diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/Server/Admin/Init.py | 2 | ||||
-rw-r--r-- | src/lib/Server/Core.py | 2 | ||||
-rw-r--r-- | src/lib/Server/Plugins/Metadata.py | 20 |
3 files changed, 20 insertions, 4 deletions
diff --git a/src/lib/Server/Admin/Init.py b/src/lib/Server/Admin/Init.py index eab030cf8..9a6ad9de9 100644 --- a/src/lib/Server/Admin/Init.py +++ b/src/lib/Server/Admin/Init.py @@ -156,7 +156,7 @@ def create_conf(confpath, confdata, keypath): return try: open(confpath, "w").write(confdata) - os.chmod(keypath, stat.S_IRUSR | stat.S_IWUSR) # 0600 + os.chmod(confpath, stat.S_IRUSR | stat.S_IWUSR) # 0600 except Exception: e = sys.exc_info()[1] print("Error %s occured while trying to write configuration " diff --git a/src/lib/Server/Core.py b/src/lib/Server/Core.py index 91b6a3555..2d735133b 100644 --- a/src/lib/Server/Core.py +++ b/src/lib/Server/Core.py @@ -365,7 +365,7 @@ class Core(Component): """Fetch probes for a particular client.""" resp = lxml.etree.Element('probes') try: - name = self.metadata.resolve_client(address) + name = self.metadata.resolve_client(address, cleanup_cache=True) meta = self.build_metadata(name) for plugin in self.plugins_by_type(Bcfg2.Server.Plugin.Probing): diff --git a/src/lib/Server/Plugins/Metadata.py b/src/lib/Server/Plugins/Metadata.py index bfe1ac053..c355568cd 100644 --- a/src/lib/Server/Plugins/Metadata.py +++ b/src/lib/Server/Plugins/Metadata.py @@ -571,11 +571,24 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, self.clients[client] = profile self.clients_xml.write() - def resolve_client(self, addresspair): + def resolve_client(self, addresspair, cleanup_cache=False): """Lookup address locally or in DNS to get a hostname.""" if addresspair in self.session_cache: + # client _was_ cached, so there can be some expired entries + # we need to clean them up to avoid potentially infinite memory swell + cache_ttl = 90 + if cleanup_cache: + # remove entries for this client's IP address with _any_ port numbers + # - perhaps a priority queue could be faster? + curtime = time.time() + for addrpair in self.session_cache.keys(): + if addresspair[0] == addrpair[0]: + (stamp, _) = self.session_cache[addrpair] + if curtime - stamp > cache_ttl: + del self.session_cache[addrpair] + # return the cached data (stamp, uuid) = self.session_cache[addresspair] - if time.time() - stamp < 90: + if time.time() - stamp < cache_ttl: return self.session_cache[addresspair][1] address = addresspair[0] if address in self.addresses: @@ -741,6 +754,9 @@ class Metadata(Bcfg2.Server.Plugin.Plugin, return False if id_method == 'cert' and auth_type != 'cert+password': + # remember the cert-derived client name for this connection + if client in self.floating: + self.session_cache[address] = (time.time(), client) # we are done if cert+password not required return True |