+ # this is similar to geniserver.decode_authentication
+ def decode_ticket(self, ticket_string):
+ self.client_ticket = Ticket(string = ticket_string)
+ self.client_gid = self.client_ticket.get_gid_caller()
+ self.object_gid = self.client_ticket.get_gid_object()
+
+ # make sure the client_gid is not blank
+ if not self.client_gid:
+ raise MissingCallerGID(self.client_ticket.get_subject())
+
+ # make sure the client_gid matches the certificate that the client is using
+ peer_cert = self.server.peer_cert
+ if not peer_cert.is_pubkey(self.client_gid.get_pubkey()):
+ raise ConnectionKeyGIDMismatch(self.client_gid.get_subject())
+
+ if self.trusted_cert_list:
+ self.client_ticket.verify_chain(self.trusted_cert_list)
+ if self.client_gid:
+ self.client_gid.verify_chain(self.trusted_cert_list)
+ if self.object_gid:
+ self.object_gid.verify_chain(self.trusted_cert_list)
+
+ def geni_ticket_to_plc_rec(self, ticket):
+ ticket_attrs = ticket.get_attributes()
+ ticket_rspec = ticket.get_rspec()
+ rec = {}
+
+ rec["name"] = ticket_attrs.get("name")
+ rec["keys"] = '\n'.join(ticket_attrs.get("keys",[]))
+ rec["initscript"] = ticket_attrs.get("initscript", "")
+ rec["vref"] = ticket_attrs.get("vref", "default")
+ rec["timestamp"] = ticket_attrs.get("timestamp") # should there be a default timestamp?
+
+ rspec = {}
+ rec['rspec'] = rspec
+ for resname, default_amt in sm.DEFAULT_ALLOCATION.iteritems():
+ try:
+ t = type(default_amt)
+ amt = t.__new__(t, ticket_attrs[resname])
+ except (KeyError, ValueError):
+ amt = default_amt
+ rspec[resname] = amt
+
+ return rec
+
+ def redeem_ticket(self, ticket_str):
+ self.decode_ticket(ticket_str)
+ ticket = self.client_ticket
+
+ print "ticket received for", self.object_gid.get_hrn()
+
+ rec = self.geni_ticket_to_plc_rec(ticket)
+
+ print "record", rec
+
+ database.db.deliver_record(rec)
+
+ # Slice Information
+
+ def list_slices(self, cred_str):
+ self.decode_authentication(cred_str, "listslices")
+ slice_names = database.db.keys()
+ return slice_names
+
+ # Management Interface
+
+ def reboot(self, cred_str):
+ self.decode_authentication(cred_str, "reboot")
+ system("/sbin/reboot")
+