##
# This module implements a hierarchy of authorities and performs a similar
-# function as the "tree" module of the original geniwrapper prototype. An HRN
+# function as the "tree" module of the original SFA prototype. An HRN
# is assumed to be a string of authorities separated by dots. For example,
# "planetlab.us.arizona.bakers". Each component of the HRN is a different
# authority, with the last component being a leaf in the tree.
from sfa.util.report import *
from sfa.trust.certificate import Keypair
from sfa.trust.credential import *
-from sfa.trust.gid import *
-
-from sfa.util.misc import *
-from sfa.util.config import *
+from sfa.trust.gid import GID, create_uuid
+from sfa.util.namespace import *
+from sfa.util.config import Config
from sfa.util.sfaticket import SfaTicket
##
def __init__(self, basedir = None):
if not basedir:
- config = Config()
- basedir = config.config_path + os.sep + "authorities"
+ self.config = Config()
+ basedir = os.path.join(self.config.SFA_DATA_DIR, "authorities")
self.basedir = basedir
##
# Given a hrn, return the filenames of the GID, private key, and dbinfo
# XXX TODO: think up a better way for the dbinfo to work
- dbinfo = get_default_dbinfo()
+ dbinfo = Config().get_plc_dbinfo()
dbinfo_file = file(dbinfo_filename, "w")
dbinfo_file.write(str(dbinfo))
dbinfo_file.close()
gid = GID(subject=hrn, uuid=uuid, hrn=hrn)
parent_hrn = get_authority(hrn)
- if not parent_hrn:
+ if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
gid.set_issuer(pkey, hrn)
cred.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
- if not parent_hrn:
+ if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
cred.set_issuer(auth_info.get_pkey_object(), hrn)