X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=plugins%2Fsfagids.py;h=21ea58180c4429485b8a7b7ba24b5d7df9ae1832;hb=570d234b7d7b40416b296de71225f28c826ee991;hp=28d9aa77b14901c92d8449c240cc79b5941593c6;hpb=477f31a547a9cb420fe99b8ca0b9d52f273d880e;p=nodemanager.git

diff --git a/plugins/sfagids.py b/plugins/sfagids.py
index 28d9aa7..21ea581 100644
--- a/plugins/sfagids.py
+++ b/plugins/sfagids.py
@@ -1,9 +1,6 @@
 #!/usr/bin/python -tt
 # vim:set ts=4 sw=4 expandtab:
 #
-# $Id$
-# $URL$
-#
 # NodeManager plugin for installing SFA GID's in slivers
 # 
 
@@ -12,9 +9,10 @@ import sys
 sys.path.append('/usr/share/NodeManager')
 import logger
 import traceback
+import tempfile
 try:
     from sfa.util.namespace import *
-    from sfa.util.config import Config
+    from sfa.util.config import Config as SfaConfig
     import sfa.util.xmlrpcprotocol as xmlrpcprotocol
     from sfa.trust.certificate import Keypair, Certificate
     from sfa.trust.credential import Credential
@@ -29,9 +27,12 @@ def start():
     logger.log("sfagid: plugin starting up ...")
     if not sfa:
         return
-    keyfile, certfile = get_keypair(None)
-    api = ComponentAPI(key_file=keyfile, cert_file=certfile)
-    api.get_node_key()
+    try:
+        keyfile, certfile = get_keypair(None)
+        api = ComponentAPI(key_file=keyfile, cert_file=certfile)
+        api.get_node_key()
+    except:
+        return
 
 def GetSlivers(data, config=None, plc=None):
     if not sfa:
@@ -120,9 +121,11 @@ def install_trusted_certs(api):
             os.unlink(trusted_certs_dir + os.sep + gid_name)
     
 
+
+
 def get_keypair(config = None):
     if not config:
-        config = Config()
+        config = SfaConfig()
     hierarchy = Hierarchy()
     key_dir= hierarchy.basedir
     data_dir = config.data_path
@@ -133,8 +136,21 @@ def get_keypair(config = None):
     if os.path.exists(keyfile) and os.path.exists(certfile):
         return (keyfile, certfile)
 
-    # create server key and certificate
-    key = Keypair(filename=node_pkey_file)
+    # create temp keypair server key and certificate
+    (_, tmp_keyfile) = tempfile.mkstemp(suffix='.pkey', prefix='tmpkey', dir='/tmp')
+    (_, tmp_certfile) = tempfile.mkstemp(suffix='.cert', prefix='tmpcert', dir='/tmp') 
+    tmp_key = Keypair(create=True)
+    tmp_key.save_to_file(tmp_keyfile)
+    tmp_cert = Certificate(subject='subject')
+    tmp_cert.set_issuer(key=tmp_key, subject='subject')
+    tmp_cert.set_pubkey(tmp_key)
+    tmp_cert.save_to_file(tmp_certfile, save_parents=True)
+
+    # request real pkey from registry
+    api = ComponentAPI(key_file=tmp_keyfile, cert_file=tmp_certfile)
+    registry = api.get_registry()
+    registry.get_key()
+    key = Keypair(filename=keyfile)
     cert = Certificate(subject=hrn)
     cert.set_issuer(key=key, subject=hrn)
     cert.set_pubkey(key)