X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=plugins%2Fsfagids.py;h=a3e1813824369f7991f261def7731a45462f88ff;hb=48a73b18fd7daed13c645c1adeddb57b560e7a2d;hp=08e3b070f0ace909dd1f2aa6fe2d7562a49b8db5;hpb=cc9ccfb4f0c82ba596a0176c161cac6ed2ab4561;p=nodemanager.git

diff --git a/plugins/sfagids.py b/plugins/sfagids.py
index 08e3b07..a3e1813 100644
--- a/plugins/sfagids.py
+++ b/plugins/sfagids.py
@@ -1,24 +1,24 @@
 #!/usr/bin/python -tt
 # vim:set ts=4 sw=4 expandtab:
 #
-# $Id$
-# $URL$
-#
 # NodeManager plugin for installing SFA GID's in slivers
 # 
 
 import os
+import sys
+sys.path.append('/usr/share/NodeManager')
 import logger
+import traceback
+import tempfile
 try:
     from sfa.util.namespace import *
-    from sfa.util.config import Config
+    from sfa.util.config import Config as SfaConfig
     import sfa.util.xmlrpcprotocol as xmlrpcprotocol
     from sfa.trust.certificate import Keypair, Certificate
     from sfa.trust.credential import Credential
     from sfa.trust.gid import GID
     from sfa.trust.hierarchy import Hierarchy
-
-    from sfa.plc.api import SfaAPI
+    from sfa.plc.api import ComponentAPI
     sfa = True      
 except:
     sfa = None
@@ -27,22 +27,26 @@ def start():
     logger.log("sfagid: plugin starting up ...")
     if not sfa:
         return
-    api = ComponentAPI()
-    api.get_node_key()
+    try:
+        keyfile, certfile = get_keypair(None)
+        api = ComponentAPI(key_file=keyfile, cert_file=certfile)
+        api.get_node_key()
+    except:
+        return
 
 def GetSlivers(data, config=None, plc=None):
     if not sfa:
         return 
 
     keyfile, certfile = get_keypair(config)
-    api = ComponentAPI(keyfile=keyfile, certfile=certfile)
+    api = ComponentAPI(key_file=keyfile, cert_file=certfile)
     slivers = [sliver['name'] for sliver in data['slivers']]
     install_gids(api, slivers)
     install_trusted_certs(api)
     
 def install_gids(api, slivers):
     # install node gid
-    node_gid_path = config_dir + os.sep + "node.gid"
+    node_gid_file = api.config.config_path + os.sep + "node.gid"
     node_gid = GID(filename=node_gid_file)
     node_gid_str = node_gid.save_to_string(save_parents=True)    
     node_hrn = node_gid.get_hrn()    
@@ -51,7 +55,7 @@ def install_gids(api, slivers):
     interface_hrn = api.config.SFA_INTERFACE_HRN
     slice_gids = {}
     node_gids = {}
-    for sliver in slivers:
+    for slicename in slivers:
         slice_gid_filename = "/vservers/%s/etc/slice.gid" % slicename
         node_gid_filename = "/vservers/%s/etc/node.gid" % slicename
         if os.path.isfile(slice_gid_filename):
@@ -70,7 +74,8 @@ def install_gids(api, slivers):
     # get current gids from registry
     cred = api.getCredential()
     registry = api.get_registry()
-    records = registry.GetGids(cred, hrns)
+    #records = registry.GetGids(cred, hrns)
+    records = registry.get_gids(cred, hrns)
     for record in records:
         # skip if this isnt a slice record 
         if not record['type'] == 'slice':
@@ -104,7 +109,7 @@ def install_trusted_certs(api):
         trusted_gid_names.append(relative_filename)
         gid_filename = trusted_certs_dir + os.sep + relative_filename
         if verbose:
-            print "Writing GID for %s as %s" % (gid.get_hrn(), gid_filename)
+            print("Writing GID for %s as %s" % (gid.get_hrn(), gid_filename))
         gid.save_to_file(gid_filename, save_parents=True)
 
     # remove old certs
@@ -112,13 +117,15 @@ def install_trusted_certs(api):
     for gid_name in all_gids_names:
         if gid_name not in trusted_gid_names:
             if verbose:
-                print "Removing old gid ", gid_name
+                print("Removing old gid ", gid_name)
             os.unlink(trusted_certs_dir + os.sep + gid_name)
     
 
+
+
 def get_keypair(config = None):
     if not config:
-        config = Config()
+        config = SfaConfig()
     hierarchy = Hierarchy()
     key_dir= hierarchy.basedir
     data_dir = config.data_path
@@ -129,8 +136,21 @@ def get_keypair(config = None):
     if os.path.exists(keyfile) and os.path.exists(certfile):
         return (keyfile, certfile)
 
-    # create server key and certificate
-    key = Keypair(filename=node_pkey_file)
+    # create temp keypair server key and certificate
+    (_, tmp_keyfile) = tempfile.mkstemp(suffix='.pkey', prefix='tmpkey', dir='/tmp')
+    (_, tmp_certfile) = tempfile.mkstemp(suffix='.cert', prefix='tmpcert', dir='/tmp') 
+    tmp_key = Keypair(create=True)
+    tmp_key.save_to_file(tmp_keyfile)
+    tmp_cert = Certificate(subject='subject')
+    tmp_cert.set_issuer(key=tmp_key, subject='subject')
+    tmp_cert.set_pubkey(tmp_key)
+    tmp_cert.save_to_file(tmp_certfile, save_parents=True)
+
+    # request real pkey from registry
+    api = ComponentAPI(key_file=tmp_keyfile, cert_file=tmp_certfile)
+    registry = api.get_registry()
+    registry.get_key()
+    key = Keypair(filename=keyfile)
     cert = Certificate(subject=hrn)
     cert.set_issuer(key=key, subject=hrn)
     cert.set_pubkey(key)