Authenticate with the master, this method breaks the functional paradigm, it will update the master information from a fresh sign in, signing in can occur as often as needed to keep up with the revolving master AES key. :rtype: Crypticle :returns: A
(self)
| 1063 | return future |
| 1064 | |
| 1065 | async def _authenticate(self): |
| 1066 | """ |
| 1067 | Authenticate with the master, this method breaks the functional |
| 1068 | paradigm, it will update the master information from a fresh sign |
| 1069 | in, signing in can occur as often as needed to keep up with the |
| 1070 | revolving master AES key. |
| 1071 | |
| 1072 | :rtype: Crypticle |
| 1073 | :returns: A crypticle used for encryption operations |
| 1074 | """ |
| 1075 | acceptance_wait_time = self.opts["acceptance_wait_time"] |
| 1076 | acceptance_wait_time_max = self.opts["acceptance_wait_time_max"] |
| 1077 | if not acceptance_wait_time_max: |
| 1078 | acceptance_wait_time_max = acceptance_wait_time |
| 1079 | creds = None |
| 1080 | |
| 1081 | with salt.channel.client.AsyncReqChannel.factory( |
| 1082 | self.opts, crypt="clear", io_loop=self.io_loop |
| 1083 | ) as channel: |
| 1084 | error = None |
| 1085 | attempts = 0 |
| 1086 | # ``auth_retries`` caps the outer retry loop introduced for |
| 1087 | # issue #69442. It defaults to ``0`` which preserves the |
| 1088 | # pre-3006.26 behavior of retrying forever; set it to a |
| 1089 | # positive integer to bail out with ``SaltClientError`` after |
| 1090 | # that many attempts. This is intentionally opt-in on the |
| 1091 | # 3006.x LTS branch so an upgrade does not silently change |
| 1092 | # failure modes for long-disconnected minions. |
| 1093 | auth_retries = self.opts.get("auth_retries", 0) |
| 1094 | while True: |
| 1095 | # Give up a little time between connection attempts |
| 1096 | # to allow the IOLoop to run any other scheduled tasks. |
| 1097 | await asyncio.sleep(0.1) |
| 1098 | attempts += 1 |
| 1099 | try: |
| 1100 | creds = await self.sign_in(channel=channel) |
| 1101 | except SaltClientError as exc: |
| 1102 | error = exc |
| 1103 | break |
| 1104 | if creds == "retry": |
| 1105 | if self.opts.get("detect_mode") is True: |
| 1106 | error = SaltClientError("Detect mode is on") |
| 1107 | break |
| 1108 | if auth_retries > 0 and attempts >= auth_retries: |
| 1109 | error = SaltClientError( |
| 1110 | f"Failed to authenticate with the master after {attempts} attempts" |
| 1111 | ) |
| 1112 | break |
| 1113 | if self.opts.get("caller"): |
| 1114 | # We have a list of masters, so we should break |
| 1115 | # and try the next one in the list. |
| 1116 | if self.opts.get("local_masters", None): |
| 1117 | error = SaltClientError( |
| 1118 | "Minion failed to authenticate" |
| 1119 | " with the master, has the " |
| 1120 | "minion key been accepted?" |
| 1121 | ) |
| 1122 | break |