Class: PushyClient::ProtocolHandler

Inherits:

Object

• Object
• PushyClient::ProtocolHandler

Defined in:

lib/pushy_client/protocol_handler.rb

Defined Under Namespace

Classes: TimeRecvWrapper, TimeSendWrapper

Constant Summary

MAX_BODY_SIZE =

The maximum size, in bytes, allowed for a message body. This is not configurable because it is configurable (though not documented) on the server, and we don’t want to make users have to sync the two values. The max on the server is actually 65536, but we leave a little room since the server is measuring the signed message and we’re just counting the size of the stderr and stdout.

63000

Instance Attribute Summary

• #client ⇒ Object readonly

  Returns the value of attribute client.

• #client_private_key ⇒ Object readonly

  Returns the value of attribute client_private_key.

• #command_address ⇒ Object readonly

  Returns the value of attribute command_address.

• #server_heartbeat_address ⇒ Object readonly

  Returns the value of attribute server_heartbeat_address.

• #server_public_key ⇒ Object readonly

  Returns the value of attribute server_public_key.

• #session_key ⇒ Object readonly

  Returns the value of attribute session_key.

• #session_method ⇒ Object readonly

  Returns the value of attribute session_method.

Class Method Summary

• .hmac_valid?(message, sig, session_key) ⇒ Boolean
• .load_key(key_path) ⇒ Object
• .make_header_hmac(json, session_key) ⇒ Object
• .make_header_rsa(json, client_private_key) ⇒ Object
• .rsa_valid?(message, sig, server_public_key) ⇒ Boolean
• .send_signed_message(socket, method, client_private_key, session_key, message, client) ⇒ Object
• .valid?(header, message, server_public_key, session_key) ⇒ Boolean

  Message authentication (on receive).

Instance Method Summary

• #initialize(client) ⇒ ProtocolHandler constructor

  A new instance of ProtocolHandler.

• #node_name ⇒ Object
• #reconfigure ⇒ Object
• #send_command(message_type, job_id, params) ⇒ Object
• #send_heartbeat(sequence) ⇒ Object
• #start ⇒ Object
• #stop ⇒ Object

Constructor Details

#initialize(client) ⇒ ProtocolHandler

Returns a new instance of ProtocolHandler.

# File 'lib/pushy_client/protocol_handler.rb', line 71

def initialize(client)
  @client = client
  # We synchronize on this when we change the socket (so if you want a
  # valid socket to send or receive on, synchronize on this)
  @socket_lock = Mutex.new
  # This holds the same purpose, but receive blocks for a while so it gets
  # its own lock to avoid blocking sends.  reconfigure will take both locks.
  @receive_socket_lock = Mutex.new

  # When the server goes down, close and reopen sockets.
  client.on_server_availability_change do |available|
    if !available
      Thread.new do
        begin
          Chef::Log.info "[#{node_name}] Closing and reopening sockets since server is down ..."
          reconfigure
          Chef::Log.info "[#{node_name}] Done closing and reopening sockets."
        rescue
          client.log_exception("Error reconfiguring sockets when server went down", $!)
        end
      end
    end
  end
end

Instance Attribute Details

#client ⇒ Object (readonly)

Returns the value of attribute client.

# File 'lib/pushy_client/protocol_handler.rb', line 96

def client
  @client
end

#client_private_key ⇒ Object (readonly)

Returns the value of attribute client_private_key.

# File 'lib/pushy_client/protocol_handler.rb', line 102

def client_private_key
  @client_private_key
end

#command_address ⇒ Object (readonly)

Returns the value of attribute command_address.

# File 'lib/pushy_client/protocol_handler.rb', line 98

def command_address
  @command_address
end

#server_heartbeat_address ⇒ Object (readonly)

Returns the value of attribute server_heartbeat_address.

# File 'lib/pushy_client/protocol_handler.rb', line 97

def server_heartbeat_address
  @server_heartbeat_address
end

#server_public_key ⇒ Object (readonly)

Returns the value of attribute server_public_key.

# File 'lib/pushy_client/protocol_handler.rb', line 99

def server_public_key
  @server_public_key
end

#session_key ⇒ Object (readonly)

Returns the value of attribute session_key.

# File 'lib/pushy_client/protocol_handler.rb', line 100

def session_key
  @session_key
end

#session_method ⇒ Object (readonly)

Returns the value of attribute session_method.

# File 'lib/pushy_client/protocol_handler.rb', line 101

def session_method
  @session_method
end

Class Method Details

.hmac_valid?(message, sig, session_key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/pushy_client/protocol_handler.rb', line 462

def self.hmac_valid?(message, sig, session_key)
  message_sig = OpenSSL::HMAC.digest('sha256', session_key, message)
  # Defeat timing attacks; attacking this requires breaking SHA.
  sha = OpenSSL::Digest::SHA512.new
  sha.digest(sig) == sha.digest(message_sig)
end

.load_key(key_path) ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 512

def self.load_key(key_path)
  raw_key = IO.read(key_path).strip
  OpenSSL::PKey::RSA.new(raw_key)
end

.make_header_hmac(json, session_key) ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 523

def self.make_header_hmac(json, session_key)
  sig = OpenSSL::HMAC.digest('sha256', session_key, json)
  b64_sig = Base64.encode64(sig).chomp
  "Version:2.0;SigningMethod:hmac_sha256;Signature:#{b64_sig}"
end

.make_header_rsa(json, client_private_key) ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 517

def self.make_header_rsa(json, client_private_key)
  checksum = Mixlib::Authentication::Digester.hash_string(json)
  b64_sig = Base64.encode64(client_private_key.private_encrypt(checksum)).chomp
  "Version:2.0;SigningMethod:rsa2048_sha1;Signature:#{b64_sig}"
end

.rsa_valid?(message, sig, server_public_key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/pushy_client/protocol_handler.rb', line 456

def self.rsa_valid?(message, sig, server_public_key)
  decrypted_checksum = server_public_key.public_decrypt(sig)
  hashed_message = Mixlib::Authentication::Digester.hash_string(message)
  decrypted_checksum == hashed_message
end

.send_signed_message(socket, method, client_private_key, session_key, message, client) ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 483

def self.send_signed_message(socket, method, client_private_key, session_key, message, client)
  auth = case method
         when :rsa2048_sha1
           make_header_rsa(message, client_private_key)
         when :hmac_sha256
           make_header_hmac(message, session_key)
         end
  # https://github.com/chuckremes/ffi-rzmq/blob/master/lib/ffi-rzmq/socket.rb
  # send_string
  #
  # +flags+ may be ZMQ::DONTWAIT and ZMQ::SNDMORE.
  #
  # Returns 0 when the message was successfully enqueued.
  # Returns -1 under two conditions.
  # 1. The message could not be enqueued
  # 2. When +flags+ is set with ZMQ::DONTWAIT and the socket returned EAGAIN.
  #
  # With a -1 return code, the user must check ZMQ::Util.errno to determine the
  # cause.

  socket.send_string(auth, ZMQ::SNDMORE | ZMQ::DONTWAIT)
  rc = socket.send_string(message, ZMQ::DONTWAIT)
  if rc == -1
    Chef::Log.info("[#{client.node_name}] ZMQ socket enqueue error #{ZMQ::Util.errno}. Triggering reconfigure")
    # we don't immediately reconfigure because this is likely to amplify any stampedes.
    client.update_reconfigure_deadline(60)
  end
end

.valid?(header, message, server_public_key, session_key) ⇒ Boolean

Message authentication (on receive)

Returns:

• (Boolean)

# File 'lib/pushy_client/protocol_handler.rb', line 430

def self.valid?(header, message, server_public_key, session_key)
  headers = header.split(';')
  header_map = headers.inject({}) do |a,e|
    k,v = e.split(':')
    a[k] = v
    a
  end

  auth_sig  = header_map["Signature"]
  if !auth_sig
    return false
  end

  binary_sig = Base64.decode64(auth_sig)

  auth_method = header_map["SigningMethod"]
  case auth_method
  when "rsa2048_sha1"
    rsa_valid?(message, binary_sig, server_public_key)
  when "hmac_sha256"
    hmac_valid?(message, binary_sig, session_key)
  else
    false
  end
end

Instance Method Details

#node_name ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 104

def node_name
  client.node_name
end

#reconfigure ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 186

def reconfigure
  @socket_lock.synchronize do
    @receive_socket_lock.synchronize do
      internal_stop
      start # Start picks up new configuration
    end
  end
end

#send_command(message_type, job_id, params) ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 195

def send_command(message_type, job_id, params)
  Chef::Log.debug("[#{node_name}] Sending command #{message_type} for job #{job_id}")
  # Nil params will be stripped by JSON.generate()
  message = {
    :node => node_name,
    :client => client.hostname,
    :protocol_version => PushyClient::PROTOCOL_VERSION,
    :org => client.org_name,
    :type => message_type,
    :sequence => -1,
    :timestamp => TimeSendWrapper.now.httpdate,
    :incarnation_id => client.incarnation_id,
    :job_id => job_id
  }.merge(validate_params(params))

  send_signed_json_command(:hmac_sha256, message)
end

#send_heartbeat(sequence) ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 213

def send_heartbeat(sequence)
  Chef::Log.debug("[#{node_name}] Sending heartbeat (sequence ##{sequence})")
  job_state = client.job_state
  message = {
    :node => node_name,
    :client => client.hostname,
    :protocol_version => PushyClient::PROTOCOL_VERSION,
    :org => client.org_name,
    :type => :heartbeat,
    :sequence => -1,
    :timestamp => TimeSendWrapper.now.httpdate,
    :incarnation_id => client.incarnation_id,
    :job_state => job_state[:state],
    :job_id => job_state[:job_id]
  }

  send_signed_json_command(:hmac_sha256, message)
end

#start ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 108

def start
  server_address = URI(client.config['push_jobs']['heartbeat']['out_addr']).host
  check_server_address(node_name, server_address)

  @server_heartbeat_address = client.config['push_jobs']['heartbeat']['out_addr']
  @command_address = client.config['push_jobs']['heartbeat']['command_addr']
  @server_public_key = OpenSSL::PKey::RSA.new(client.config['public_key'])
  @client_private_key = ProtocolHandler::load_key(client.client_key)
  @max_message_skew = client.config['max_message_skew']

  if client.using_curve
    server_curve_pub_key = client.config['curve_public_key']

    # decode and extract session key
    begin
      @session_method = client.config['encoded_session_key']['method']
      enc_session_key = Base64::decode64(client.config['encoded_session_key']['key'])
    @session_key = @client_private_key.private_decrypt(enc_session_key)
    rescue =>_
      Chef::Log.error "[#{node_name}] No session key found in config"
      exit(-1)
    end
  else
    # decode and extract session key
    begin
      @session_method = client.config['encoded_session_key']['method']
      enc_session_key = Base64::decode64(client.config['encoded_session_key']['key'])
      @session_key = @client_private_key.private_decrypt(enc_session_key)
    rescue =>e
      Chef::Log.error "[#{node_name}] No session key found in config"
      exit(-1)
    end
  end

  Chef::Log.info "[#{node_name}] Starting ZMQ version #{LibZMQ.version}"

  # Server heartbeat socket
  Chef::Log.info "[#{node_name}] Listening for server heartbeat at #{@server_heartbeat_address}"
  @server_heartbeat_socket = PushyClient::ZmqContext.socket(ZMQ::SUB)
  @server_heartbeat_socket.connect(@server_heartbeat_address)
  @server_heartbeat_socket.setsockopt(ZMQ::SUBSCRIBE, "")
  @server_heartbeat_seq_no = -1

  # Command socket
  Chef::Log.info "[#{node_name}] Connecting to command channel at #{@command_address}"
  # TODO
  # This needs to be set up to be able to handle bidirectional messages; right now this is Tx only
  # Probably need to set it up with a handler, like the subscriber socket above.
  @command_socket = PushyClient::ZmqContext.socket(ZMQ::DEALER)
  @command_socket.setsockopt(ZMQ::LINGER, 0)
  # Note setting this to '1' causes the client to crash on send, but perhaps that
  # beats storming the server when the server restarts
  @command_socket.setsockopt(ZMQ::RCVHWM, 0)
  # Buffering more than a few heartbeats can cause trauma on the server after restart
  @command_socket.setsockopt(ZMQ::SNDHWM, 3)

  if client.using_curve
    @command_socket.setsockopt(ZMQ::CURVE_SERVERKEY, server_curve_pub_key)
    @command_socket.setsockopt(ZMQ::CURVE_PUBLICKEY, client.client_curve_pub_key)
    @command_socket.setsockopt(ZMQ::CURVE_SECRETKEY, client.client_curve_sec_key)
  end

  @command_socket.connect(@command_address)
  @command_socket_server_seq_no = -1

  @command_socket_outgoing_seq = 0

  @receive_thread = start_receive_thread
end

#stop ⇒ Object

# File 'lib/pushy_client/protocol_handler.rb', line 178

def stop
  @socket_lock.synchronize do
    @receive_socket_lock.synchronize do
      internal_stop
    end
  end
end