X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Ftrust%2Fhierarchy.py;h=ce74c9f59f0250562781ddecca88f2cc0f01d8dc;hb=3d7237fa0b5f2b4a60cb97c7fb3b6aecfd94558a;hp=336fd9e49f2738636dc26ab62d5b9ad2851eeee4;hpb=82880c26cb63971c469825a182eaed7a9c9a57ff;p=sfa.git diff --git a/sfa/trust/hierarchy.py b/sfa/trust/hierarchy.py index 336fd9e4..ce74c9f5 100644 --- a/sfa/trust/hierarchy.py +++ b/sfa/trust/hierarchy.py @@ -1,6 +1,6 @@ ## # This module implements a hierarchy of authorities and performs a similar -# function as the "tree" module of the original geniwrapper prototype. An HRN +# function as the "tree" module of the original SFA prototype. An HRN # is assumed to be a string of authorities separated by dots. For example, # "planetlab.us.arizona.bakers". Each component of the HRN is a different # authority, with the last component being a leaf in the tree. @@ -20,11 +20,10 @@ import os from sfa.util.report import * from sfa.trust.certificate import Keypair from sfa.trust.credential import * -from sfa.trust.gid import * - -from sfa.util.misc import * -from sfa.util.config import * -from sfa.util.geniticket import * +from sfa.trust.gid import GID, create_uuid +from sfa.util.namespace import * +from sfa.util.config import Config +from sfa.util.sfaticket import SfaTicket ## # The AuthInfo class contains the information for an authority. This information @@ -110,8 +109,8 @@ class Hierarchy: def __init__(self, basedir = None): if not basedir: - config = Config() - basedir = config.config_path + os.sep + "authorities" + self.config = Config() + basedir = os.path.join(self.config.SFA_DATA_DIR, "authorities") self.basedir = basedir ## # Given a hrn, return the filenames of the GID, private key, and dbinfo @@ -152,7 +151,7 @@ class Hierarchy: # @param create_parents if true, also create the parents if they do not exist def create_auth(self, hrn, create_parents=False): - report.trace("Hierarchy: creating authority: " + hrn) + trace("Hierarchy: creating authority: " + hrn) # create the parent authority if necessary parent_hrn = get_authority(hrn) @@ -182,7 +181,7 @@ class Hierarchy: # XXX TODO: think up a better way for the dbinfo to work - dbinfo = get_default_dbinfo() + dbinfo = Config().get_plc_dbinfo() dbinfo_file = file(dbinfo_filename, "w") dbinfo_file.write(str(dbinfo)) dbinfo_file.close() @@ -195,7 +194,7 @@ class Hierarchy: # @param hrn the human readable name of the authority to create. def get_auth_info(self, hrn): - #report.trace("Hierarchy: getting authority: " + hrn) + #trace("Hierarchy: getting authority: " + hrn) if not self.auth_exists(hrn): raise MissingAuthority(hrn) @@ -226,7 +225,7 @@ class Hierarchy: gid = GID(subject=hrn, uuid=uuid, hrn=hrn) parent_hrn = get_authority(hrn) - if not parent_hrn: + if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: # if there is no parent hrn, then it must be self-signed. this # is where we terminate the recursion gid.set_issuer(pkey, hrn) @@ -289,7 +288,7 @@ class Hierarchy: cred.set_pubkey(auth_info.get_gid_object().get_pubkey()) parent_hrn = get_authority(hrn) - if not parent_hrn: + if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: # if there is no parent hrn, then it must be self-signed. this # is where we terminate the recursion cred.set_issuer(auth_info.get_pkey_object(), hrn) @@ -318,7 +317,7 @@ class Hierarchy: auth_info = self.get_auth_info(hrn) gid = auth_info.get_gid_object() - ticket = Ticket(subject=hrn) + ticket = SfaTicket(subject=hrn) ticket.set_gid_caller(gid) ticket.set_gid_object(gid) ticket.set_delegate(True)