##
# This module implements a hierarchy of authorities and performs a similar
-# function as the "tree" module of the original geniwrapper prototype. An HRN
+# function as the "tree" module of the original SFA prototype. An HRN
# is assumed to be a string of authorities separated by dots. For example,
# "planetlab.us.arizona.bakers". Each component of the HRN is a different
# authority, with the last component being a leaf in the tree.
from sfa.trust.certificate import Keypair
from sfa.trust.credential import *
from sfa.trust.gid import GID, create_uuid
-
-from sfa.util.misc import *
+from sfa.util.namespace import *
from sfa.util.config import Config
from sfa.util.sfaticket import SfaTicket
def __init__(self, basedir = None):
if not basedir:
- config = Config()
- basedir = os.path.join(config.SFA_BASE_DIR, "authorities")
+ self.config = Config()
+ basedir = os.path.join(self.config.SFA_DATA_DIR, "authorities")
self.basedir = basedir
##
# Given a hrn, return the filenames of the GID, private key, and dbinfo
gid = GID(subject=hrn, uuid=uuid, hrn=hrn)
parent_hrn = get_authority(hrn)
- if not parent_hrn:
+ if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
gid.set_issuer(pkey, hrn)
cred.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
- if not parent_hrn:
+ if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
cred.set_issuer(auth_info.get_pkey_object(), hrn)
git://git.onelab.eu / sfa.git / blobdiff