/// <summary>
/// This method executes the test with the specified parameter set passed into the constructor.
/// </summary>
/// <param name="token">the Cancellation token for the async operation.</param>
/// <exception cref= "System.Fabric.FabricValidationException" >If any service does not stabilize within the specified timeout.</exception>
/// <returns>Returns a Task which represents the asynchronous operation.</returns>
public async Task ExecuteAsync(CancellationToken token)
{
DateTime testStartTime = DateTime.UtcNow;
try
{
this.stopwatch = new Stopwatch();
this.stopwatch.Start();
this.TestContext = this.FabricClient.FaultManager.TestContext;
// Call derived class method OnExecuteAsync()
await this.OnExecuteAsync(token);
this.ReportProgress("Scenario complete");
await this.ValidateScenarioAtExitAsync(token);
Log.WriteInfo(TraceType, "ExecuteAsync(): Scenario completed.");
}
catch (OperationCanceledException)
{
Log.WriteWarning(TraceType, "ExecuteAsync(): Cancellation was requested while running the scenario.");
throw;
}
catch (Exception e)
{
Log.WriteError(TraceType, "ExecuteAsync(): Exception was thrown while running the scenario: {0}", e);
throw;
}
}
internal SecurityToken GetSecurityTokenInternal()
{
TokenServiceMetadata gatewayMetadata = GetMetadata();
AuthenticationMetadata dSTSMetadata = new AuthenticationMetadata(TVSSerializerUtility.Deserialize(gatewayMetadata.Metadata));
if (cloudServiceName != null && cloudServiceName != gatewayMetadata.ServiceName)
{
string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceName", cloudServiceName, gatewayMetadata.ServiceName);
TraceSource.WriteWarning(
TraceType,
warning);
throw new FabricException(warning);
}
if (cloudServiceDnsNames != null &&
cloudServiceDnsNames.FirstOrDefault(name => name == gatewayMetadata.ServiceDnsName) == null)
{
string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceDNSNames", string.Join(",", cloudServiceDnsNames), gatewayMetadata.ServiceDnsName);
TraceSource.WriteWarning(
TraceType,
warning);
throw new FabricException(warning);
}
SecurityTokenIssuanceResponse rstr;
try
{
rstr = authenticationClient.GetSecurityToken(
gatewayMetadata.ServiceName,
gatewayMetadata.ServiceDnsName,
dSTSMetadata);
}
catch (SecurityTokenIssuanceException e)
{
TraceSource.WriteWarning(
TraceType,
"GetSecurityToken failed with exception: {0}",
e.Message);
throw new FabricException(e.Message);
}
return(rstr.SecurityToken);
}
public void WriteWarning(TraceType traceType, string format, params object[] args)
{
if (!string.IsNullOrEmpty(this.TraceId))
{
TraceSource.WriteWarningWithId(traceType.Name, this.TraceId, format, args);
}
else
{
TraceSource.WriteWarning(traceType.Name, format, args);
}
}
private static void RenameFolder(string srcFolderName, string dstFolderName)
{
if (string.IsNullOrEmpty(srcFolderName) || !FabricDirectory.Exists(srcFolderName))
{
throw new ArgumentException("Invalid source folder name specified");
}
if (string.IsNullOrEmpty(dstFolderName) || FabricDirectory.Exists(dstFolderName))
{
throw new ArgumentException("Invalid destination folder name specified");
}
for (int i = 1; i <= MaxRetryAttempts; i++)
{
try
{
FabricFile.Move(srcFolderName, dstFolderName);
if (i > 1)
{
// Try sleeping second time around
Thread.Sleep(500);
}
//This is for the rare case of renaming failed without any error from the common library; referring to incident #45017448
if (!FabricDirectory.Exists(dstFolderName))
{
traceSource.WriteWarning(
ClassName,
"Failed to rename folder {0} to {1} without any error, and retrying",
srcFolderName,
dstFolderName);
}
else
{
break;
}
}
catch (Exception ex)
{
traceSource.WriteError(
ClassName,
"Failed to rename folder {0} to {1} with error {2}, and detail exception {3}",
srcFolderName,
dstFolderName,
ex.Message,
ex);
}
}
}
private string LoadLibraryAndGetToken()
{
Assembly module;
var assembly = Path.Combine(FabricEnvironment.GetCodePath(), Constants.dSTSClientLibraryName);
try
{
module = Assembly.LoadFrom(assembly);
}
catch (FileNotFoundException e)
{
TraceSource.WriteWarning(
TraceType,
"Unable to load assembly or one of its dependencies: {0}",
assembly);
throw new FabricException(StringResources.Error_dSTSOptionNotSupported, e);
}
Type dSTSClient;
dSTSClient = module.GetType(Constants.dSTSClientName, false);
if (dSTSClient == null)
{
TraceSource.WriteWarning(
TraceType,
"Unable to get type : {0}",
Constants.dSTSClientName);
throw new FabricException(StringResources.Error_dSTSOptionNotSupported);
}
MethodInfo GetSecurityTokenInfo = dSTSClient.GetMethod(Constants.GetSecurityToken, new Type[] { });
MethodInfo CreatedSTSClientInfo = dSTSClient.GetMethod(Constants.CreatedSTSClient, BindingFlags.Static | BindingFlags.Public);
if (GetSecurityTokenInfo == null ||
CreatedSTSClientInfo == null)
{
TraceSource.WriteWarning(
TraceType,
"Unable to get methods : {0}, {1}",
Constants.GetSecurityToken,
Constants.CreatedSTSClient);
throw new FabricException(StringResources.Error_dSTSOptionNotSupported);
}
object client = CreatedSTSClientInfo.Invoke(null, new object[] { metadataEndpoint, serverCommonNames, serverThumbprints, interactive, cloudServiceName, cloudServiceDNSNames });
if (client == null)
{
TraceSource.WriteWarning(
TraceType,
"Method invocation failure - MethodName {0}",
Constants.CreatedSTSClient);
throw new FabricException(StringResources.Error_dSTSOptionNotSupported);
}
return((string)GetSecurityTokenInfo.Invoke(client, null));
}
public static void WriteWarning(string format, params object[] args)
{
traceSource.WriteWarning(DeployerTrace.TraceType, format, args);
}
public static void WriteWarning(TraceType traceType, string format, params object[] args)
{
traceSource.WriteWarning(traceType.Name, format, args);
}
private static void WriteWarning(string format, params object[] args)
{
TraceSource.WriteWarning(TraceType, format, args);
}
internal static string GetKernelCrashFolder(FabricEvents.ExtensionsEvents traceSource, string logSourceId)
{
string string_to_check = "Not ready to kdump";
string kdump_config_output = string.Empty;
string kernelCrashFolderPath = string.Empty;
try
{
using (var p = new Process())
{
var startInfo = new ProcessStartInfo {
FileName = "kdump-config", Arguments = "status"
};
startInfo.RedirectStandardOutput = true;
p.StartInfo = startInfo;
p.Start();
p.WaitForExit(3000);
using (var reader = p.StandardOutput)
kdump_config_output = reader.ReadToEnd();
}
if (kdump_config_output == null)
{
traceSource.WriteWarning(
logSourceId,
"kdump status output empty");
return(string.Empty);
}
}
catch (Exception e)
{
traceSource.WriteExceptionAsWarning(
logSourceId,
e);
return(string.Empty);
}
if (kdump_config_output.Contains(string_to_check))
{
traceSource.WriteWarning(
logSourceId,
"kdump is not configured");
return(string.Empty);
}
try
{
using (var p = new Process())
{
var startInfo = new ProcessStartInfo {
FileName = "/bin/bash", Arguments = "-c \" kdump-config show | grep \"KDUMP_COREDIR:\" | cut -f 5 -d' ' \" "
};
startInfo.RedirectStandardOutput = true;
p.StartInfo = startInfo;
p.Start();
p.WaitForExit(3000);
using (var reader = p.StandardOutput)
{
kdump_config_output = reader.ReadToEnd();
}
}
if (kdump_config_output == null)
{
traceSource.WriteWarning(
logSourceId,
"kdump config output empty");
return(string.Empty);
}
kernelCrashFolderPath = Path.GetFullPath(kdump_config_output);
}
catch (Exception e)
{
traceSource.WriteExceptionAsWarning(
logSourceId,
e);
return(string.Empty);
}
return(kernelCrashFolderPath.Trim());
}
public static void ReserveUrl(string networkUrl, string securityDescriptor)
{
TraceSource.WriteInfo(
PortAclUtility.TraceType,
"Started to Reserve Url. networkUrl: {0}, securityDescriptor: {1}.",
networkUrl,
securityDescriptor);
uint retVal = (uint)NOERROR; // NOERROR = 0
HTTPAPI_VERSION httpApiVersion = new HTTPAPI_VERSION(1, 0);
retVal = HttpInitialize(httpApiVersion, HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
TraceSource.WriteInfo(
PortAclUtility.TraceType,
"HttpInitialize completed with return value: {0}.",
retVal);
if ((uint)NOERROR == retVal)
{
HTTP_SERVICE_CONFIG_URLACL_KEY keyDesc = new HTTP_SERVICE_CONFIG_URLACL_KEY(networkUrl);
HTTP_SERVICE_CONFIG_URLACL_PARAM paramDesc = new HTTP_SERVICE_CONFIG_URLACL_PARAM(securityDescriptor);
HTTP_SERVICE_CONFIG_URLACL_SET inputConfigInfoSet = new HTTP_SERVICE_CONFIG_URLACL_SET
{
KeyDesc = keyDesc,
ParamDesc = paramDesc
};
IntPtr pInputConfigInfo = Marshal.AllocCoTaskMem(Marshal.SizeOf(typeof(HTTP_SERVICE_CONFIG_URLACL_SET)));
Marshal.StructureToPtr(inputConfigInfoSet, pInputConfigInfo, false);
retVal = HttpSetServiceConfiguration(IntPtr.Zero,
HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo,
pInputConfigInfo,
Marshal.SizeOf(inputConfigInfoSet),
IntPtr.Zero);
TraceSource.WriteInfo(
PortAclUtility.TraceType,
"HttpSetServiceConfiguration completed with return value: {0}.",
retVal);
if ((uint)ERROR_ALREADY_EXISTS == retVal) // ERROR_ALREADY_EXISTS = 183
{
retVal = HttpDeleteServiceConfiguration(IntPtr.Zero,
HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo,
pInputConfigInfo,
Marshal.SizeOf(inputConfigInfoSet),
IntPtr.Zero);
TraceSource.WriteInfo(
PortAclUtility.TraceType,
"HttpDeleteServiceConfiguration(outer) completed with return value: {0}.",
retVal);
if ((uint)ERROR_FILE_NOT_FOUND == retVal)
{
// This means its possible that the URL is ACLed for the same port but different protocol (http/https)
// Try deleting ACL using the other protocol
var networkUrlInner = networkUrl.ToLower();
if (networkUrlInner.Contains("https"))
{
networkUrlInner = networkUrlInner.Replace("https", "http");
}
else
{
networkUrlInner = networkUrlInner.Replace("http", "https");
}
HTTP_SERVICE_CONFIG_URLACL_KEY keyDescInner = new HTTP_SERVICE_CONFIG_URLACL_KEY(networkUrlInner);
HTTP_SERVICE_CONFIG_URLACL_SET inputConfigInfoSetInner = new HTTP_SERVICE_CONFIG_URLACL_SET
{
KeyDesc = keyDescInner
};
IntPtr pInputConfigInfoInner = IntPtr.Zero;
try
{
pInputConfigInfoInner = Marshal.AllocCoTaskMem(Marshal.SizeOf(typeof(HTTP_SERVICE_CONFIG_URLACL_SET)));
Marshal.StructureToPtr(inputConfigInfoSetInner, pInputConfigInfoInner, false);
retVal = HttpDeleteServiceConfiguration(IntPtr.Zero,
HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo,
pInputConfigInfoInner,
Marshal.SizeOf(inputConfigInfoSetInner),
IntPtr.Zero);
TraceSource.WriteWarning(
PortAclUtility.TraceType,
"HttpDeleteServiceConfiguration(Inner) completed with return value: {0}.",
retVal);
}
finally
{
if (IntPtr.Zero != pInputConfigInfoInner)
{
Marshal.FreeCoTaskMem(pInputConfigInfoInner);
}
}
}
if ((uint)NOERROR == retVal)
{
retVal = HttpSetServiceConfiguration(IntPtr.Zero,
HTTP_SERVICE_CONFIG_ID.HttpServiceConfigUrlAclInfo,
pInputConfigInfo,
Marshal.SizeOf(inputConfigInfoSet),
IntPtr.Zero);
TraceSource.WriteInfo(
PortAclUtility.TraceType,
"HttpSetServiceConfiguration completed with return value: {0}.",
retVal);
}
}
Marshal.FreeCoTaskMem(pInputConfigInfo);
HttpTerminate(HTTP_INITIALIZE_CONFIG, IntPtr.Zero);
}
if ((uint)NOERROR != retVal)
{
TraceSource.WriteError(
PortAclUtility.TraceType,
"ReserveUrl failed with error: {0}.",
retVal);
throw new Win32Exception(Convert.ToInt32(retVal));
}
}
public static int Main(string[] args)
{
FabricEvents.ExtensionsEvents traceSource = new FabricEvents.ExtensionsEvents(FabricEvents.Tasks.BackupRestoreService);
int status = 0;
var codePackageActivationContext = FabricRuntime.GetActivationContext();
var configStore = NativeConfigStore.FabricGetConfigStore();
var serverAuthCredentialTypeName = configStore.ReadUnencryptedString(BackupRestoreContants.SecurityConfigSectionName, BackupRestoreContants.ServerAuthCredentialTypeName);
var serverAuthCredentialType = CredentialType.None;
EndpointResourceDescription endpoint = null;
try
{
endpoint = codePackageActivationContext.GetEndpoint(BackupRestoreContants.RestEndPointName);
}
catch (FabricElementNotFoundException)
{
traceSource.WriteWarning(TraceType, "Endpoint not found for EndpointName{0}", BackupRestoreContants.RestEndPointName);
throw;
}
if (!string.IsNullOrEmpty(serverAuthCredentialTypeName) && !Enum.TryParse(serverAuthCredentialTypeName, out serverAuthCredentialType))
{
traceSource.WriteWarning(TraceType, "Unable to convert configuration value serverAuthCredentialTypeName {0} for {1} type.", serverAuthCredentialTypeName, serverAuthCredentialType);
}
if (serverAuthCredentialType == CredentialType.X509 || serverAuthCredentialType == CredentialType.Claims)
{
// Get server auth details
var aclServerAuthX509StoreName = configStore.ReadUnencryptedString(BackupRestoreContants.FabricNodeConfigSectionName, BackupRestoreContants.ServerAuthX509StoreName);
var aclCertValueFindTypeName = configStore.ReadUnencryptedString(BackupRestoreContants.FabricNodeConfigSectionName, BackupRestoreContants.ServerAuthX509FindType);
var aclCertValue = configStore.ReadUnencryptedString(BackupRestoreContants.FabricNodeConfigSectionName, BackupRestoreContants.ServerAuthX509FindValue);
var aclCertValueSecondary = configStore.ReadUnencryptedString(BackupRestoreContants.FabricNodeConfigSectionName, BackupRestoreContants.ServerAuthX509FindValueSecondary);
var storeName = StoreName.My;
var x509FindType = X509FindType.FindByThumbprint;
X509Certificate2 certificate = null;
if (!string.IsNullOrEmpty(aclServerAuthX509StoreName) && !Enum.TryParse(aclServerAuthX509StoreName, out storeName))
{
traceSource.WriteWarning(TraceType, "Unable to Convert configuration aclServerAuthX509StoreName value {0} for {1} type.", aclServerAuthX509StoreName, storeName.GetType().ToString());
throw new InvalidEnumArgumentException(string.Format("Unable to Convert configuration aclCertValueFindTypeName value {0} for {1} type.", aclServerAuthX509StoreName, x509FindType.GetType()));
}
if (!string.IsNullOrEmpty(aclCertValueFindTypeName) && !Enum.TryParse(aclCertValueFindTypeName, out x509FindType))
{
traceSource.WriteWarning(TraceType, "Unable to Convert configuration aclCertValueFindTypeName value {0} for {1} type.", aclServerAuthX509StoreName, x509FindType.GetType().ToString());
throw new InvalidEnumArgumentException(string.Format("Unable to Convert configuration aclCertValueFindTypeName value {0} for {1} type.", aclServerAuthX509StoreName, x509FindType.GetType()));
}
if (!string.IsNullOrWhiteSpace(aclCertValue))
{
// Get certificate.
var store = new X509Store(storeName, StoreLocation.LocalMachine);
try
{
store.Open(OpenFlags.ReadOnly);
traceSource.WriteInfo(
TraceType,
"Finding applicable certificate for Acling. StoreName: {0}, StoreLocation: LocalMachine, X509FindType: {1}, X509FindValue: {2}.",
storeName,
x509FindType,
aclCertValue);
var certCollections = store.Certificates.Find(x509FindType, aclCertValue, false /*load self-signed cert*/);
if (certCollections.Count > 0)
{
certificate = certCollections[0];
}
else if (!string.IsNullOrWhiteSpace(aclCertValueSecondary))
{
traceSource.WriteInfo(
TraceType,
"Finding applicable certificate for Acling using Secondary cert config. StoreName: {0}, StoreLocation: LocalMachine, X509FindType: {1}, X509FindValue: {2}.",
storeName,
x509FindType,
aclCertValueSecondary);
var certCollectionsSecondary = store.Certificates.Find(x509FindType, aclCertValueSecondary, false /*load self-signed cert*/);
if (certCollectionsSecondary.Count > 0)
{
certificate = certCollectionsSecondary[0];
}
}
else
{
traceSource.WriteWarning(TraceType, "No matching certificate found. Thumbprint value: {0}, StoreName: {1}, StoreLocation: {2}", aclCertValue, aclServerAuthX509StoreName, StoreLocation.LocalMachine);
}
}
finally
{
store.Close();
}
}
else
{
traceSource.WriteWarning(TraceType, "Invalid configuration for certificate. Thumbprint value: {0}, StoreName: {1}, StoreLocation: {2}", aclCertValue, aclServerAuthX509StoreName, StoreLocation.LocalMachine);
}
if (certificate != null)
{
PortAclUtility.BindCertificate(endpoint.IpAddressOrFqdn, endpoint.Port, certificate.GetCertHash());
}
}
// Do URL ACLing
CodePackage codePackage = codePackageActivationContext.GetCodePackageObject("Code");
string daclString = "D:(A;;GX;;;NS)";
try
{
var runAsAccountName = configStore.ReadUnencryptedString(BackupRestoreContants.FabricNodeRunAsSectionName, BackupRestoreContants.RunAsAccountNameConfig);
if (!string.IsNullOrEmpty(runAsAccountName))
{
traceSource.WriteInfo(TraceType, "runAsAccountName for ACLing: {0} for CredentialType Windows", runAsAccountName);
daclString = GetAllowDaclFromUserName(runAsAccountName);
}
}
catch (IdentityNotMappedException ex)
{
traceSource.WriteWarning(TraceType, "Failed to resolve NTAccount: {0}, Exception: {1}", codePackage.EntryPointRunAsPolicy.UserName, ex);
throw;
}
catch (SystemException ex)
{
traceSource.WriteWarning(TraceType, "Failed to resolve NTAccount: {0}, Exception: {1}", codePackage.EntryPointRunAsPolicy.UserName, ex);
throw;
}
var fabricBrsSecuritySetting = SecuritySetting.GetClusterSecurityDetails();
var listeningAddress = String.Format(CultureInfo.InvariantCulture, "{0}://+:{1}/", fabricBrsSecuritySetting.EndpointProtocol, endpoint.Port);
traceSource.WriteInfo(TraceType, "ListeningAddress: {0} ,DaclString: {1} for ACLing", listeningAddress, daclString);
PortAclUtility.ReserveUrl(listeningAddress, daclString);
return(status);
}
