Commit 5d05c34b authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

registry: make grace_period a command line option

parent aff69950
......@@ -113,6 +113,9 @@ def main():
_('--community',
help="File containing community configuration. This file cannot be"
" empty and must contain the default location ('*').")
_('--grace-period', default=8640000, type=int,
help="Period in seconds during which a client can renew its"
" certificate even if expired (default 100 days)")
_ = parser.add_argument_group('routing').add_argument
_('--hello', type=int, default=15,
......
......@@ -32,7 +32,6 @@ from . import ctl, tunnel, utils, version, x509
HMAC_HEADER = "Re6stHMAC"
RENEW_PERIOD = 30 * 86400
GRACE_PERIOD = 100 * 86400
BABEL_HMAC = 'babel_hmac0', 'babel_hmac1', 'babel_hmac2'
def rpc(f):
......@@ -251,7 +250,7 @@ class RegistryServer(object):
# 'select' call does not return. Ideally, we should interrupt it.
logging.info("Checking if there's any old entry in the database ...")
not_after = None
old = time.time() - GRACE_PERIOD
old = time.time() - self.config.grace_period
q = self.db.execute
with self.lock, self.db:
q("BEGIN")
......@@ -278,7 +277,7 @@ class RegistryServer(object):
elif not_after is None or x < not_after:
not_after = x
self.mergePrefixes()
self.timeout = not_after and not_after + GRACE_PERIOD
self.timeout = not_after and not_after + self.config.grace_period
def handle_request(self, request, method, kw):
m = getattr(self, method)
......
......@@ -24,5 +24,6 @@
"same_country": null,
"tunnel_refresh": 300,
"hello": 15,
"community": null
}
\ No newline at end of file
"community": null,
"grace_period": 8640000
}
......@@ -112,7 +112,7 @@ class TestRegistryServer(unittest.TestCase):
token_old, token = "bbbbdddd", "ddddbbbb"
prefix_old, prefix = "1110", "1111"
# 20 magic number, make sure we create old enough new cert/token
now = int(time.time()) - registry.GRACE_PERIOD + 20
now = int(time.time()) - self.config.grace_period + 20
# makeup data
insert_cert(cur, self.server.cert, prefix_old, 1)
insert_cert(cur, self.server.cert, prefix, now -1)
......@@ -130,7 +130,7 @@ class TestRegistryServer(unittest.TestCase):
self.assertIsNone(get_cert(cur, prefix_old), "old cert not deleted")
self.assertIsNotNone(get_cert(cur, prefix))
self.assertEqual(self.server.timeout,
now - 1 + registry.GRACE_PERIOD,
now - 1 + self.config.grace_period,
"time_out set wrongly")
delete_cert(cur, prefix)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment