myproxy-test-replicate

代理服务器源代码 供大家学习使用,希望大家喜欢

#!/usr/bin/perl -w

# myproxy test script
# written by Jim Basney <jbasney@ncsa.uiuc.edu>

# Requires a valid proxy credential with lifetime of atleast 3 hours.
#
# Test cases are:
#   1. Store a credential on master (myproxy-init).
#   2. Get info on the stored credential (myproxy-info).
#   3. Retrieve stored credential from master (myproxy-get-delegation).
#   4. Replicate to slaves (myproxy-replicate).
#   5. Retrieve stored credential from slave (myproxy-get-delegation). 
#   6. Change passphrase on master (myproxy-change-pass-phrase).
#   7. Retrieve from master with new passphrase.
#   8. Replicate to slaves (myproxy-replicate). 
#   9. Remove credential from repository (myproxy-destroy).
#  10. Verify credential is removed from master(myproxy_info).
#  11. Replicate to slaves (myproxy-replicate).
#  12. Verify credential is removed from slave(myproxy_info).
#
#  13. Store credential (myproxy-store -v -t 1)
#  14. Get info on the stored credential (myproxy-info)
#  15. Create proxy from stored credential (myproxy-get-delegation).
#  16. Replicate to slaves (myproxy-replicate).
#  17. Retrieve stored credential from master (myproxy-retrieve)
#  18. Retrieve stored credential from slave (myproxy-retrieve)
#
#  Test server failure.
#
#  20. Store a credential (myproxy-store -v -t 1)
#  21. Shutdown one slave server and replicate (myproxy-replicate)
#      Should get one failure: STATUS: 256
#                               Unable to connect to 141.142.96.61:60503
#      .myproxy_replicate and .myproxy_deleted should not update
#  22. Restart slave server and and replicate (myproxy-replicate)
#  23. Shutdown one slave server and destroy cred (myproxy-destroy)
#      Should get one failure: STATUS: 256
#                               error in myproxy_init_client(): Unable to connect to 141.142.96.61:60503
#      .myproxy_replicate and .myproxy_deleted should not update
#  24. Restart slave server and and replicate (myproxy-replicate)
#  25. Store a credential (myproxy-store -v -t 1)
#  26. Shutdown one slave server and replicate (myproxy-replicate)
#      Should get one failure: STATUS: 256
#                               Unable to connect to 141.142.96.61:60503
#      .myproxy_replicate and .myproxy_deleted should not update
#  27. Restart slave server and destroy cred (myproxy-destroy) 

use IPC::Open3;

#
# handle cmdline options
#
$usage = "usage: myproxy-test [-help] [-verbose]\n";
$verbose = 0;
while (($arg = shift @ARGV)) {
    if ($arg eq "-h" || $arg eq "-help") {
	print STDERR $usage;
	exit 1;
    } elsif ($arg eq "-v" || $arg eq "-verbose") {
	$verbose = 1;
    } else {
	print STDERR $usage;
	exit 1;
    }
}

#
# make sure I have a valid proxy
#
chomp($grid_proxy_init = `which grid-proxy-init 2>/dev/null`);
die "grid-proxy-init not found, stopped" if (!(-x $grid_proxy_init));
chomp($grid_proxy_info = `which grid-proxy-info 2>/dev/null`);
die "grid-proxy-info not found, stopped" if (!(-x $grid_proxy_info));
$timeleft = `$grid_proxy_info -timeleft 2>/dev/null`;
if (!defined($timeleft) || $timeleft eq "" || ($timeleft < 60*60*3)) {
    &debug("Problem with proxy.  Will try to create a new one.");
    `$grid_proxy_init -pwstdin </dev/null >/dev/null 2>&1`;
    $timeleft = `$grid_proxy_info -timeleft 2>/dev/null`;
}
die "grid-proxy-info failed, stopped"
    if (!defined($timeleft) || $timeleft eq "");
die "proxy expired, stopped" if ($timeleft < 60);
die "proxy lifetime too short, stopped" if ($timeleft < 60*60*3);
$cert_subject = `$grid_proxy_info -subject`;
die "grid-proxy-info -subject failed, stopped"
    if (!defined($cert_subject) || $cert_subject eq "");
$cert_subject = (split(/\/CN=proxy|\/CN=limited proxy|\/CN=\d+/,
		       $cert_subject))[0];

#
# check for the commands I want to run
#
chomp($myproxy_store = `which myproxy-store 2>/dev/null`);
die "myproxy-store not in PATH, stopped" if (!(-x $myproxy_store));
chomp($myproxy_init = `which myproxy-init 2>/dev/null`);
die "myproxy-init not in PATH, stopped" if (!(-x $myproxy_init));
chomp($myproxy_retrieve = `which myproxy-retrieve 2>/dev/null`);
die "myproxy-retrieve not in PATH, stopped" if (!(-x $myproxy_retrieve));
chomp($myproxy_info = `which myproxy-info 2>/dev/null`);
die "myproxy-info not in PATH, stopped" if (!(-x $myproxy_info));
chomp($myproxy_destroy = `which myproxy-destroy 2>/dev/null`);
die "myproxy-destroy not in PATH, stopped" if (!(-x $myproxy_destroy));
chomp($myproxy_get = `which myproxy-get-delegation 2>/dev/null`);
die "myproxy-get-delegation not in PATH, stopped" if (!(-x $myproxy_get));
chomp($myproxy_passwd = `which myproxy-change-pass-phrase 2>/dev/null`);
die "myproxy-change-pass-phrase not in PATH, stopped"
    if (!(-x $myproxy_passwd));

#
# setup environment variables
#
if (!defined($ENV{'X509_USER_PROXY'})) {
    $ENV{'X509_USER_PROXY'} = "/tmp/x509up_u$<";
}
# make proxy from existing proxy, so we don't need to deal with long-term cred
$ENV{'X509_USER_CERT'} = $ENV{'X509_USER_PROXY'};
$ENV{'X509_USER_KEY'} = $ENV{'X509_USER_PROXY'};

srand(time||$$);
$passphrase = sprintf "%010.d", int(rand(0x7fffffff));

my $mport   = 49152 + ($< % 16380);
my $s1port  = $mport + 1;
my $s2port  = $mport + 2;
my $s3port  = $mport + 3;

my $masterpid     = undef;
my $masterdir     = undef;
my $masterconf    = undef;
my $masterpidfile = undef;

my $slconf        = undef;

my $sl1pid        = undef;
my $sl1dir        = undef;
my $sl1pidfile    = undef;

my $sl2pid        = undef;
my $sl2dir        = undef;
my $sl2pidfile    = undef;

my $sl3pid        = undef;
my $sl3dir        = undef;
my $sl3pidfile    = undef;

#
# start servers
#
$ENV{'MYPROXY_SERVER'} = "localhost";
$ENV{'MYPROXY_SERVER_DN'} = $cert_subject;

chomp($myproxy_server = `which myproxy-server 2>/dev/null`);
die "myproxy-server not in PATH, stopped" if (!(-x $myproxy_server));
$masterdir = "/tmp/myproxy-test.serverdir.$mport.master.$$";
mkdir($masterdir) ||
    die "failed to create $masterdir, stopped";
chmod(0700, $masterdir) ||
    die "failed to chmod $masterdir, stopped";
$masterconf = "/tmp/myproxy-test.serverconf.$mport.master.$$";
open(CONF, ">$masterconf") ||
    die "failed to open $masterconf, stopped";
print CONF "accepted_credentials  \"*\"\n";
print CONF "authorized_retrievers \"*\"\n";
print CONF "default_retrievers    \"*\"\n";
print CONF "authorized_renewers   \"*\"\n";
print CONF "default_renewers      \"none\"\n";
print CONF "authorized_key_retrievers \"*\"\n";
print CONF "default_key_retrievers    \"*\"\n";
print CONF "slave_servers localhost:$s1port;localhost:$s2port;localhost:$s3port";
close(CONF);
$masterpidfile = "/tmp/myproxy-test.serverpid.$mport.master.$$";
$servercmd = "$myproxy_server -s $masterdir -c $masterconf";
$servercmd .= " -p $mport -P $masterpidfile";
&debug("running '$servercmd'");
`$servercmd`;
sleep(1);			# give server a chance to startup
if (open SERVERPIDFILE, $masterpidfile) {
    $masterpid = <SERVERPIDFILE>;
    close SERVERPIDFILE;
}
if (!defined($masterpid) || $masterpid eq "") {
    print STDERR "failed to start master:\n";
    `$servercmd -d`;	# show output on terminal
    &docleanup();
    exit 1;
}

$sl1dir = "/tmp/myproxy-test.serverdir.$s1port.sl1.$$";
mkdir($sl1dir) ||
    die "failed to create $sl1dir, stopped";
chmod(0700, $sl1dir) ||
    die "failed to chmod $sl1dir, stopped";
$slconf = "/tmp/myproxy-test.serverconf.$s1port.sl1.$$";
open(CONF, ">$slconf") ||
    die "failed to open $slconf, stopped";
print CONF "accepted_credentials  \"$ENV{MYPROXY_SERVER_DN}\"\n";
print CONF "authorized_retrievers \"*\"\n";
print CONF "default_retrievers    \"*\"\n";
print CONF "authorized_renewers   \"*\"\n";
print CONF "default_renewers      \"none\"\n";
print CONF "authorized_key_retrievers \"*\"\n";
print CONF "default_key_retrievers    \"*\"\n";
close(CONF);
$sl1pidfile = "/tmp/myproxy-test.serverpid.$s1port.sl1.$$";
$servercmd = "$myproxy_server -s $sl1dir -c $slconf";
$servercmd .= " -p $s1port -P $sl1pidfile";
&debug("running '$servercmd'");
`$servercmd`;
sleep(1);			# give server a chance to startup
if (open SERVERPIDFILE, $sl1pidfile) {
    $sl1pid = <SERVERPIDFILE>;
    close SERVERPIDFILE;
}
if (!defined($sl1pid) || $sl1pid eq "") {
    print STDERR "failed to start slave 1:\n";
    `$servercmd -d`;	# show output on terminal
    &docleanup();
    exit 1;
}

$sl2dir = "/tmp/myproxy-test.serverdir.$s2port.sl1.$$";
mkdir($sl2dir) ||
    die "failed to create $sl2dir, stopped";
chmod(0700, $sl2dir) ||
    die "failed to chmod $sl2dir, stopped";
$sl2pidfile = "/tmp/myproxy-test.serverpid.$s2port.sl1.$$";
$servercmd = "$myproxy_server -s $sl2dir -c $slconf";
$servercmd .= " -p $s2port -P $sl2pidfile";
&debug("running '$servercmd'");
`$servercmd`;
sleep(1);			# give server a chance to startup
if (open SERVERPIDFILE, $sl2pidfile) {
    $sl2pid = <SERVERPIDFILE>;
    close SERVERPIDFILE;
}
if (!defined($sl2pid) || $sl2pid eq "") {
    print STDERR "failed to start slave 2:\n";
    `$servercmd -d`;	# show output on terminal
    &docleanup();
    exit 1;
}

start_sl3();

sub start_sl3
{
  chomp($myproxy_server = `which myproxy-server 2>/dev/null`);

  die "myproxy-server not in PATH, stopped" if (!(-x $myproxy_server));

  $sl3dir = "/tmp/myproxy-test.serverdir.$s3port.sl1.$$";

  if( !(-d $sl3dir) )
  {
    mkdir($sl3dir) || 
        die "failed to create $sl3dir, stopped";
  }

  chmod(0700, $sl3dir) ||
      die "failed to chmod $sl3dir, stopped";

  $sl3pidfile = "/tmp/myproxy-test.serverpid.$s3port.sl1.$$";
  $servercmd  = "$myproxy_server -s $sl3dir -c $slconf";
  $servercmd .= " -p $s3port -P $sl3pidfile";

  &debug("running '$servercmd'");

  `$servercmd`;

  sleep(1);			# give server a chance to startup

  if (open SERVERPIDFILE, $sl3pidfile) 
  {
      $sl3pid = <SERVERPIDFILE>;
      close SERVERPIDFILE;
  }

  if (!defined($sl3pid) || $sl3pid eq "") 
  {
      print STDERR "failed to start slave 3:\n";

      `$servercmd -d`;	# show output on terminal
      &docleanup();

      exit 1;
  }
}

#
# BEGIN TESTS
#
$SUCCESSES = $FAILURES = 0;

# commands to test: myproxy-init, myproxy-info, myproxy-destroy,
#                   myproxy-get-delegation, and myproxy-change-pass-phrase

##
## Test 1
##
($exitstatus, $output) =
    &runtest("myproxy-init -s localhost -p $mport -v -a -c 1 -t 1 -S",
	     $passphrase . "\n");
print "MyProxy Test 1 (store credential with default name): ";
if ($exitstatus == 0) {
    print "SUCCEEDED\n"; $SUCCESSES++;
} else {
    print "FAILED\n"; $FAILURES++; print STDERR $output;
}

##
## Test 2
##
($exitstatus, $output) = &runtest("myproxy-info -s localhost -p $mport -v", undef);
print "MyProxy Test 2 (get info for stored credential): ";
if ($exitstatus == 0 && $output =~ /username/) {
    print "SUCCEEDED\n"; $SUCCESSES++;
} else {
    print "FAILED\n"; $FAILURES++; print STDERR $output;
}

##
## Test 3
##
($exitstatus, $output) =
    &runtest("myproxy-get-delegation -s localhost -p $mport -t 1 -o /tmp/myproxy-test.$$ -v -S",
	     $passphrase . "\n");
print "MyProxy Test 3 (retrieve stored credential): ";
if ($exitstatus == 0) {
    ($exitstatus, $output) =
	&verifyproxy("/tmp/myproxy-test.$$");
}
if ($exitstatus == 0) {
    print "SUCCEEDED\n"; $SUCCESSES++;
} else {
    print "FAILED\n"; $FAILURES++; print STDERR $output;
}

##
## Test 4
##
($exitstatus, $output) =
    &runtest("myproxy-replicate -c /tmp/myproxy-test.serverconf.$mport.master.$$ -r /tmp/myproxy-test.serverdir.$mport.master.$$",
	     undef);
print "MyProxy Test 4 (Replicate master server to all slaves): ";
if ($exitstatus == 0) {
    print "SUCCEEDED\n"; $SUCCESSES++;
} else {
    print "FAILED\n"; $FAILURES++; print STDERR $output;
}