from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import Credential
from sfa.trust.gid import GID
+from sfa.trust.hierarchy import Hierarchy
def get_server(url=None, port=None, keyfile=None, certfile=None,verbose=False):
"""
cert.sign()
cert.save_to_file(certfile)
- registry = get_server(service_url = options.registry, keyfile=keyfile, certfile=certfile)
+ registry = get_server(url = registry, keyfile=keyfile, certfile=certfile)
registry.get_key()
def create_server_keypair(keyfile=None, certfile=None, hrn="component", verbose=False):
cert.sign()
cert.save_to_file(certfile, save_parents=True)
-def get_credential(registry=registry, verbose=False):
+def get_credential(registry=None, verbose=False):
config = Config()
hierarchy = Hierarchy()
key_dir= hierarchy.basedir
# get credential from registry
registry = get_server(url=registry, keyfile=keyfile, certfile=certfile)
+ cert = Certificate(filename=certfile)
cert_str = cert.save_to_string(save_parents=True)
cred = registry.get_self_credential(cert_str, 'node', hrn)
- Credential(string=cred).save_to_file(credfile)
+ Credential(string=cred).save_to_file(credfile, save_parents=True)
return cred
"""
# define useful variables
config = Config()
- data_dir = config.data_path
+ data_dir = config.SFA_DATA_DIR
+ config_dir = config.SFA_CONFIG_DIR
trusted_certs_dir = config.get_trustedroots_dir()
keyfile = data_dir + os.sep + "server.key"
certfile = data_dir + os.sep + "server.cert"
for gid_str in trusted_certs:
gid = GID(string=gid_str)
gid.decode()
- trusted_gid_names.append(gid.get_hrn())
- gid_filename = trusted_certs_dir + os.sep + gid.get_hrn() + ".gid"
+ relative_filename = gid.get_hrn() + ".gid"
+ trusted_gid_names.append(relative_filename)
+ gid_filename = trusted_certs_dir + os.sep + relative_filename
if verbose:
print "Writing GID for %s as %s" % (gid.get_hrn(), gid_filename)
gid.save_to_file(gid_filename, save_parents=True)
all_gids_names = os.listdir(trusted_certs_dir)
for gid_name in all_gids_names:
if gid_name not in trusted_gid_names:
+ if verbose:
+ print "Removing old gid ", gid_name
os.unlink(trusted_certs_dir + os.sep + gid_name)
def get_gids(registry=None, verbose=False):
# define useful variables
config = Config()
data_dir = config.data_path
+ config_dir = config.SFA_CONFIG_DIR
trusted_certs_dir = config.get_trustedroots_dir()
keyfile = data_dir + os.sep + "server.key"
certfile = data_dir + os.sep + "server.cert"
# get a list of slices on this node
from sfa.plc.api import ComponentAPI
api = ComponentAPI()
- slicenames = api.nodemanger.GetXIDs().keys()
- slicename_to_hrn = lambda name: ".".join([interface_hrn, name.replace('_', '.')])
- hrns = map(slicename_to_hrn, slicenames)
+ slicenames = api.nodemanager.GetXIDs().keys()
+ hrns = [misc.slicename_to_hrn(interface_hrn, slicename) for slicename in slicenames]
+
if verbose:
print "Getting gids for slices on this node from registry"
continue
# save the slice gid in /etc/sfa/ in the vservers filesystem
- vserver_path = "/vserver/%(slicename)s" % locals()
+ vserver_path = "/vservers/%(slicename)s" % locals()
gid = record['gid']
- slice_gid_filename = os.sep.join([vserver_path, config_dir, "slice.gid"])
+ slice_gid_filename = os.sep.join([vserver_path, "etc", "slice.gid"])
if verbose:
print "Saving GID for %(slicename)s as %(slice_gid_filename)s" % locals()
GID(string=gid).save_to_file(slice_gid_filename, save_parents=True)
# save the node gid in /etc/sfa
- node_gid_filename = os.sep.join([vserver_path, config_dir, "node.gid"])
+ node_gid_filename = os.sep.join([vserver_path, "etc", "node.gid"])
if verbose:
- print "Saving node GID for %(slicename)s as %(slice_gid_filename)s" % locals()
+ print "Saving node GID for %(slicename)s as %(node_gid_filename)s" % locals()
node_gid.save_to_file(node_gid_filename, save_parents=True)
create_default_dirs()
if options.key:
- if verbose:
+ if options.verbose:
print "Getting the component's pkey"
- get_node_key(options.registry, options.verbose)
+ get_node_key(registry=options.registry, verbose=options.verbose)
if options.certs:
if options.verbose:
print "Getting the component's trusted certs"
- get_certs(options.verbose)
+ get_trusted_certs(verbose=options.verbose)
if options.gids:
if options.verbose:
print "Geting the component's GIDs"
- get_gids(options.verbose)
+ get_gids(verbose=options.verbose)
def main():
args = sys.argv