git://git.onelab.eu
/
sfa.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
2to3 -f except
[sfa.git]
/
sfa
/
trust
/
credential.py
diff --git
a/sfa/trust/credential.py
b/sfa/trust/credential.py
index
4c56318
..
37af67b
100644
(file)
--- a/
sfa/trust/credential.py
+++ b/
sfa/trust/credential.py
@@
-26,6
+26,8
@@
# Credentials are signed XML files that assign a subject gid privileges to an object gid
##
# Credentials are signed XML files that assign a subject gid privileges to an object gid
##
+from __future__ import print_function
+
import os, os.path
import subprocess
from types import StringTypes
import os, os.path
import subprocess
from types import StringTypes
@@
-181,21
+183,27
@@
class Signature(object):
self.gid = gid
def decode(self):
self.gid = gid
def decode(self):
+ # Helper function to pull characters off the front of a string if present
+ def remove_prefix(text, prefix):
+ if text and prefix and text.startswith(prefix):
+ return text[len(prefix):]
+ return text
+
try:
doc = parseString(self.xml)
try:
doc = parseString(self.xml)
- except ExpatError
,
e:
+ except ExpatError
as
e:
logger.log_exc ("Failed to parse credential, %s"%self.xml)
raise
sig = doc.getElementsByTagName("Signature")[0]
## This code until the end of function rewritten by Aaron Helsinger
logger.log_exc ("Failed to parse credential, %s"%self.xml)
raise
sig = doc.getElementsByTagName("Signature")[0]
## This code until the end of function rewritten by Aaron Helsinger
- ref_id =
sig.getAttribute("xml:id").strip().strip(
"Sig_")
+ ref_id =
remove_prefix(sig.getAttribute("xml:id").strip(),
"Sig_")
# The xml:id tag is optional, and could be in a
# Reference xml:id or Reference UID sub element instead
if not ref_id or ref_id == '':
reference = sig.getElementsByTagName('Reference')[0]
# The xml:id tag is optional, and could be in a
# Reference xml:id or Reference UID sub element instead
if not ref_id or ref_id == '':
reference = sig.getElementsByTagName('Reference')[0]
- ref_id = re
ference.getAttribute('xml:id').strip().strip('Sig_'
)
+ ref_id = re
move_prefix(reference.getAttribute('xml:id').strip(), "Sig_"
)
if not ref_id or ref_id == '':
if not ref_id or ref_id == '':
- ref_id = re
ference.getAttribute('URI').strip().strip('#'
)
+ ref_id = re
move_prefix(reference.getAttribute('URI').strip(), "#"
)
self.set_refid(ref_id)
keyinfos = sig.getElementsByTagName("X509Data")
gids = None
self.set_refid(ref_id)
keyinfos = sig.getElementsByTagName("X509Data")
gids = None
@@
-722,7
+730,7
@@
class Credential(object):
doc = None
try:
doc = parseString(self.xml)
doc = None
try:
doc = parseString(self.xml)
- except ExpatError
,
e:
+ except ExpatError
as
e:
raise CredentialNotVerifiable("Malformed credential")
doc = parseString(self.xml)
sigs = []
raise CredentialNotVerifiable("Malformed credential")
doc = parseString(self.xml)
sigs = []
@@
-852,7
+860,7
@@
class Credential(object):
# or non PEM files
trusted_cert_objects.append(GID(filename=f))
ok_trusted_certs.append(f)
# or non PEM files
trusted_cert_objects.append(GID(filename=f))
ok_trusted_certs.append(f)
- except Exception
,
exc:
+ except Exception
as
exc:
logger.error("Failed to load trusted cert from %s: %r"%( f, exc))
trusted_certs = ok_trusted_certs
logger.error("Failed to load trusted cert from %s: %r"%( f, exc))
trusted_certs = ok_trusted_certs
@@
-893,7
+901,7
@@
class Credential(object):
#cert_args = " ".join(['--trusted-pem %s' % x for x in trusted_certs])
#command = '{} --verify --node-id "{}" {} {} 2>&1'.\
# format(self.xmlsec_path, ref, cert_args, filename)
#cert_args = " ".join(['--trusted-pem %s' % x for x in trusted_certs])
#command = '{} --verify --node-id "{}" {} {} 2>&1'.\
# format(self.xmlsec_path, ref, cert_args, filename)
- xmlsec1 =
cred
.get_xmlsec1_path()
+ xmlsec1 =
self
.get_xmlsec1_path()
if not xmlsec1:
raise Exception("Could not locate required 'xmlsec1' program")
command = [ xmlsec1, '--verify', '--node-id', ref ]
if not xmlsec1:
raise Exception("Could not locate required 'xmlsec1' program")
command = [ xmlsec1, '--verify', '--node-id', ref ]
@@
-1148,7
+1156,7
@@
class Credential(object):
#
# @param dump_parents If true, also dump the parent certificates
def dump (self, *args, **kwargs):
#
# @param dump_parents If true, also dump the parent certificates
def dump (self, *args, **kwargs):
- print
self.dump_string(*args, **kwargs
)
+ print
(self.dump_string(*args, **kwargs)
)
# SFA code ignores show_xml and disables printing the cred xml
def dump_string(self, dump_parents=False, show_xml=False):
# SFA code ignores show_xml and disables printing the cred xml
def dump_string(self, dump_parents=False, show_xml=False):
@@
-1191,7
+1199,7
@@
class Credential(object):
result += "\nEnd XML\n"
except:
import traceback
result += "\nEnd XML\n"
except:
import traceback
- print
"exc. Credential.dump_string / XML"
+ print
("exc. Credential.dump_string / XML")
traceback.print_exc()
return result
traceback.print_exc()
return result