move sync to fasp

IBM · Feb 12, 2024 · bb0ebaf · bb0ebaf
1 parent bd49ff6
commit bb0ebaf
Show file tree

Hide file tree

Showing 4 changed files with 246 additions and 240 deletions.
diff --git a/lib/aspera/cli/plugins/node.rb b/lib/aspera/cli/plugins/node.rb
@@ -9,7 +9,6 @@
 require 'aspera/id_generator'
 require 'aspera/node'
 require 'aspera/aoc'
-require 'aspera/sync'
 require 'aspera/oauth'
 require 'aspera/node_simulator'
 require 'aspera/assert'

diff --git a/lib/aspera/cli/sync_actions.rb b/lib/aspera/cli/sync_actions.rb
@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
-require 'aspera/sync'
+require 'aspera/fasp/sync'
 require 'aspera/assert'
 
 module Aspera
   module Cli
     # Module for sync actions
     module SyncActions
       SIMPLE_ARGUMENTS_SYNC = {
-        direction:  Aspera::Sync::DIRECTIONS,
+        direction:  Aspera::Fasp::Sync::DIRECTIONS,
         local_dir:  String,
         remote_dir: String
       }.stringify_keys.freeze
@@ -51,15 +51,15 @@ def execute_sync_action(&block)
             async_params['sessions'].first.merge!(simple_session_args)
           end
           Log.log.debug{Log.dump('async_params', async_params)}
-          Aspera::Sync.start(async_params, &block)
+          Aspera::Fasp::Sync.start(async_params, &block)
           return Main.result_success
         when :admin
           command2 = options.get_next_command([:status])
           case command2
           when :status
             sync_session_name = options.get_next_argument('name of sync session', mandatory: false, type: String)
             async_params = options.get_option(:sync_info, mandatory: true)
-            return {type: :single_object, data: Aspera::Sync.admin_status(async_params, sync_session_name)}
+            return {type: :single_object, data: Aspera::Fasp::Sync.admin_status(async_params, sync_session_name)}
           end # command2
         end # command
       end # execute_action

diff --git a/lib/aspera/fasp/parameters.rb b/lib/aspera/fasp/parameters.rb
@@ -121,6 +121,45 @@ def file_list_folder=(v)
           TempFileManager.instance.cleanup_expired(@file_list_folder)
         end
 
+        def remote_certificates(builder, transfer_spec, options)
+          certificates_to_use = []
+          # use web socket secure for session ?
+          if builder.read_param('wss_enabled') && (options[:wss] || !transfer_spec.key?('fasp_port'))
+            # by default use web socket session if available, unless removed by user
+            builder.add_command_line_options(['--ws-connect'])
+            # TODO: option to give order ssh,ws (legacy http is implied by ssh)
+            # This will need to be cleaned up in aspera core
+            transfer_spec['ssh_port'] = builder.read_param('wss_port')
+            transfer_spec.delete('fasp_port')
+            transfer_spec.delete('EX_ssh_key_paths')
+            transfer_spec.delete('sshfp')
+            # ignore cert for wss ?
+            if options[:check_ignore]&.call(transfer_spec['remote_host'], transfer_spec['wss_port'])
+              wss_cert_file = TempFileManager.instance.new_file_path_global('wss_cert')
+              # initiate a session to retrieve remote certificate
+              http_session = Rest.start_http_session("https://#{transfer_spec['remote_host']}:#{transfer_spec['wss_port']}")
+              begin
+                # retrieve underlying openssl socket
+                File.write(wss_cert_file, Rest.io_http_session(http_session).io.peer_cert_chain.reverse.map(&:to_pem).join("\n"))
+              rescue
+                File.write(wss_cert_file, http_session.peer_cert.to_pem)
+              end
+              http_session.finish
+              certificates_to_use.push(wss_cert_file)
+            end
+            # set location for CA bundle to be the one of Ruby, see env var SSL_CERT_FILE / SSL_CERT_DIR
+            options[:trusted_certs]&.each {|file|certificates_to_use.push(file)}
+          else
+            # remove unused parameter (avoid warning)
+            transfer_spec.delete('wss_port')
+            # add SSH bypass keys when authentication is token and no auth is provided
+            if transfer_spec.key?('token') && !transfer_spec.key?('remote_password')
+              # transfer_spec['remote_password'] = Installation.instance.ssh_cert_uuid # not used: no passphrase
+              Installation.instance.aspera_token_ssh_key_paths.each { |path| certificates_to_use.push(path) }
+            end
+          end
+          return certificates_to_use
+        end
         # static methods
         attr_reader :file_list_folder
       end # self
@@ -205,44 +244,10 @@ def ascp_args
         # notify multi-session was already used, anyway it was deleted by agent direct
         assert(!@builder.read_param('multi_session'))
 
-        # use web socket secure for session ?
-        if @builder.read_param('wss_enabled') && (@options[:wss] || !@job_spec.key?('fasp_port'))
-          # by default use web socket session if available, unless removed by user
-          @builder.add_command_line_options(['--ws-connect'])
-          # TODO: option to give order ssh,ws (legacy http is implied by ssh)
-          # This will need to be cleaned up in aspera core
-          @job_spec['ssh_port'] = @builder.read_param('wss_port')
-          @job_spec.delete('fasp_port')
-          @job_spec.delete('EX_ssh_key_paths')
-          @job_spec.delete('sshfp')
-          # ignore cert for wss ?
-          if @options[:check_ignore]&.call(@job_spec['remote_host'], @job_spec['wss_port'])
-            wss_cert_file = TempFileManager.instance.new_file_path_global('wss_cert')
-            # initiate a session to retrieve remote certificate
-            http_session = Rest.start_http_session("https://#{@job_spec['remote_host']}:#{@job_spec['wss_port']}")
-            begin
-              # retrieve underlying openssl socket
-              File.write(wss_cert_file, Rest.io_http_session(http_session).io.peer_cert_chain.reverse.map(&:to_pem).join("\n"))
-            rescue
-              File.write(wss_cert_file, http_session.peer_cert.to_pem)
-            end
-            http_session.finish
-            env_args[:args].unshift('-i', wss_cert_file)
-            Log.log.debug{"CA certs for wss: remote cert: #{wss_cert_file}"}
-          end
-          # set location for CA bundle to be the one of Ruby, see env var SSL_CERT_FILE / SSL_CERT_DIR
-          @options[:trusted_certs]&.each do |file|
-            env_args[:args].unshift('-i', file)
-            Log.log.debug{"trusted certs for wss: #{file}"}
-          end
-        else
-          # remove unused parameter (avoid warning)
-          @job_spec.delete('wss_port')
-          # add SSH bypass keys when authentication is token and no auth is provided
-          if @job_spec.key?('token') && !@job_spec.key?('remote_password')
-            # @job_spec['remote_password'] = Installation.instance.ssh_cert_uuid # not used: no passphrase
-            Installation.instance.aspera_token_ssh_key_paths.each { |key| env_args[:args].unshift('-i', key) }
-          end
+        # add ssh or wss certificates
+        self.class.remote_certificates(@builder, @job_spec, @options).each do |cert|
+          Log.log.trace1{"adding certificate: #{cert}"}
+          env_args[:args].unshift('-i', cert)
         end
 
         # process parameters as specified in table