X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=clientbin%2Fsfadump.py;h=fb654e79d6c50f1267570f306841e2585bf0e7b0;hb=ecc85e0b923922cf7117d29b380f5284edb88f21;hp=59dd38c50a04dace58d72146c92b987945e205a1;hpb=a0b08c3177b6273ad22f3882cd62495743ed404c;p=sfa.git

diff --git a/clientbin/sfadump.py b/clientbin/sfadump.py
index 59dd38c5..fb654e79 100755
--- a/clientbin/sfadump.py
+++ b/clientbin/sfadump.py
@@ -5,15 +5,16 @@ import sys
 import os, os.path
 import tempfile
 from types import StringTypes, ListType
-from optparse import OptionParser
+from argparse import ArgumentParser
 
 from sfa.util.sfalogging import logger
+from sfa.util.faults import CredentialNotVerifiable, CertMissingParent #, ChildRightsNotSubsetOfParent
 
 from sfa.trust.certificate import Certificate
 from sfa.trust.credential import Credential
 from sfa.trust.gid import GID
 
-from sfa.storage.record import SfaRecord
+from sfa.storage.record import Record
 
 def determine_sfa_filekind(fn):
 
@@ -73,49 +74,69 @@ def extract_gids(cred, extract_parents):
 #       if parent:
 #           extract_gids(parent, extract_parents)
 
+def verify_input_object (obj, kind, options):
+    if options.trusted_roots:
+        print "CHECKING...",
+        message= "against [" + (" + ".join(options.trusted_roots)) + "]"
+        try:
+            if kind=='credential':
+                print "verify",message,
+                obj.verify(options.trusted_roots)
+            elif kind in ['certificate','gid']:
+                print "verify_chain",message,
+                obj.verify_chain(options.trusted_roots)
+            print "--> OK"
+        except Exception as inst:
+            print "--> KO",type(inst).__name__
+
 def handle_input (filename, options):
     kind = determine_sfa_filekind(filename)
-    handle_input_kind (filename,options,kind)
-
-def handle_input_kind (filename, options, kind):
-    
 
-# dump methods current do 'print' so let's go this road for now
+    # dump methods current do 'print' so let's go this road for now
     if kind=="certificate":
         cert=Certificate (filename=filename)
         print '--------------------',filename,'IS A',kind
         cert.dump(show_extensions=options.show_extensions)
+        verify_input_object (cert, kind, options)
     elif kind=="credential":
         cred = Credential(filename = filename)
         print '--------------------',filename,'IS A',kind
-        cred.dump(dump_parents = options.dump_parents)
+        cred.dump(dump_parents = options.dump_parents, show_xml=options.show_xml)
         if options.extract_gids:
-            print '--------------------',filename,'embedded GIDS'
+            print '--------------------',filename,'embedded GIDs'
             extract_gids(cred, extract_parents = options.dump_parents)
+        verify_input_object (cred, kind, options)
     elif kind=="gid":
         gid = GID(filename = filename)
         print '--------------------',filename,'IS A',kind
         gid.dump(dump_parents = options.dump_parents)
+        verify_input_object (gid, kind, options)
     else:
         print "%s: unknown filekind '%s'"% (filename,kind)
 
 def main():
-    usage = """%prog file1 [ .. filen]
+    usage = """%(prog)s file1 [ .. filen]
 display info on input files"""
-    parser = OptionParser(usage=usage)
-
-    parser.add_option("-g", "--extract-gids", action="store_true", dest="extract_gids", default=False, help="Extract GIDs from credentials")
-    parser.add_option("-p", "--dump-parents", action="store_true", dest="dump_parents", default=False, help="Show parents")
-    parser.add_option("-e", "--extensions", action="store_true", dest="show_extensions", default="False", help="Show certificate extensions")
-    parser.add_option("-v", "--verbose", action='count', dest='verbose', default=0)
-    (options, args) = parser.parse_args()
+    parser = ArgumentParser(usage=usage)
+
+    parser.add_argument("-g", "--extract-gids", action="store_true", dest="extract_gids", 
+                        default=False, help="Extract GIDs from credentials")
+    parser.add_argument("-p", "--dump-parents", action="store_true", dest="dump_parents", 
+                        default=False, help="Show parents")
+    parser.add_argument("-e", "--extensions", action="store_true", 
+                        dest="show_extensions", default="False", help="Show certificate extensions")
+    parser.add_argument("-v", "--verbose", action='count', 
+                        dest='verbose', default=0, help="More and more verbose")
+    parser.add_argument("-x", "--xml", action='store_true', 
+                        dest='show_xml', default=False, help="dumps xml tree (cred. only)")
+    parser.add_argument("-c", "--check", action='append', dest='trusted_roots',
+                        help="cumulative list of trusted GIDs - when provided, the input is verify'ed against these")
+    parser.add_argument("filenames",metavar='F',nargs='+',help="filenames to dump")
+    options = parser.parse_args()
 
     logger.setLevelFromOptVerbose(options.verbose)
-    if len(args) <= 0:
-        parser.print_help()
-        sys.exit(1)
-    for f in args: 
-        handle_input(f,options)
+    for filename in options.filenames: 
+        handle_input(filename,options)
 
 if __name__=="__main__":
    main()