1\n"

src/allmydata/test/no_network.py ¶

@@ -11 +11 @@
 # This should be useful for tests which want to examine and/or manipulate the
 # uploaded shares, checker/verifier/repairer tests, etc. The clients have no
-# Tubs, so it is not useful for tests that involve a Helper, a KeyGenerator,
-# or the control.furl .
+# Tubs, so it is not useful for tests that involve a Helper or the
+# control.furl .
 
 import os

src/allmydata/test/test_cli.py ¶

@@ -18 +18 @@
 
 # Test that the scripts can be imported.
-from allmydata.scripts import create_node, debug, keygen, startstop_node, \
+from allmydata.scripts import create_node, debug, startstop_node, \
     tahoe_add_alias, tahoe_backup, tahoe_check, tahoe_cp, tahoe_get, tahoe_ls, \
     tahoe_manifest, tahoe_mkdir, tahoe_mv, tahoe_put, tahoe_unlink, tahoe_webopen
-_hush_pyflakes = [create_node, debug, keygen, startstop_node,
+_hush_pyflakes = [create_node, debug, startstop_node,
     tahoe_add_alias, tahoe_backup, tahoe_check, tahoe_cp, tahoe_get, tahoe_ls,
     tahoe_manifest, tahoe_mkdir, tahoe_mv, tahoe_put, tahoe_unlink, tahoe_webopen]

src/allmydata/test/test_runner.py ¶

@@ -282 +282 @@
         self.do_create("introducer")
 
-    def test_key_generator(self):
-        self.do_create("key-generator")
-
     def test_stats_gatherer(self):
         self.do_create("stats-gatherer")
@@ -652 +649 @@
         d.addCallback(_cb3)
         return d
-
-    def test_keygen(self):
-        self.skip_if_cannot_daemonize()
-
-        basedir = self.workdir("test_keygen")
-        c1 = os.path.join(basedir, "c1")
-        twistd_pid_file = os.path.join(c1, "twistd.pid")
-        keygen_furl_file = os.path.join(c1, "key_generator.furl")
-
-        d = self.run_bintahoe(["--quiet", "create-key-generator", "--basedir", c1])
-        def _cb(res):
-            out, err, rc_or_sig = res
-            self.failUnlessEqual(rc_or_sig, 0)
-        d.addCallback(_cb)
-
-        def _start(res):
-            return self.run_bintahoe(["--quiet", "start", c1])
-        d.addCallback(_start)
-
-        def _cb2(res):
-            out, err, rc_or_sig = res
-            errstr = "rc=%d, OUT: '%s', ERR: '%s'" % (rc_or_sig, out, err)
-            self.failUnlessEqual(rc_or_sig, 0, errstr)
-            self.failUnlessEqual(out, "", errstr)
-            # self.failUnlessEqual(err, "", errstr) # See test_client_no_noise -- for now we ignore noise.
-
-            # the parent (twistd) has exited. However, twistd writes the pid
-            # from the child, not the parent, so we can't expect twistd.pid
-            # to exist quite yet.
-
-            # the node is running, but it might not have made it past the
-            # first reactor turn yet, and if we kill it too early, it won't
-            # remove the twistd.pid file. So wait until it does something
-            # that we know it won't do until after the first turn.
-        d.addCallback(_cb2)
-
-        def _node_has_started():
-            return os.path.exists(keygen_furl_file)
-        d.addCallback(lambda res: self.poll(_node_has_started))
-
-        def _started(res):
-            self.failUnless(os.path.exists(twistd_pid_file))
-            # rm this so we can detect when the second incarnation is ready
-            os.unlink(keygen_furl_file)
-            return self.run_bintahoe(["--quiet", "restart", c1])
-        d.addCallback(_started)
-
-        def _cb3(res):
-            out, err, rc_or_sig = res
-            errstr = "rc=%d, OUT: '%s', ERR: '%s'" % (rc_or_sig, out, err)
-            self.failUnlessEqual(rc_or_sig, 0, errstr)
-            self.failUnlessEqual(out, "", errstr)
-            # self.failUnlessEqual(err, "", errstr) # See test_client_no_noise -- for now we ignore noise.
-        d.addCallback(_cb3)
-
-        # again, the second incarnation of the node might not be ready yet,
-        # so poll until it is
-        d.addCallback(lambda res: self.poll(_node_has_started))
-
-        # now we can kill it. TODO: On a slow machine, the node might kill
-        # itself before we get a chance too, especially if spawning the
-        # 'tahoe stop' command takes a while.
-        def _stop(res):
-            self.failUnless(os.path.exists(twistd_pid_file))
-            return self.run_bintahoe(["--quiet", "stop", c1])
-        d.addCallback(_stop)
-
-        def _cb4(res):
-            out, err, rc_or_sig = res
-            # the parent has exited by now
-            errstr = "rc=%d, OUT: '%s', ERR: '%s'" % (rc_or_sig, out, err)
-            self.failUnlessEqual(rc_or_sig, 0, errstr)
-            self.failUnlessEqual(out, "", errstr)
-            # self.failUnlessEqual(err, "", errstr) # See test_client_no_noise -- for now we ignore noise.
-            # the parent was supposed to poll and wait until it sees
-            # twistd.pid go away before it exits, so twistd.pid should be
-            # gone by now.
-            self.failIf(os.path.exists(twistd_pid_file))
-        d.addCallback(_cb4)
-        return d

src/allmydata/test/test_system.py ¶

@@ -476 +476 @@
         NEWERDATA_uploadable = MutableData(NEWERDATA)
 
-        d = self.set_up_nodes(use_key_generator=True)
+        d = self.set_up_nodes()
 
         def _create_mutable(res):
@@ -674 +674 @@
         d.addCallback(_created_dirnode)
 
-        def wait_for_c3_kg_conn():
-            return self.clients[3]._key_generator is not None
-        d.addCallback(lambda junk: self.poll(wait_for_c3_kg_conn))
-
-        def check_kg_poolsize(junk, size_delta):
-            self.failUnlessEqual(len(self.key_generator_svc.key_generator.keypool),
-                                 self.key_generator_svc.key_generator.pool_size + size_delta)
-
-        d.addCallback(check_kg_poolsize, 0)
-        d.addCallback(lambda junk:
-            self.clients[3].create_mutable_file(MutableData('hello, world')))
-        d.addCallback(check_kg_poolsize, -1)
-        d.addCallback(lambda junk: self.clients[3].create_dirnode())
-        d.addCallback(check_kg_poolsize, -2)
-        # use_helper induces use of clients[3], which is the using-key_gen client
-        d.addCallback(lambda junk:
-                      self.POST("uri?t=mkdir&name=george", use_helper=True))
-        d.addCallback(check_kg_poolsize, -3)
-
         return d