#!/usr/bin/python -tt
# vim:set ts=4 sw=4 expandtab:
#
-# $Id$
-# $URL$
-#
# NodeManager plugin for installing SFA GID's in slivers
#
sys.path.append('/usr/share/NodeManager')
import logger
import traceback
+import tempfile
try:
from sfa.util.namespace import *
- from sfa.util.config import Config
+ from sfa.util.config import Config as SfaConfig
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import Credential
logger.log("sfagid: plugin starting up ...")
if not sfa:
return
- keyfile, certfile = get_keypair(None)
- api = ComponentAPI(key_file=keyfile, cert_file=certfile)
- api.get_node_key()
+ try:
+ keyfile, certfile = get_keypair(None)
+ api = ComponentAPI(key_file=keyfile, cert_file=certfile)
+ api.get_node_key()
+ except:
+ return
def GetSlivers(data, config=None, plc=None):
if not sfa:
os.unlink(trusted_certs_dir + os.sep + gid_name)
+
+
def get_keypair(config = None):
if not config:
- config = Config()
+ config = SfaConfig()
hierarchy = Hierarchy()
key_dir= hierarchy.basedir
data_dir = config.data_path
if os.path.exists(keyfile) and os.path.exists(certfile):
return (keyfile, certfile)
- # create server key and certificate
- key = Keypair(filename=node_pkey_file)
+ # create temp keypair server key and certificate
+ (_, tmp_keyfile) = tempfile.mkstemp(suffix='.pkey', prefix='tmpkey', dir='/tmp')
+ (_, tmp_certfile) = tempfile.mkstemp(suffix='.cert', prefix='tmpcert', dir='/tmp')
+ tmp_key = Keypair(create=True)
+ tmp_key.save_to_file(tmp_keyfile)
+ tmp_cert = Certificate(subject='subject')
+ tmp_cert.set_issuer(key=tmp_key, subject='subject')
+ tmp_cert.set_pubkey(tmp_key)
+ tmp_cert.save_to_file(tmp_certfile, save_parents=True)
+
+ # request real pkey from registry
+ api = ComponentAPI(key_file=tmp_keyfile, cert_file=tmp_certfile)
+ registry = api.get_registry()
+ registry.get_key()
+ key = Keypair(filename=keyfile)
cert = Certificate(subject=hrn)
cert.set_issuer(key=key, subject=hrn)
cert.set_pubkey(key)