X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fserver%2Finterface.py;h=52df22be75ec4c26c5252249950dd8983429721c;hb=bed506fdde4d9fa51b510430a434d5da1685c657;hp=32f101500d81d6c3623ec31b324bf4a24fbb70a6;hpb=5cf0c1c8c08621a2c5bf7f78c781baa2af8a05d1;p=sfa.git diff --git a/sfa/server/interface.py b/sfa/server/interface.py index 32f10150..52df22be 100644 --- a/sfa/server/interface.py +++ b/sfa/server/interface.py @@ -1,12 +1,13 @@ +import traceback +import os.path from sfa.util.faults import * -from sfa.util.storage import * +from sfa.util.storage import XmlStorage from sfa.util.xrn import get_authority, hrn_to_urn -from sfa.trust.gid import GID from sfa.util.record import SfaRecord -import traceback import sfa.util.xmlrpcprotocol as xmlrpcprotocol import sfa.util.soapprotocol as soapprotocol +from sfa.trust.gid import GID # GeniLight client support is optional try: @@ -26,7 +27,7 @@ class Interfaces(dict): 1) Makes sure a record exist in the local registry for the each fedeated peer - 2) Attepts to fetch and install trusted gids + 2) Attempts to fetch and install trusted gids 3) Provides connections (xmlrpc or soap) to federated peers """ @@ -79,107 +80,6 @@ class Interfaces(dict): self.interfaces[interface['hrn']] = interface - def sync_interfaces(self): - """ - Install missing trusted gids and db records for our federated - interfaces - """ - # Attempt to get any missing peer gids - # There should be a gid file in /etc/sfa/trusted_roots for every - # peer registry found in in the registries.xml config file. If there - # are any missing gids, request a new one from the peer registry. - gids_current = self.api.auth.trusted_cert_list - hrns_current = [gid.get_hrn() for gid in gids_current] - hrns_expected = self.interfaces.keys() - new_hrns = set(hrns_expected).difference(hrns_current) - gids = self.get_peer_gids(new_hrns) + gids_current - # make sure there is a record for every gid - self.update_db_records(self.type, gids) - - def get_peer_gids(self, new_hrns): - """ - Install trusted gids from the specified interfaces. - """ - peer_gids = [] - if not new_hrns: - return peer_gids - trusted_certs_dir = self.api.config.get_trustedroots_dir() - for new_hrn in new_hrns: - if not new_hrn: - continue - # the gid for this interface should already be installed - if new_hrn == self.api.config.SFA_INTERFACE_HRN: - continue - try: - # get gid from the registry - interface_info = self.interfaces[new_hrn] - interface = self[new_hrn] - trusted_gids = interface.get_trusted_certs() - if trusted_gids: - # the gid we want shoudl be the first one in the list, - # but lets make sure - for trusted_gid in trusted_gids: - # default message - message = "interface: %s\t" % (self.api.interface) - message += "unable to install trusted gid for %s" % \ - (new_hrn) - gid = GID(string=trusted_gids[0]) - peer_gids.append(gid) - if gid.get_hrn() == new_hrn: - gid_filename = os.path.join(trusted_certs_dir, '%s.gid' % new_hrn) - gid.save_to_file(gid_filename, save_parents=True) - message = "interface: %s\tinstalled trusted gid for %s" % \ - (self.api.interface, new_hrn) - # log the message - self.api.logger.info(message) - except: - message = "interface: %s\tunable to install trusted gid for %s" % \ - (self.api.interface, new_hrn) - self.api.logger.log_exc(message) - - # reload the trusted certs list - self.api.auth.load_trusted_certs() - return peer_gids - - def update_db_records(self, type, gids): - """ - Make sure there is a record in the local db for allowed registries - defined in the config file (registries.xml). Removes old records from - the db. - """ - # import SfaTable here so this module can be loaded by ComponentAPI - from sfa.util.table import SfaTable - if not gids: - return - - # hrns that should have a record - hrns_expected = [gid.get_hrn() for gid in gids] - - # get hrns that actually exist in the db - table = SfaTable() - records = table.find({'type': type, 'pointer': -1}) - hrns_found = [record['hrn'] for record in records] - - # remove old records - for record in records: - if record['hrn'] not in hrns_expected and \ - record['hrn'] != self.api.config.SFA_INTERFACE_HRN: - table.remove(record) - - # add new records - for gid in gids: - hrn = gid.get_hrn() - if hrn not in hrns_found: - record = { - 'hrn': hrn, - 'type': type, - 'pointer': -1, - 'authority': get_authority(hrn), - 'gid': gid.save_to_string(save_parents=True), - } - record = SfaRecord(dict=record) - table.insert(record) - def get_connections(self): """ read connection details for the trusted peer registries from file return @@ -188,9 +88,8 @@ class Interfaces(dict): connections = {} required_fields = self.default_fields.keys() for interface in self.interfaces.values(): - # make sure the required fields are present and not null - url = interface['url'] +# sfa_logger().debug("Interfaces.get_connections - looping on neighbour %s"%url) # check which client we should use # sfa.util.xmlrpcprotocol is default client_type = 'xmlrpcprotocol' @@ -200,6 +99,6 @@ class Interfaces(dict): client_type = 'geniclientlight' connections[hrn] = GeniClientLight(url, self.api.key_file, self.api.cert_file) else: - connections[interface['hrn']] = xmlrpcprotocol.get_server(url, self.api.key_file, self.api.cert_file) + connections[interface['hrn']] = xmlrpcprotocol.get_server(url, self.api.key_file, self.api.cert_file, timeout=30) return connections