last (cleaned up) version with the -d/--delegate option that was

broken and very unclear about its purpose

diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py
index c0677ef..e9e5dd1 100644 (file)
--- a/sfa/client/sfi.py
+++ b/sfa/client/sfi.py
@@ -822,6 +822,12 @@ use this if you mean an authority instead""")
         else:
             return []
 
+    #################### dealing with delegated credentials
+    # most commands have a -d option that means 'delegate to my own authority'
+    # if is unclear if that is useful at all, but just in case..
+    def delegate_to_my_authority (original):
+        return self.client_bootstrap.delegate_credential_string (original, self.authority, 'authority')
+
     ######################################## miscell utilities
     def get_rspec_file(self, rspec):
        if (os.path.isabs(rspec)):
@@ -1020,8 +1026,7 @@ or version information about sfi itself
         # creds
         creds = [self.my_credential_string]
         if options.delegate:
-            delegated_cred = self.delegate_cred(self.my_credential_string, get_authority(self.authority))
-            creds.append(delegated_cred)  
+            creds.append ( self.delegate_to_my_authority(self.my_credential_string) )
         # options and call_id when supported
         api_options = {}
        api_options['call_id']=unique_call_id()
@@ -1052,7 +1057,7 @@ or with an slice hrn, shows currently provisioned resources
             the_credential=self.my_credential_string
             creds.append(the_credential)
         if options.delegate:
-            creds.append(self.delegate_cred(the_credential, get_authority(self.authority)))
+            creds.append(self.delegate_to_my_authority(the_credential))
         if options.show_credential:
             show_credentials(creds)
 
@@ -1187,8 +1192,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(slice_hrn)
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
         
         # options and call_id when supported
         api_options = {}
@@ -1217,8 +1221,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(slice_hrn)
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
 
         # options and call_id when supported
         api_options = {}
@@ -1246,8 +1249,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(args[0])
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
         # xxx Thierry - does this not need an api_options as well ?
         result = server.Start(slice_urn, creds)
         value = ReturnValue.get_value(result)
@@ -1269,8 +1271,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(args[0])
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
         result =  server.Stop(slice_urn, creds)
         value = ReturnValue.get_value(result)
         if self.options.raw:
@@ -1292,8 +1293,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(args[0])
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
         result = server.reset_slice(creds, slice_urn)
         value = ReturnValue.get_value(result)
         if self.options.raw:
@@ -1318,8 +1318,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(args[0])
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
         # options and call_id when supported
         api_options = {}
        api_options['call_id']=unique_call_id()
@@ -1346,8 +1345,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(slice_hrn)
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
-            creds.append(delegated_cred)
+            creds.append (self.delegate_to_my_authority (slice_cred))
         result = server.Shutdown(slice_urn, creds)
         value = ReturnValue.get_value(result)
         if self.options.raw:
@@ -1369,7 +1367,7 @@ or with an slice hrn, shows currently provisioned resources
         slice_cred = self.slice_credential_string(slice_hrn)
         creds = [slice_cred]
         if options.delegate:
-            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            delegated_cred = self.delegate_to_my_authority(slice_cred)
             creds.append(delegated_cred)
         # rspec
         rspec_file = self.get_rspec_file(rspec_path) 

diff --git a/sfa/trust/credential.py b/sfa/trust/credential.py
index cb02d86..290fb1d 100644 (file)
--- a/sfa/trust/credential.py
+++ b/sfa/trust/credential.py
@@ -661,8 +661,10 @@ class Credential(object):
         # Call out to xmlsec1 to sign it
         ref = 'Sig_%s' % self.get_refid()
         filename = self.save_to_random_tmp_file()
-        signed = os.popen('%s --sign --node-id "%s" --privkey-pem %s,%s %s' \
-                 % (self.xmlsec_path, ref, self.issuer_privkey, ",".join(gid_files), filename)).read()
+        command='%s --sign --node-id "%s" --privkey-pem %s,%s %s' \
+            % (self.xmlsec_path, ref, self.issuer_privkey, ",".join(gid_files), filename)
+#        print 'command',command
+        signed = os.popen(command).read()
         os.remove(filename)
 
         for gid_file in gid_files: