import sys
import os, os.path
import getopt
-from util.cert import Keypair, Certificate
-from util.credential import Credential
-from util.geniclient import GeniClient
-from util.record import GeniRecord
-from util.gid import GID
-
+import tempfile
+from geni.util.cert import Keypair, Certificate
+from geni.util.credential import Credential
+from geni.util.geniclient import GeniClient
+from geni.util.record import GeniRecord
+from geni.util.gid import GID
+from geni.util.gid import create_uuid
+
+gidhrn = None
+gidkeyfile = None
infile = None
outfile = None
gidfile = None
dump = False
researcher = []
-long_opts = ["infile=", "outfile=", "email=", "ip=", "dns=", "gidfile=", "hrn=", "type=", "addresearcher=", "delresearcher=", "dump"]
+long_opts = ["infile=", "outfile=", "email=", "ip=", "dns=", "gidfile=", "gidhrn=", "gidkeyfile=", "hrn=", "type=", "addresearcher=", "delresearcher=", "dump"]
def showhelp():
print "syntax: editRecord.py <options>"
print " --outfile <name> ... write record to file"
print " --dump ... dump record to stdout"
print " --gidfile <fn> ... load gid from file"
+ print " --gidhrn <name> ... name to use when creating gid"
+ print " --gidkeyfile <name> ... key to use when creating gid"
print " --hrn <name> ... set hrn"
print " --type <type> ... set type (user|slice|sa|ma|...)"
print " --email <addr> ... user: set email address"
print " --addresearcher <hrn> ... slice: add researcher"
print " --delresearcher <hrn> ... slice: delete researcher"
+def load_publickey_string(fn):
+ f = file(fn,"r")
+ key_string = f.read()
+
+ # if the filename is a private key file, then extract the public key
+ if "PRIVATE KEY" in key_string:
+ outfn = tempfile.mktemp()
+ cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
+ os.system(cmd)
+ f = file(outfn, "r")
+ key_string = f.read()
+ os.remove(outfn)
+
+ return key_string
+
def process_options():
global infile, outfile
global email, ip, dns, gidfile, hrn, type
global researcher
global dump
+ global gidkeyfile, gidhrn
(options, args) = getopt.getopt(sys.argv[1:], '', long_opts)
for opt in options:
dns = val
elif name == "--gidfile":
gidfile = val
+ elif name == "--gidhrn":
+ gidhrn = val
+ elif name == "--gidkeyfile":
+ gidkeyfile = val
elif name == "--hrn":
hrn = val
elif name == "--type":
print "Warning: unknown record type"
if not record.name:
print "Warning: unknown record name"
- if not record.gid:
+ if (not record.gid) and (not ("create_gid" in geni_info)):
print "Warning: unknown record gid"
if record.type == "user":
gid = GID(string=gid_str)
record.set_gid(gid)
+ if gidhrn or gidkeyfile:
+ if not gidhrn:
+ print "must use --gidkeyfile with --gidhrn"
+ sys.exit(-1)
+ if not gidkeyfile:
+ print "must use --gidhrn with --gidkeyfile"
+ sys.exit(-1)
+
+ geni_info = record.get_geni_info()
+ geni_info["create_gid"] = True
+ geni_info["create_gid_hrn"] = gidhrn
+ geni_info["create_gid_key"] = load_publickey_string(gidkeyfile)
+
if researcher:
update_list(geni_info, "researcher", researcher)
return key_string
-
#
# Generate sub-command parser
#
cmdargs = {"list": "name",
"show": "name",
"remove": "name",
- "creategid": "hrn publickey_fn",
"add": "name record",
"update": "name record",
"nodes": "[name]",
help="type filter (user|slice|sa|ma|node|aggregate)",
choices=("user","slice","sa","ma","node","aggregate", "all"),
default="all")
- if command in ("show", "list", "nodes", "resources", "creategid"):
+ if command in ("show", "list", "nodes", "resources"):
parser.add_option("-o", "--output", dest="file",
help="output XML to file", metavar="FILE", default=None)
return parser
auth_cred = get_auth_cred()
return registry.remove(auth_cred, opts.type, args[0])
-def creategid(opts, args):
- global registry
- auth_cred = get_auth_cred()
- hrn = args[0]
- pkey_string = load_publickey_string(args[1])
- gid = registry.create_gid(auth_cred, hrn, create_uuid(), pkey_string)
- if (opts.file is not None):
- gid.save_to_file(opts.file, save_parents=True)
- else:
- print "I created your gid, but you did not ask me to save it"
-
# add named registry record
def add(opts, args):
global registry
auth_cred = get_auth_cred()
rec_file = get_record_file(args[0])
record = load_record_from_file(rec_file)
+
+ # check and see if we need to create a gid for this record. The creator
+ # of the record signals this by filling in the create_gid, create_gid_hrn,
+ # and create_gid_key members.
+ # (note: we'd use an unsigned GID in the record instead, but pyOpenSSL is
+ # broken and has no way for us to get the key back out of the gid)
+ geni_info = record.get_geni_info()
+ if "create_gid" in geni_info:
+ gid = registry.create_gid(auth_cred, geni_info["create_gid_hrn"], create_uuid(), geni_info["create_gid_key"])
+ record.set_gid(gid)
+
+ del geni_info["create_gid"]
+ del geni_info["create_gid_hrn"]
+ del geni_info["create_gid_key"]
+
return registry.register(auth_cred, record)
# update named registry entry