+#----------------------------------------------------------------------
+# Copyright (c) 2008 Board of Trustees, Princeton University
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and/or hardware specification (the "Work") to
+# deal in the Work without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Work, and to permit persons to whom the Work
+# is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Work.
+#
+# THE WORK IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE WORK OR THE USE OR OTHER DEALINGS
+# IN THE WORK.
+#----------------------------------------------------------------------
##
# Implements SFA GID. GIDs are based on certificates, and the GID class is a
# descendant of the certificate class.
### $Id$
### $URL$
-
import xmlrpclib
import uuid
+
+import sfa.util.sfalogging
from sfa.trust.certificate import Certificate
from sfa.util.namespace import *
-from sfa.util.sfalogging import logger
##
# Create a new uuid. Returns the UUID as a string.
Certificate.__init__(self, create, subject, string, filename)
if subject:
- logger.info("subject: %s" % subject)
+ sfa.util.sfalogging.logger.debug("Creating GID for subject: %s" % subject)
if uuid:
self.uuid = int(uuid)
if hrn:
if self.parent:
# make sure the parent's hrn is a prefix of the child's hrn
if not self.get_hrn().startswith(self.parent.get_hrn()):
- raise GidParentHrn(self.parent.get_subject())
+ #print self.get_hrn(), " ", self.parent.get_hrn()
+ raise GidParentHrn("This cert %s HRN doesnt start with parent HRN %s" % (self.get_hrn(), self.parent.get_hrn()))
else:
# make sure that the trusted root's hrn is a prefix of the child's
trusted_gid = GID(string=trusted_root.save_to_string())
+ trusted_type = trusted_gid.get_type()
trusted_hrn = trusted_gid.get_hrn()
+ #if trusted_type == 'authority':
+ # trusted_hrn = trusted_hrn[:trusted_hrn.rindex('.')]
cur_hrn = self.get_hrn()
if not self.get_hrn().startswith(trusted_hrn):
- raise GidParentHrn(trusted_hrn + " " + self.get_hrn())
+ raise GidParentHrn("Trusted roots HRN %s isnt start of this cert %s" % (trusted_hrn, cur_hrn))
return
-
-
-
-
-