-
- def get_key_file(self):
- file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
- if (os.path.isfile(file)):
- return file
- else:
- self.logger.error("Key file %s does not exist"%file)
- sys.exit(-1)
- return
-
- def get_cert_file(self, key_file):
-
- cert_file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
- if (os.path.isfile(cert_file)):
- # we'd perfer to use Registry issued certs instead of self signed certs.
- # if this is a Registry cert (GID) then we are done
- gid = GID(filename=cert_file)
- if gid.get_urn():
- return cert_file
-
- # generate self signed certificate
- k = Keypair(filename=key_file)
- cert = Certificate(subject=self.user)
- cert.set_pubkey(k)
- cert.set_issuer(k, self.user)
- cert.sign()
- self.logger.info("Writing self-signed certificate to %s"%cert_file)
- cert.save_to_file(cert_file)
- self.cert = cert
- # try to get registry issued cert
- try:
- self.logger.info("Getting Registry issued cert")
- self.read_config()
- # *hack. need to set registry before _get_gid() is called
- self.registry = SfaServerProxy(self.reg_url, key_file, cert_file,
- timeout=self.options.timeout, verbose=self.options.debug)
- gid = self._get_gid(type='user')
- self.registry = None
- self.logger.info("Writing certificate to %s"%cert_file)
- gid.save_to_file(cert_file)
- except:
- self.logger.info("Failed to download Registry issued cert")
+ # init self-signed cert, user credentials and gid
+ def bootstrap (self):
+ bootstrap = SfaClientBootstrap (self.user, self.reg_url, self.options.sfi_dir)
+ # xxx todo : add a -k option to specify an external private key to install in workdir
+ if self.options.user_private_key:
+ bootstrap.init_private_key_if_missing (self.options.user_private_key)
+ else:
+ # trigger legacy compat code if needed
+ if not os.path.isfile(bootstrap.private_key_filename()):
+ self.logger.info ("private key not found, trying legacy name")
+ try:
+ legacy_private_key = os.path.join (self.options.sfi_dir, "%s.pkey"%get_leaf(self.user))
+ self.logger.debug("legacy_private_key=%s"%legacy_private_key)
+ bootstrap.init_private_key_if_missing (legacy_private_key)
+ self.logger.info("Copied private key from legacy location %s"%legacy_private_key)
+ except:
+ self.logger.log_exc("Can't find private key ")
+ sys.exit(1)
+
+ # make it bootstrap
+ bootstrap.bootstrap_my_gid()
+ # extract what's needed
+ self.private_key = bootstrap.private_key()
+ self.my_gid = bootstrap.my_gid ()
+ self.my_credential_string = bootstrap.my_credential_string ()
+ self.bootstrap = bootstrap