X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fserver%2Fsfa-start.py;h=0b999d9de902eb9755524fc4e4a266c89a646980;hb=bc77b3e1ce73d7f748d9cc978472dba246034d74;hp=fe811ff941b62c56506419cc7a9d60b44ec79998;hpb=3cf5c9d8e3f11fa56450c22efdbd6e483c5adda9;p=sfa.git diff --git a/sfa/server/sfa-start.py b/sfa/server/sfa-start.py index fe811ff9..0b999d9d 100755 --- a/sfa/server/sfa-start.py +++ b/sfa/server/sfa-start.py @@ -14,7 +14,7 @@ # is up to date and accurate. # # 1) Import the existing planetlab database, creating the -# appropriate SFA records. This is done by running the "sfa-import-plc.py" tool. +# appropriate SFA records. This is done by running the "sfa-import.py" tool. # # 2) Create a "trusted_roots" directory and place the certificate of the root # authority in that directory. Given the defaults in sfa-import-plc.py, this @@ -40,10 +40,10 @@ from sfa.trust.trustedroots import TrustedRoots from sfa.trust.certificate import Keypair, Certificate from sfa.trust.hierarchy import Hierarchy from sfa.trust.gid import GID - from sfa.server.sfaapi import SfaApi from sfa.server.registry import Registries from sfa.server.aggregate import Aggregates +from sfa.client.return_value import ReturnValue # after http://www.erlenstar.demon.co.uk/unix/faq_2.html def daemon(): @@ -84,9 +84,8 @@ def install_peer_certs(server_key_file, server_cert_file): peer_gids = [] if not new_hrns: return - trusted_certs_dir = api.config.get_trustedroots_dir() - for new_hrn in new_hrns: + for new_hrn in new_hrns: if not new_hrn: continue # the gid for this interface should already be installed if new_hrn == api.config.SFA_INTERFACE_HRN: continue @@ -99,8 +98,7 @@ def install_peer_certs(server_key_file, server_cert_file): if 'sfa' not in server_version: logger.info("get_trusted_certs: skipping non sfa aggregate: %s" % new_hrn) continue - - trusted_gids = interface.get_trusted_certs() + trusted_gids = ReturnValue.get_value(interface.get_trusted_certs()) if trusted_gids: # the gid we want should be the first one in the list, # but lets make sure @@ -109,7 +107,7 @@ def install_peer_certs(server_key_file, server_cert_file): message = "interface: %s\t" % (api.interface) message += "unable to install trusted gid for %s" % \ (new_hrn) - gid = GID(string=trusted_gids[0]) + gid = GID(string=trusted_gid) peer_gids.append(gid) if gid.get_hrn() == new_hrn: gid_filename = os.path.join(trusted_certs_dir, '%s.gid' % new_hrn) @@ -131,7 +129,7 @@ def update_cert_records(gids): """ # import db stuff here here so this module can be loaded by PlcComponentApi from sfa.storage.alchemy import dbsession - from sfa.storage.persistentobjs import RegRecord + from sfa.storage.model import RegRecord if not gids: return # get records that actually exist in the db @@ -144,19 +142,18 @@ def update_cert_records(gids): for record in records_found: if record.hrn not in hrns_expected and \ record.hrn != self.api.config.SFA_INTERFACE_HRN: - del record + dbsession.delete(record) # TODO: store urn in the db so we do this in 1 query for gid in gids: hrn, type = gid.get_hrn(), gid.get_type() record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first() if not record: - record = RegRecord (type=type) - record.set_from_dict ( - { 'hrn': hrn, - 'authority': get_authority(hrn), - 'gid': gid.save_to_string(save_parents=True), - }) + record = RegRecord (dict= {'type':type, + 'hrn': hrn, + 'authority': get_authority(hrn), + 'gid': gid.save_to_string(save_parents=True), + }) dbsession.add(record) dbsession.commit() @@ -185,8 +182,7 @@ def main(): hierarchy = Hierarchy() auth_info = hierarchy.get_interface_auth_info() server_key_file = auth_info.get_privkey_filename() - server_cert_file = auth_info.get_gid_filename() - + server_cert_file = auth_info.get_gid_filename() # ensure interface cert is present in trusted roots dir trusted_roots = TrustedRoots(config.get_trustedroots_dir()) trusted_roots.add_gid(GID(filename=server_cert_file))