import sys
import datetime
import time
-import xmlrpclib
-from types import StringTypes, ListType
from sfa.util.server import SfaServer
from sfa.util.storage import *
from sfa.util.faults import *
+from sfa.trust.gid import GID
+from sfa.util.table import SfaTable
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
import sfa.util.soapprotocol as soapprotocol
class Aggregates(dict):
- required_fields = ['hrn', 'addr', 'port']
-
+ default_fields = {
+ 'hrn': '',
+ 'addr': '',
+ 'port': '',
+ }
+
def __init__(self, api, file = "/etc/sfa/aggregates.xml"):
dict.__init__(self, {})
self.api = api
- self.interfaces = []
+
# create default connection dict
- connection_dict = {}
- for field in self.required_fields:
- connection_dict[field] = ''
- aggregates_dict = {'aggregates': {'aggregate': [connection_dict]}}
- # get possible config file locations
- loaded = False
- path = os.path.dirname(os.path.abspath(__file__))
- filename = file.split(os.sep)[-1]
- alt_file = path + os.sep + filename
- files = [file, alt_file]
+ aggregates_dict = {'aggregates': {'aggregate': [default_fields]}}
- for f in files:
- try:
- if os.path.isfile(f):
- self.aggregate_info = XmlStorage(f, aggregates_dict)
- loaded = True
- except: pass
-
- # if file is missing, just recreate it in the right place
- if not loaded:
- self.aggregate_info = XmlStorage(file, aggregates_dict)
+ # load config file
+ self.aggregate_info = XmlStorage(file, aggregates_dict)
self.aggregate_info.load()
+ self.interfaces = self.registry_info['aggregates']['aggregate']
+ if not isinstance(self.interfaces, list):
+ self.interfaces = [self.interfaces]
+
+ # Attempt to get any missing peer gids
+ # There should be a gid file in /etc/sfa/trusted_roots for every
+ # peer registry found in in the aggregates.xml config file. If there
+ # are any missing gids, request a new one from the peer registry.
+ gids_current = self.api.auth.trusted_cert_list.get_list()
+ hrns_current = [gid.get_hrn() for gid in gids_found]
+ hrns_expected = [interface['hrn'] for interfaces in self.interfaces]
+ new_hrns = set(hrns_current).difference(hrns_expected)
+
+ self.get_peer_gids(new_hrns)
self.connectAggregates()
def connectAggregates(self):
--- /dev/null
+#
+# Apache mod_python interface
+#
+# Aaron Klingaman <alk@absarokasoft.com>
+# Mark Huang <mlhuang@cs.princeton.edu>
+#
+# Copyright (C) 2004-2006 The Trustees of Princeton University
+#
+
+import sys
+import traceback
+import xmlrpclib
+from mod_python import apache
+
+from sfa.plc.api import SfaAPI
+from sfa.util.debug import log
+
+api = SfaAPI(interface='aggregate')
+
+class unbuffered:
+ """\r
+ Write to /var/log/httpd/error_log. See\r
+\r
+ http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
+ """\r
+\r
+ def write(self, data):\r
+ sys.stderr.write(data)\r
+ sys.stderr.flush()\r
+\r
+#log = unbuffered()
+
+def handler(req):
+ try:
+ if req.method != "POST":
+ req.content_type = "text/html"
+ req.send_http_header()
+ req.write("""
+<html><head>
+<title>SFA Aggregate API XML-RPC/SOAP Interface</title>
+</head><body>
+<h1>SFA Aggregate API XML-RPC/SOAP Interface</h1>
+<p>Please use XML-RPC or SOAP to access the SFA API.</p>
+</body></html>
+""")
+ return apache.OK
+
+ # Read request
+ request = req.read(int(req.headers_in['content-length']))
+
+ # mod_python < 3.2: The IP address portion of remote_addr is
+ # incorrect (always 0.0.0.0) when IPv6 is enabled.
+ # http://issues.apache.org/jira/browse/MODPYTHON-64?page=all
+ (remote_ip, remote_port) = req.connection.remote_addr
+ remote_addr = (req.connection.remote_ip, remote_port)
+
+ # Handle request
+ response = api.handle(remote_addr, request)
+
+ # Write response
+ req.content_type = "text/xml; charset=" + api.encoding
+ req.send_http_header()
+ req.write(response)
+
+ return apache.OK
+
+ except Exception, err:
+ # Log error in /var/log/httpd/(ssl_)?error_log
+ print >> log, err, traceback.format_exc()
+ return apache.HTTP_INTERNAL_SERVER_ERROR
--- /dev/null
+#
+# Apache mod_python interface
+#
+# Aaron Klingaman <alk@absarokasoft.com>
+# Mark Huang <mlhuang@cs.princeton.edu>
+#
+# Copyright (C) 2004-2006 The Trustees of Princeton University
+#
+
+import sys
+import traceback
+import xmlrpclib
+from mod_python import apache
+from sfa.util.debug import log
+from sfa.plc.api import SfaAPI
+
+api = SfaAPI(interface='registry')
+
+class unbuffered:
+ """\r
+ Write to /var/log/httpd/error_log. See\r
+\r
+ http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
+ """\r
+\r
+ def write(self, data):\r
+ sys.stderr.write(data)\r
+ sys.stderr.flush()\r
+\r
+#log = unbuffered()
+
+def handler(req):
+ try:
+ if req.method != "POST":
+ req.content_type = "text/html"
+ req.send_http_header()
+ req.write("""
+<html><head>
+<title>SFA Registry API XML-RPC/SOAP Interface</title>
+</head><body>
+<h1>SFA Registry API XML-RPC/SOAP Interface</h1>
+<p>Please use XML-RPC or SOAP to access the SFA API.</p>
+</body></html>
+""")
+ return apache.OK
+
+ # Read request
+ request = req.read(int(req.headers_in['content-length']))
+
+ # mod_python < 3.2: The IP address portion of remote_addr is
+ # incorrect (always 0.0.0.0) when IPv6 is enabled.
+ # http://issues.apache.org/jira/browse/MODPYTHON-64?page=all
+ (remote_ip, remote_port) = req.connection.remote_addr
+ remote_addr = (req.connection.remote_ip, remote_port)
+
+ # Handle request
+ response = api.handle(remote_addr, request)
+
+ # Write response
+ req.content_type = "text/xml; charset=" + api.encoding
+ req.send_http_header()
+ req.write(response)
+
+ return apache.OK
+
+ except Exception, err:
+ # Log error in /var/log/httpd/(ssl_)?error_log
+ print >> log, err, traceback.format_exc()
+ return apache.HTTP_INTERNAL_SERVER_ERROR
--- /dev/null
+#
+# Apache mod_python interface
+#
+# Aaron Klingaman <alk@absarokasoft.com>
+# Mark Huang <mlhuang@cs.princeton.edu>
+#
+# Copyright (C) 2004-2006 The Trustees of Princeton University
+#
+
+import sys
+import traceback
+import xmlrpclib
+from mod_python import apache
+
+from sfa.plc.api import SfaAPI
+from sfa.util.debug import log
+
+api = SfaAPI(interface='slicemgr')
+
+class unbuffered:
+ """\r
+ Write to /var/log/httpd/error_log. See\r
+\r
+ http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
+ """\r
+\r
+ def write(self, data):\r
+ sys.stderr.write(data)\r
+ sys.stderr.flush()\r
+\r
+#log = unbuffered()
+
+def handler(req):
+ try:
+ if req.method != "POST":
+ req.content_type = "text/html"
+ req.send_http_header()
+ req.write("""
+<html><head>
+<title>SFA SliceMgr API XML-RPC/SOAP Interface</title>
+</head><body>
+<h1>SFA SliceMgr API XML-RPC/SOAP Interface</h1>
+<p>Please use XML-RPC or SOAP to access the SFA API.</p>
+</body></html>
+""")
+ return apache.OK
+
+ # Read request
+ request = req.read(int(req.headers_in['content-length']))
+
+ # mod_python < 3.2: The IP address portion of remote_addr is
+ # incorrect (always 0.0.0.0) when IPv6 is enabled.
+ # http://issues.apache.org/jira/browse/MODPYTHON-64?page=all
+ (remote_ip, remote_port) = req.connection.remote_addr
+ remote_addr = (req.connection.remote_ip, remote_port)
+
+ # Handle request
+ response = api.handle(remote_addr, request)
+
+ # Write response
+ req.content_type = "text/xml; charset=" + api.encoding
+ req.send_http_header()
+ req.write(response)
+
+ return apache.OK
+
+ except Exception, err:
+ # Log error in /var/log/httpd/(ssl_)?error_log
+ print >> log, err, traceback.format_exc()
+ return apache.HTTP_INTERNAL_SERVER_ERROR
--- /dev/null
+Listen 12346
+
+<VirtualHost *:12346>
+ ErrorLog logs/sfa_ssl_error_log
+ TransferLog logs/sfa_ssl_access_log
+ CustomLog logs/ssl_request_log \
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b
+ LogLevel warn
+
+ SSLEngine on
+ SSLProtocol all -SSLv2
+
+ SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
+ SSLCertificateFile /etc/sfa/authorities/server.cert
+ SSLCertificateKeyFile /etc/sfa/authorities/server.key
+ SetEnvIf User-Agent ".*MSIE.*" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+
+ SetHandler mod_python
+ PythonPath "sys.path + ['/usr/lib/python2.5/site-packages/sfa/', '/usr/lib/python2.5/site-packages/sfa/server/']"
+ PythonHandler SfaAggregateModPython
+
+</VirtualHost>
--- /dev/null
+Listen 12345
+
+<VirtualHost *:12345>
+ ErrorLog logs/sfa_ssl_error_log
+ TransferLog logs/sfa_ssl_access_log
+ CustomLog logs/ssl_request_log \
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b
+ LogLevel warn
+
+ SSLEngine on
+ SSLProtocol all -SSLv2
+
+ SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
+ SSLCertificateFile /etc/sfa/authorities/server.cert
+ SSLCertificateKeyFile /etc/sfa/authorities/server.key
+ SetEnvIf User-Agent ".*MSIE.*" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+
+ SetHandler mod_python
+ PythonPath "sys.path + ['/usr/lib/python2.5/site-packages/sfa/', '/usr/lib/python2.5/site-packages/sfa/server/']"
+ PythonHandler SfaRegistryModPython
+
+</VirtualHost>
--- /dev/null
+Listen 12347
+
+<VirtualHost *:12347>
+ ErrorLog logs/sfa_ssl_error_log
+ TransferLog logs/sfa_ssl_access_log
+ CustomLog logs/ssl_request_log \
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b
+ LogLevel warn
+
+ SSLEngine on
+ SSLProtocol all -SSLv2
+
+ SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
+ SSLCertificateFile /etc/sfa/authorities/server.cert
+ SSLCertificateKeyFile /etc/sfa/authorities/server.key
+ SetEnvIf User-Agent ".*MSIE.*" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+
+ SetHandler mod_python
+ PythonPath "sys.path + ['/usr/lib/python2.5/site-packages/sfa/', '/usr/lib/python2.5/site-packages/sfa/server/']"
+ PythonHandler SfaSliceMgrModPython
+
+</VirtualHost>