d9faf1c204
This patch includes several separate sets of changes which have been reviewed individually but must be submitted together to get past the newly updated version of pep8 and changes to the nova code base. 1. Replace our CONF object with the one from openstack.common.cfg. There's no need to use our own, especially since some option are already registered on it for us. Signed-off-by: Julien Danjou <julien.danjou@enovance.com> 2. Instead of importing the RPC code from nova, use the openstack.common.rpc package. This change copies that code in from openstack-common, changes the imports throughout ceilometer, and fixes the way the configuration settings are initialized. 3. Resolve PEP-8 issues introduced by an even more pedantic version of pep8 (1.3.1). Some of the changes are fixed, and some warnings/errors are suppressed. 4. Ignore import errors in impl_qpid because the qpid package is not installed on the stackforge test server. 5. Fix missing imports from gettextutils in openstack.common. Change-Id: I0ee7d4b3278d8ff1951ca27592e3be8a87fe4854
95 lines
3.1 KiB
Python
95 lines
3.1 KiB
Python
# -*- encoding: utf-8 -*-
|
|
#
|
|
# Copyright © 2012 New Dream Network, LLC (DreamHost)
|
|
#
|
|
# Author: Doug Hellmann <doug.hellmann@dreamhost.com>
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
"""Compute the signature of a metering message.
|
|
"""
|
|
|
|
import hashlib
|
|
import hmac
|
|
import uuid
|
|
|
|
from ceilometer.openstack.common import cfg
|
|
|
|
METER_OPTS = [
|
|
cfg.StrOpt('metering_secret',
|
|
default='change this or be hacked',
|
|
help='Secret value for signing metering messages',
|
|
),
|
|
cfg.StrOpt('metering_topic',
|
|
default='metering',
|
|
help='the topic ceilometer uses for metering messages',
|
|
),
|
|
]
|
|
|
|
cfg.CONF.register_opts(METER_OPTS)
|
|
|
|
|
|
def recursive_keypairs(d):
|
|
"""Generator that produces sequence of keypairs for nested dictionaries.
|
|
"""
|
|
for name, value in sorted(d.iteritems()):
|
|
if isinstance(value, dict):
|
|
for subname, subvalue in recursive_keypairs(value):
|
|
yield ('%s:%s' % (name, subname), subvalue)
|
|
else:
|
|
yield name, value
|
|
|
|
|
|
def compute_signature(message):
|
|
"""Return the signature for a message dictionary.
|
|
"""
|
|
digest_maker = hmac.new(cfg.CONF.metering_secret, '', hashlib.sha256)
|
|
for name, value in recursive_keypairs(message):
|
|
if name == 'message_signature':
|
|
# Skip any existing signature value, which would not have
|
|
# been part of the original message.
|
|
continue
|
|
digest_maker.update(name)
|
|
digest_maker.update(unicode(value).encode('utf-8'))
|
|
return digest_maker.hexdigest()
|
|
|
|
|
|
def verify_signature(message):
|
|
"""Check the signature in the message against the value computed
|
|
from the rest of the contents.
|
|
"""
|
|
old_sig = message.get('message_signature')
|
|
new_sig = compute_signature(message)
|
|
return new_sig == old_sig
|
|
|
|
|
|
def meter_message_from_counter(counter):
|
|
"""Make a metering message ready to be published or stored.
|
|
|
|
Returns a dictionary containing a metering message
|
|
for a notification message and a Counter instance.
|
|
"""
|
|
msg = {'source': counter.source,
|
|
'counter_name': counter.name,
|
|
'counter_type': counter.type,
|
|
'counter_volume': counter.volume,
|
|
'user_id': counter.user_id,
|
|
'project_id': counter.project_id,
|
|
'resource_id': counter.resource_id,
|
|
'timestamp': counter.timestamp,
|
|
'counter_duration': counter.duration,
|
|
'resource_metadata': counter.resource_metadata,
|
|
'message_id': str(uuid.uuid1()),
|
|
}
|
|
msg['message_signature'] = compute_signature(msg)
|
|
return msg
|