git://git.onelab.eu
/
sfa.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
rename xmlrpcprotocol into sfaprotocol
[sfa.git]
/
sfa
/
server
/
sfa-start.py
diff --git
a/sfa/server/sfa-start.py
b/sfa/server/sfa-start.py
index
abe8c00
..
4f72b67
100755
(executable)
--- a/
sfa/server/sfa-start.py
+++ b/
sfa/server/sfa-start.py
@@
-39,8
+39,8
@@
from optparse import OptionParser
from sfa.util.sfalogging import logger
from sfa.util.xrn import get_authority, hrn_to_urn
from sfa.util.config import Config
from sfa.util.sfalogging import logger
from sfa.util.xrn import get_authority, hrn_to_urn
from sfa.util.config import Config
-import sfa.client.xmlrpcprotocol as xmlrpcprotocol
-
+from sfa.trust.gid import GID
+from sfa.trust.trustedroots import TrustedRoots
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
@@
-60,7
+60,10
@@
def daemon():
devnull = os.open(os.devnull, os.O_RDWR)
os.dup2(devnull, 0)
# xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
devnull = os.open(os.devnull, os.O_RDWR)
os.dup2(devnull, 0)
# xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
- crashlog = os.open('/var/log/httpd/sfa_access_log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+ logdir='/var/log/httpd'
+ # when installed in standalone we might not have httpd installed
+ if not os.path.isdir(logdir): os.mkdir('/var/log/httpd')
+ crashlog = os.open('%s/sfa_access_log'%logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
os.dup2(crashlog, 1)
os.dup2(crashlog, 2)
os.dup2(crashlog, 1)
os.dup2(crashlog, 2)
@@
-132,8
+135,8
@@
def update_cert_records(gids):
Removes old records from the db.
"""
# import SfaTable here so this module can be loaded by PlcComponentApi
Removes old records from the db.
"""
# import SfaTable here so this module can be loaded by PlcComponentApi
- from sfa.
util
.table import SfaTable
- from sfa.
util
.record import SfaRecord
+ from sfa.
storage
.table import SfaTable
+ from sfa.
storage
.record import SfaRecord
if not gids:
return
table = SfaTable()
if not gids:
return
table = SfaTable()
@@
-185,10
+188,13
@@
def main():
# ge the server's key and cert
hierarchy = Hierarchy()
# ge the server's key and cert
hierarchy = Hierarchy()
- auth_info = hierarchy.get_interface_auth_info()
+ auth_info = hierarchy.get_interface_auth_info()
server_key_file = auth_info.get_privkey_filename()
server_cert_file = auth_info.get_gid_filename()
server_key_file = auth_info.get_privkey_filename()
server_cert_file = auth_info.get_gid_filename()
+ # ensure interface cert is present in trusted roots dir
+ trusted_roots = TrustedRoots(config.get_trustedroots_dir())
+ trusted_roots.add_gid(GID(filename=server_cert_file))
if (options.daemon): daemon()
if options.trusted_certs:
if (options.daemon): daemon()
if options.trusted_certs: