import os, os.path
import tempfile
import traceback
+import socket
from types import StringTypes, ListType
from optparse import OptionParser
-
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import Credential
from sfa.util.geniclient import GeniClient
"slices": "",
"resources": "[name]",
"create": "name rspec",
+ "get_trusted_certs": "cred",
"get_ticket": "name rspec",
- "redeem_ticket": "ticket rspec"
+ "redeem_ticket": "ticket",
"delete": "name",
"reset": "name",
"start": "name",
def get_key_file(self):
- file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
+ file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
+ #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
if (os.path.isfile(file)):
return file
else:
def get_cert_file(self,key_file):
- file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
+ #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
+ file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
if (os.path.isfile(file)):
return file
else:
return file
def get_gid(self):
- file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
+ #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
+ file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
if (os.path.isfile(file)):
gid = GID(filename=file)
return gid
return gid
def get_user_cred(self):
- file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
+ #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
+ file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
if (os.path.isfile(file)):
user_cred = Credential(filename=file)
return user_cred
request_hash=None
if self.hashrequest:
request_hash = self.key.compute_hash([cert_string, "user", self.user])
+ user_name=self.user.replace(self.authority+".", '')
+ if user_name.count(".") > 0:
+ user_name = user_name.replace(".", '_')
+ self.user=self.authority + "." + user_name
user_cred = self.registry.get_self_credential(cert_string, "user", self.user, request_hash)
if user_cred:
cred = Credential(string=user_cred)
arg_list = [cred]
request_hash = self.key.compute_hash(arg_list)
return self.registry.update(cred, record, request_hash)
-
-
+
+ def get_trusted_certs(self, opts, args):
+ """
+ return the trusted certs at this interface
+ """
+ trusted_certs = self.registry.get_trusted_certs()
+ for trusted_cert in trusted_certs:
+ cert = Certificate(string=trusted_cert)
+ print cert.get_subject()
+ return
+
def aggregates(self, opts, args):
"""
return a list of details about known aggregates
display_list(result)
return
- def components(self, opts, args):
- """
- return a list of details about known components
- """
- user_cred = self.get_user_cred().save_to_string(save_parents=True)
- hrn = None
- if args:
- hrn = args[0]
- request_hash=None
- if self.hashrequest:
- arg_list = [user_cred, hrn]
- request_hash = self.key.compute_hash(arg_list)
- result = self.sm.components(user_cred, hrn, request_hash)
- display_list(result)
- return
#
# Slice-related commands
server = self.slicemgr
if opts.aggregate:
agg_hrn = opts.aggregate
- arg_list = [user_cred, arg_hrn]
+ arg_list = [user_cred, agg_hrn]
request_hash = self.key.compute_hash(arg_list)
aggregates = self.registry.get_aggregates(user_cred, agg_hrn, request_hash)
if not aggregates:
print "writing ticket to ", file
ticket = SfaTicket(string=ticket_string)
ticket.save_to_file(filename=file, save_parents=True)
- print ticket_string
def redeem_ticket(self, opts, args):
+ ticket_file = args[0]
+
+ # get slice hrn from the ticket
+ # use this to get the right slice credential
+ ticket = SfaTicket(filename=ticket_file)
+ ticket.decode()
+ slice_hrn = ticket.attributes['slivers'][0]['hrn']
+ user_cred = self.get_user_cred()
+ slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+
+ # get a list node hostnames from the nodespecs in the rspec
+ rspec = RSpec()
+ rspec.parseString(ticket.rspec)
+ nodespecs = rspec.getDictsByTagName('NodeSpec')
+ hostnames = [nodespec['name'] for nodespec in nodespecs]
+
+ # create an xmlrpc connection to the component manager at each of these
+ # components and gall redeem_ticket
+ connections = {}
+ for hostname in hostnames:
+ try:
+ cm_port = "12346"
+ url = "https://%(hostname)s:%(cm_port)s" % locals()
+ print "Calling get_ticket at %(url)s " % locals(),
+ cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
+ cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
+ print "Success"
+ except socket.gaierror:
+ print "Failed:",
+ print "Componet Manager not accepting requests"
+ except Exception, e:
+ print "Failed:", e.message
+
return
# delete named slice