X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfi.py;h=b3dbf35ee8aa4790efa730adc6828e043034889c;hb=73b163a7ea35209e0675a7c7cef367946928a96f;hp=c93449fbbd76c2c155bb37946e75b29c900801b8;hpb=49d6c2d9783c1037564f60430c5341bd7385fb1f;p=sfa.git diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py index c93449fb..b3dbf35e 100755 --- a/sfa/client/sfi.py +++ b/sfa/client/sfi.py @@ -13,10 +13,9 @@ from sfa.trust.certificate import Keypair, Certificate from sfa.trust.credential import Credential from sfa.util.geniclient import GeniClient from sfa.util.record import * -from sfa.util.rspec import Rspec +from sfa.util.rspec import RSpec from sfa.util.xmlrpcprotocol import ServerException import sfa.util.xmlrpcprotocol as xmlrpcprotocol -import sfa.util.soapprotocol as soapprotocol from sfa.util.config import Config class Sfi: @@ -95,9 +94,10 @@ class Sfi: self.cert_file = cert_file self.cert = Certificate(filename=cert_file) # Establish connection to server(s) - self.slicemgr = GeniClient(sm_url, key_file, cert_file, self.options.protocol) + #self.slicemgr = GeniClient(sm_url, key_file, cert_file, self.options.protocol) #self.registry = GeniClient(reg_url, key_file, cert_file, self.options.protocol) self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file) + self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file) return # @@ -158,23 +158,24 @@ class Sfi: return gid def get_user_cred(self): - file = os.path.join(self.options.sfi_dir, self.get_leaf(self.user) + ".cred") - if (os.path.isfile(file)): - user_cred = Credential(filename=file) - return user_cred - else: - # bootstrap user credential - request_hash = self.key.compute_hash([None, "user", self.user]) - user_cred = self.registry.get_credential(None, "user", self.user, request_hash) - if user_cred: - cred = Credential(string=user_cred) - cred.save_to_file(file, save_parents=True) - if self.options.verbose: - print "Writing user credential to", file - return cred - else: - print "Failed to get user credential" - sys.exit(-1) + file = os.path.join(self.options.sfi_dir, self.get_leaf(self.user) + ".cred") + if (os.path.isfile(file)): + user_cred = Credential(filename=file) + return user_cred + else: + # bootstrap user credential + cert_string = self.cert.save_to_string(save_parents=True) + request_hash = self.key.compute_hash([cert_string, "user", self.user]) + user_cred = self.registry.get_self_credential(cert_string, "user", self.user, request_hash) + if user_cred: + cred = Credential(string=user_cred) + cred.save_to_file(file, save_parents=True) + if self.options.verbose: + print "Writing user credential to", file + return cred + else: + print "Failed to get user credential" + sys.exit(-1) def get_auth_cred(self): @@ -208,9 +209,12 @@ class Sfi: return slice_cred else: # bootstrap slice credential from user credential - user_cred = self.get_user_cred() - slice_cred = self.registry.get_credential(user_cred, "slice", name) + user_cred = self.get_user_cred().save_to_string(save_parents=True) + arg_list = [user_cred, "slice", name] + request_hash = self.key.compute_hash(arg_list) + slice_cred_str = self.registry.get_credential(user_cred, "slice", name, request_hash) if slice_cred: + slice_cred = Credential(string=slice_cred_str) slice_cred.save_to_file(file, save_parents=True) if self.options.verbose: print "Writing slice credential to", file @@ -560,22 +564,24 @@ class Sfi: def aggregates(self, opts, args): - user_cred = self.get_user_cred() + user_cred = self.get_user_cred().save_to_string(save_parents=True) hrn = None if args: hrn = args[0] - - result = self.registry.get_aggregates(user_cred, hrn) + arg_list = [user_cred, hrn] + request_hash = self.key.compute_hash(arg_list) + result = self.registry.get_aggregates(user_cred, hrn, request_hash) self.display_list(result) return def registries(self, opts, args): - user_cred = self.get_user_cred() + user_cred = self.get_user_cred().save_to_string(save_parents=True) hrn = None if args: hrn = args[0] - - result = self.registry.get_registries(user_cred, hrn) + arg_list = [user_cred, hrn] + request_hash = self.key.compute_hash(arg_list) + result = self.registry.get_registries(user_cred, hrn, request_hash) self.display_list(result) return @@ -587,39 +593,49 @@ class Sfi: # list instantiated slices def slices(self,opts, args): - user_cred = self.get_user_cred() - results = self.slicemgr.get_slices(user_cred) - self.display_list(results) - return + user_cred = self.get_user_cred().save_to_string(save_parents=True) + arg_list = [user_cred] + request_hash = self.key.compute_hash(arg_list) + results = self.slicemgr.get_slices(user_cred, request_hash) + self.display_list(results) + return # show rspec for named slice def resources(self,opts, args): - user_cred = self.get_user_cred() - server = self.slicemgr - if opts.aggregate: - aggregates = self.registry.get_aggregates(user_cred, opts.aggregate) + user_cred = self.get_user_cred().save_to_string(save_parents=True) + server = self.slicemgr + if opts.aggregate: + agg_hrn = opts.aggregate + arg_list = [user_cred, arg_hrn] + request_hash = self.key.compute_hash(arg_list) + aggregates = self.registry.get_aggregates(user_cred, agg_hrn, request_hash) if not aggregates: - raise Exception, "No such aggregate %s" % opts.aggregate + raise Exception, "No such aggregate %s" % agg_hrn aggregate = aggregates[0] url = "http://%s:%s" % (aggregate['addr'], aggregate['port']) - server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol) - if args: - slice_cred = self.get_slice_cred(args[0]) - result = server.get_resources(slice_cred, args[0]) - else: - result = server.get_resources(user_cred) - format = opts.format + server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file) + if args: + cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) + hrn = args[0] + else: + cred = user_cred + hrn = None + + arg_list = [cred, hrn] + request_hash = self.key.compute_hash(arg_list) + result = server.get_resources(cred, hrn, request_hash) + format = opts.format - self.display_rspec(result, format) - if (opts.file is not None): - self.save_rspec_to_file(result, opts.file) - return + self.display_rspec(result, format) + if (opts.file is not None): + self.save_rspec_to_file(result, opts.file) + return # created named slice with given rspec def create(self,opts, args): slice_hrn = args[0] user_cred = self.get_user_cred() - slice_cred = self.get_slice_cred(slice_hrn) + slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) rspec_file = self.get_rspec_file(args[1]) rspec=open(rspec_file).read() server = self.slicemgr @@ -630,32 +646,41 @@ class Sfi: aggregate = aggregates[0] url = "http://%s:%s" % (aggregate['addr'], aggregate['port']) server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol) - return server.create_slice(slice_cred, slice_hrn, rspec) + arg_list = [slice_cred, slice_hrn, rspec] + request_hash = self.key.compute_hash(arg_list) + return server.create_slice(slice_cred, slice_hrn, rspec, request_hash) # delete named slice def delete(self,opts, args): - slice_hrn = args[0] - slice_cred = self.get_slice_cred(slice_hrn) - - return self.slicemgr.delete_slice(slice_cred, slice_hrn) + slice_hrn = args[0] + slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) + arg_list = [slice_cred, slice_hrn] + request_hash = self.key.compute_hash(arg_list) + return self.slicemgr.delete_slice(slice_cred, slice_hrn, request_hash) # start named slice def start(self,opts, args): - slice_hrn = args[0] - slice_cred = self.get_slice_cred(args[0]) - return self.slicemgr.start_slice(slice_cred, slice_hrn) + slice_hrn = args[0] + slice_cred = self.get_slice_cred(args[0]) + arg_list = [slice_cred, slice_hrn] + request_hash = self.key.compute_hash(arg_list) + return self.slicemgr.start_slice(slice_cred, slice_hrn, request_hash) # stop named slice def stop(self,opts, args): - slice_hrn = args[0] - slice_cred = self.get_slice_cred(args[0]) - return self.slicemgr.stop_slice(slice_cred, slice_hrn) + slice_hrn = args[0] + slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) + arg_list = [slice_cred, slice_hrn] + request_hash = self.key.compute_hash(arg_list) + return self.slicemgr.stop_slice(slice_cred, slice_hrn, request_hash) # reset named slice def reset(self,opts, args): - slice_hrn = args[0] - slice_cred = self.get_slice_cred(args[0]) - return self.slicemgr.reset_slice(slice_cred, slice_hrn) + slice_hrn = args[0] + slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) + arg_list = [slice_cred, slice_hrn] + request_hash = self.key.compute_hash(arg_list) + return self.slicemgr.reset_slice(slice_cred, slice_hrn, request_hash) # # @@ -666,7 +691,7 @@ class Sfi: def display_rspec(self,rspec, format = 'rspec'): if format in ['dns']: - spec = Rspec() + spec = RSpec() spec.parseString(rspec) hostnames = [] nodespecs = spec.getDictsByTagName('NodeSpec') @@ -678,7 +703,7 @@ class Sfi: hostnames.append(nodespec['name']) result = hostnames elif format in ['ip']: - spec = Rspec() + spec = RSpec() spec.parseString(rspec) ips = [] ifspecs = spec.getDictsByTagName('IfSpec')