from types import StringTypes, ListType
from optparse import OptionParser
import zlib
-import logging
+from sfa.util.sfalogging import sfa_logger,sfa_logger_goes_to_console
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import Credential
from sfa.util.sfaticket import SfaTicket
from sfa.util.xmlrpcprotocol import ServerException
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
from sfa.util.config import Config
-from sfa.util.sfalogging import console_logger
AGGREGATE_PORT=12346
self.authority = None
self.options = None
self.hashrequest = False
- self.logger=console_logger
+ sfa_logger_goes_to_console()
+ self.logger=sfa_logger()
def create_cmd_parser(self, command, additional_cmdargs=None):
cmdargs = {"list": "name",
help="user name", metavar="HRN", default=None)
parser.add_option("-a", "--auth", dest="auth",
help="authority name", metavar="HRN", default=None)
- parser.add_option("-v", "--verbose",
- action="store_true", dest="verbose", default=False,
- help="verbose mode")
+ parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0,
+ help="verbose mode - cumulative")
parser.add_option("-D", "--debug",
action="store_true", dest="debug", default=False,
help="Debug (xml-rpc) protocol messages")
- parser.add_option("-p", "--protocol",
- dest="protocol", default="xmlrpc",
+ parser.add_option("-p", "--protocol", dest="protocol", default="xmlrpc",
help="RPC protocol (xmlrpc or soap)")
parser.add_option("-k", "--hashrequest",
action="store_true", dest="hashrequest", default=False,
except:
self.logger.critical("Failed to read configuration file %s"%config_file)
self.logger.info("Make sure to remove the export clauses and to add quotes")
- if not self.options.verbose:
+ if self.options.verbose==0:
self.logger.info("Re-run with -v for more details")
else:
self.logger.log_exc("Could not read config file %s"%config_file)
self.key_file = key_file
self.cert_file = cert_file
self.cert = Certificate(filename=cert_file)
- # instruct xmlrpcprotocol to redirect logs to console_logger
- self.options.client=True
# Establish connection to server(s)
self.logger.info("Contacting Registry at: %s"%reg_url)
self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options)
(options, args) = parser.parse_args()
self.options = options
- if self.options.verbose: self.logger.setLevel(logging.DEBUG)
+ self.logger.setLevelFromOptVerbose(self.options.verbose)
if options.hashrequest:
self.hashrequest = True
return
if __name__ == "__main__":
- Sfi().main()
+ Sfi().main()
self.hrn = self.config.SFA_INTERFACE_HRN
self.time_format = "%Y-%m-%d %H:%M:%S"
- self.logger=sfa_logger
+ self.logger=sfa_logger()
def getPLCShell(self):
self.plauth = {'Username': self.config.SFA_PLC_USER,
self.hrn = self.config.SFA_INTERFACE_HRN
self.time_format = "%Y-%m-%d %H:%M:%S"
- self.logger=sfa_logger
+ self.logger=sfa_logger()
def getPLCShell(self):
self.plauth = {'Username': self.config.SFA_PLC_USER,
import getopt
import sys
import tempfile
-import logging
from sfa.util.record import *
from sfa.util.table import SfaTable
interface_hrn = config.SFA_INTERFACE_HRN
keys_filename = config.config_path + os.sep + 'person_keys.py'
sfaImporter = sfaImport()
- if config.SFA_API_DEBUG: sfaImporter.logger.setLevel(logging.DEBUG)
+ if config.SFA_API_DEBUG: sfaImporter.logger.setLevelDebug()
shell = sfaImporter.shell
plc_auth = sfaImporter.plc_auth
table = SfaTable()
from sfa.trust.hierarchy import *
from sfa.util.record import *
from sfa.util.table import SfaTable
-from sfa.util.sfalogging import sfa_import_logger
+from sfa.util.sfalogging import sfa_logger_goes_to_import,sfa_logger
def process_options():
def main():
process_options()
-
- sfa_import_logger.info("Purging SFA records from database")
+ sfa_logger_goes_to_import()
+ sfa_logger().info("Purging SFA records from database")
table = SfaTable()
table.sfa_records_purge()
import sys
import tempfile
-from sfa.util.sfalogging import sfa_import_logger
+from sfa.util.sfalogging import sfa_logger_goes_to_import,sfa_logger
+
from sfa.util.record import *
from sfa.util.table import SfaTable
from sfa.util.namespace import *
class sfaImport:
def __init__(self):
- self.logger = sfa_import_logger
- self.AuthHierarchy = Hierarchy()
- self.config = Config()
- self.TrustedRoots = TrustedRootList(Config.get_trustedroots_dir(self.config))
- self.plc_auth = self.config.get_plc_auth()
- self.root_auth = self.config.SFA_REGISTRY_ROOT_AUTH
+ sfa_logger_goes_to_import()
+ self.logger = sfa_logger()
+ self.AuthHierarchy = Hierarchy()
+ self.config = Config()
+ self.TrustedRoots = TrustedRootList(Config.get_trustedroots_dir(self.config))
+ self.plc_auth = self.config.get_plc_auth()
+ self.root_auth = self.config.SFA_REGISTRY_ROOT_AUTH
- # connect to planetlab
- self.shell = None
- if "Url" in self.plc_auth:
- from sfa.plc.remoteshell import RemoteShell
- self.shell = RemoteShell(self.logger)
- else:
- import PLC.Shell
- self.shell = PLC.Shell.Shell(globals = globals())
+ # connect to planetlab
+ self.shell = None
+ if "Url" in self.plc_auth:
+ from sfa.plc.remoteshell import RemoteShell
+ self.shell = RemoteShell(self.logger)
+ else:
+ import PLC.Shell
+ self.shell = PLC.Shell.Shell(globals = globals())
def create_top_level_auth_records(self, hrn):
### $URL$
-from sfa.util.server import SfaServer
from sfa.util.faults import *
+from sfa.util.server import SfaServer
from sfa.util.namespace import hrn_to_urn
from sfa.server.interface import Interfaces
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
# @param key_file private key filename of registry
# @param cert_file certificate filename containing public key (could be a GID file)
def __init__(self, ip, port, key_file, cert_file):
- SfaServer.__init__(self, ip, port, key_file, cert_file)
- self.server.interface = 'aggregate'
+ SfaServer.__init__(self, ip, port, key_file, cert_file,'aggregate')
##
# Aggregates is a dictionary of aggregate connections keyed on the aggregate hrn
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- sfa_logger.log_exc('%r'%err)
+ sfa_logger().log_exc('%r'%err)
return apache.HTTP_INTERNAL_SERVER_ERROR
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- sfa_logger.log_exc('%r'%err)
+ sfa_logger().log_exc('%r'%err)
return apache.HTTP_INTERNAL_SERVER_ERROR
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- sfa_logger.log_exc('%r'%err)
+ sfa_logger().log_exc('%r'%err)
return apache.HTTP_INTERNAL_SERVER_ERROR
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- sfa_logger.log_exc("%r"%e)
+ sfa_logger().log_exc("%r"%e)
return apache.HTTP_INTERNAL_SERVER_ERROR
# @param cert_file certificate filename containing public key (could be a GID file)
def __init__(self, ip, port, key_file, cert_file):
- SfaServer.__init__(self, ip, port, key_file, cert_file)
- self.server.interface = 'registry'
-
+ SfaServer.__init__(self, ip, port, key_file, cert_file,'registry')
##
# Registries is a dictionary of registry connections keyed on the registry
import os, os.path
import sys
from optparse import OptionParser
-import logging
from sfa.util.sfalogging import sfa_logger
from sfa.trust.trustedroot import TrustedRootList
if not os.path.exists(key_file):
# if it doesnt exist then this is probably a fresh interface
# with no records. Generate a random keypair for now
- sfa_logger.debug("server's public key not found in %s" % key_file)
- sfa_logger.debug("generating a random server key pair")
+ sfa_logger().debug("server's public key not found in %s" % key_file)
+ sfa_logger().debug("generating a random server key pair")
key = Keypair(create=True)
key.save_to_file(server_key_file)
cert = Certificate(subject=subject)
help="run aggregate manager", default=False)
parser.add_option("-c", "--component", dest="cm", action="store_true",
help="run component server", default=False)
- parser.add_option("-v", "--verbose", dest="verbose", action="store_true",
- help="verbose mode", default=False)
+ parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0,
+ help="verbose mode - cumulative")
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
help="Run as daemon.", default=False)
(options, args) = parser.parse_args()
- if options.verbose: sfa_logger.setLevel(logging.DEBUG)
+ sfa_logger().setLevelFromOptVerbose(options.verbose)
config = Config()
- if config.SFA_API_DEBUG: sfa_logger.setLevel(logging.DEBUG)
+ if config.SFA_API_DEBUG: sfa_logger().setLevelDebug()
hierarchy = Hierarchy()
server_key_file = os.path.join(hierarchy.basedir, "server.key")
server_cert_file = os.path.join(hierarchy.basedir, "server.cert")
try:
main()
except:
- sfa_logger.log_exc_critical("SFA server is exiting")
+ sfa_logger().log_exc_critical("SFA server is exiting")
# @param cert_file certificate filename containing public key (could be a GID file)
def __init__(self, ip, port, key_file, cert_file, config = "/etc/sfa/sfa_config"):
- SfaServer.__init__(self, ip, port, key_file, cert_file)
- self.server.interface = 'slicemgr'
+ SfaServer.__init__(self, ip, port, key_file, cert_file,'slicemgr')
try:
k.load_pubkey_from_file(ssl_fn)
except:
- sfa_logger.log_exc("convert_public_key caught exception")
+ sfa_logger().log_exc("convert_public_key caught exception")
k = None
# remove the temporary files
# Sign the certificate using the issuer private key and issuer subject previous set with set_issuer().
def sign(self):
+ sfa_logger().debug('certificate.sign')
assert self.cert != None
assert self.issuerSubject != None
assert self.issuerKey != None
# @param cert certificate object
def is_signed_by_cert(self, cert):
+ print 'is_signed_by_cert'
k = cert.get_pubkey()
result = self.verify(k)
return result
# verify expiration time
if self.cert.has_expired():
+ sfa_logger().debug("verify_chain: our certificate has expired")
raise CertExpired(self.get_subject(), "client cert")
# if this cert is signed by a trusted_cert, then we are set
for trusted_cert in trusted_certs:
if self.is_signed_by_cert(trusted_cert):
- sfa_logger.debug("Cert %s signed by trusted cert %s", self.get_subject(), trusted_cert.get_subject())
+ sfa_logger().debug("verify_chain: cert %s signed by trusted cert %s"%(
+ self.get_subject(), trusted_cert.get_subject()))
# verify expiration of trusted_cert ?
if not trusted_cert.cert.has_expired():
return trusted_cert
else:
- sfa_logger.debug("Trusted cert %s is expired", trusted_cert.get_subject())
+ sfa_logger().debug("verify_chain: cert %s is signed by trusted_cert %s, but this is expired..."%(
+ self.get_subject(),trusted_cert.get_subject()))
# if there is no parent, then no way to verify the chain
if not self.parent:
- sfa_logger.debug("%r has no parent"%self.get_subject())
+ sfa_logger().debug("verify_chain: %r has no parent"%self.get_subject())
raise CertMissingParent(self.get_subject())
# if it wasn't signed by the parent...
if not self.is_signed_by_cert(self.parent):
- sfa_logger.debug("%r is not signed by parent"%self.get_subject())
+ sfa_logger().debug("verify_chain: %r is not signed by parent"%self.get_subject())
return CertNotSignedByParent(self.get_subject())
# if the parent isn't verified...
+ sfa_logger().debug("verify_chain: with subject=%r, referring to parent, subj=%r",self.get_subject(),self.parent.get_subject())
self.parent.verify_chain(trusted_certs)
return
trusted_cert_objects.append(GID(filename=f))
ok_trusted_certs.append(f)
except Exception, exc:
- sfa_logger.error("Failed to load trusted cert from %s: %r", f, exc)
+ sfa_logger().error("Failed to load trusted cert from %s: %r", f, exc)
trusted_certs = ok_trusted_certs
# Use legacy verification if this is a legacy credential
# Maybe should be (hrn, type) = urn_to_hrn(root_cred_signer.get_urn())
root_cred_signer_type = root_cred_signer.get_type()
if (root_cred_signer_type == 'authority'):
- #sfa_logger.debug('Cred signer is an authority')
+ #sfa_logger().debug('Cred signer is an authority')
# signer is an authority, see if target is in authority's domain
hrn = root_cred_signer.get_hrn()
if root_target_gid.get_hrn().startswith(hrn):
Certificate.__init__(self, create, subject, string, filename)
if subject:
- sfa_logger.debug("Creating GID for subject: %s" % subject)
+ sfa_logger().debug("Creating GID for subject: %s" % subject)
if uuid:
self.uuid = int(uuid)
if hrn:
def create_auth(self, xrn, create_parents=False):
hrn, type = urn_to_hrn(xrn)
- sfa_logger.debug("Hierarchy: creating authority: " + hrn)
+ sfa_logger().debug("Hierarchy: creating authority: " + hrn)
# create the parent authority if necessary
parent_hrn = get_authority(hrn)
pass
if os.path.exists(privkey_filename):
- sfa_logger.debug("using existing key %r for authority %r"%(privkey_filename,hrn))
+ sfa_logger().debug("using existing key %r for authority %r"%(privkey_filename,hrn))
pkey = Keypair(filename = privkey_filename)
else:
pkey = Keypair(create = True)
def get_auth_info(self, xrn):
hrn, type = urn_to_hrn(xrn)
- sfa_logger.debug("Hierarchy: xrn=%s, getting authority for hrn=%s"%(xrn,hrn))
+ sfa_logger().debug("Hierarchy: xrn=%s, getting authority for hrn=%s"%(xrn,hrn))
if not self.auth_exists(hrn):
raise MissingAuthority(hrn)
if not params:
if self.debug:
- sfa_logger.debug('execute0 %r'%query)
+ sfa_logger().debug('execute0 %r'%query)
cursor.execute(query)
elif isinstance(params,dict):
if self.debug:
- sfa_logger.debug('execute-dict: params=[%r] query=[%r]'%(params,query%params))
+ sfa_logger().debug('execute-dict: params=[%r] query=[%r]'%(params,query%params))
cursor.execute(query,params)
elif isinstance(params,tuple) and len(params)==1:
if self.debug:
- sfa_logger.debug('execute-tuple %r'%(query%params[0]))
+ sfa_logger().debug('execute-tuple %r'%(query%params[0]))
cursor.execute(query,params[0])
else:
param_seq=(params,)
if self.debug:
for params in param_seq:
- sfa_logger.debug('executemany %r'%(query%params))
+ sfa_logger().debug('executemany %r'%(query%params))
cursor.executemany(query, param_seq)
(self.rowcount, self.description, self.lastrowid) = \
(cursor.rowcount, cursor.description, cursor.lastrowid)
except:
pass
uuid = commands.getoutput("uuidgen")
- sfa_logger.error("Database error %s:" % uuid)
- sfa_logger.error("Exception=%r"%e)
- sfa_logger.error("Query=%r"%query)
- sfa_logger.error("Params=%r"%pformat(params))
- sfa_logger.log_exc("PostgreSQL.execute caught exception")
+ sfa_logger().error("Database error %s:" % uuid)
+ sfa_logger().error("Exception=%r"%e)
+ sfa_logger().error("Query=%r"%query)
+ sfa_logger().error("Params=%r"%pformat(params))
+ sfa_logger().log_exc("PostgreSQL.execute caught exception")
raise SfaDBError("Please contact support: %s" % str(e))
return cursor
except SfaFault, fault:
result = fault
except Exception, fault:
- sfa_logger.log_exc("BaseAPI.handle has caught Exception")
+ sfa_logger().log_exc("BaseAPI.handle has caught Exception")
result = SfaAPIError(fault)
# internal error, report as HTTP server error
self.send_response(500)
self.end_headers()
- sfa_logger.log_exc("componentserver.SecureXMLRpcRequestHandler.do_POST")
+ sfa_logger().log_exc("componentserver.SecureXMLRpcRequestHandler.do_POST")
else:
# got a valid XML RPC response
self.send_response(200)
if self.api.config.SFA_API_DEBUG or hasattr(self, 'message'):
msg=getattr(self,'message',"method %s completed in %02f s"%(methodname,runtime))
- sfa_logger.info(msg)
+ sfa_logger().debug(msg)
return result
# Prepend caller and method name to expected faults
fault.faultString = caller + ": " + self.name + ": " + fault.faultString
runtime = time.time() - start
- sfa_logger.log_exc("Method %s raised an exception"%self.name)
+ sfa_logger().log_exc("Method %s raised an exception"%self.name)
raise fault
except Exception, e:
# logging.debug("%s: web file not found" % xsdURI)
# logging.debug("Using local file %s" % self.xsd")
- sfa_logger.log_exc("rspec.parseXSD: can't find %s on the web. Continuing." % xsdURI)
+ sfa_logger().log_exc("rspec.parseXSD: can't find %s on the web. Continuing." % xsdURI)
if not schemaDom:
if os.path.exists(xsdURI):
# logging.debug("using local copy.")
- sfa_logger.debug("rspec.parseXSD: Using local %s" % xsdURI)
+ sfa_logger().debug("rspec.parseXSD: Using local %s" % xsdURI)
schemaDom = minidom.parse(xsdURI)
else:
raise Exception("rspec.parseXSD: can't find xsd locally")
from sfa.util.faults import *
from sfa.plc.api import SfaAPI
from sfa.util.cache import Cache
+from sfa.util.sfalogging import sfa_logger
+
##
# Verification callback for pyOpenSSL. We do our own checking of keys because
# we have our own authentication spec. Thus we disable several of the normal
It it very similar to SimpleXMLRPCServer but it uses HTTPS for transporting XML data.
"""
+ sfa_logger().debug("SecureXMLRPCServer.__init__, server_address=%s, cert_file=%s"%(server_address,cert_file))
self.logRequests = logRequests
self.interface = None
self.key_file = key_file
# the client.
def _dispatch(self, method, params):
+ sfa_logger().debug("SecureXMLRPCServer._dispatch, method=%s"%method)
try:
return SimpleXMLRPCServer.SimpleXMLRPCDispatcher._dispatch(self, method, params)
except:
# @param cert_file certificate filename containing public key
# (could be a GID file)
- def __init__(self, ip, port, key_file, cert_file):
+ def __init__(self, ip, port, key_file, cert_file,interface):
threading.Thread.__init__(self)
self.key = Keypair(filename = key_file)
self.cert = Certificate(filename = cert_file)
#self.server = SecureXMLRPCServer((ip, port), SecureXMLRpcRequestHandler, key_file, cert_file)
self.server = ThreadedServer((ip, port), SecureXMLRpcRequestHandler, key_file, cert_file)
+ self.server.interface=interface
self.trusted_cert_list = None
self.register_functions()
-
+ sfa_logger().info("Starting SfaServer, interface=%s"%interface)
##
# Register functions that will be served by the XMLRPC server. This
#!/usr/bin/python
-import os
+import os, sys
import traceback
import logging, logging.handlers
+CRITICAL=logging.CRITICAL
+ERROR=logging.ERROR
+WARNING=logging.WARNING
+INFO=logging.INFO
+DEBUG=logging.DEBUG
+
# a logger that can handle tracebacks
class _SfaLogger:
def __init__ (self,logfile=None,loggername=None,level=logging.INFO):
if not logfile:
loggername='console'
handler=logging.StreamHandler()
- handler.setFormatter(logging.Formatter("%(message)s"))
+ handler.setFormatter(logging.Formatter("%(levelname)s %(message)s"))
else:
if not loggername:
loggername=os.path.basename(logfile)
self.logger=logging.getLogger(loggername)
self.logger.setLevel(level)
self.logger.addHandler(handler)
+ self.loggername=loggername
def setLevel(self,level):
self.logger.setLevel(level)
+ # shorthand to avoid having to import logging all over the place
+ def setLevelDebug(self):
+ self.logger.setLevel(logging.DEBUG)
+
+ # define a verbose option with s/t like
+ # parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0)
+ # and pass the coresponding options.verbose to this method to adjust level
+ def setLevelFromOptVerbose(self,verbose):
+ if verbose==0:
+ self.logger.setLevel(logging.WARNING)
+ elif verbose==1:
+ self.logger.setLevel(logging.INFO)
+ elif verbose==2:
+ self.logger.setLevel(logging.DEBUG)
+
####################
def wrap(fun):
def wrapped(self,msg,*args,**kwds):
self.debug("%s BEG STACK"%message+"\n"+to_log)
self.debug("%s END STACK"%message)
-sfa_logger=_SfaLogger(logfile='/var/log/sfa.log')
-sfa_import_logger=_SfaLogger(logfile='/var/log/sfa_import.log')
-console_logger=_SfaLogger()
+####################
+# import-related operations go in this file
+_import_logger=_SfaLogger(logfile='/var/log/sfa_import.log')
+# servers log into /var/log/sfa.log
+_server_logger=_SfaLogger(logfile='/var/log/sfa.log')
+# clients use the console
+_console_logger=_SfaLogger()
+
+# default is to use the server-side logger
+_the_logger=_server_logger
+
+# clients would change the default by issuing one of these call
+def sfa_logger_goes_to_console():
+ current_module=sys.modules[globals()['__name__']]
+ current_module._the_logger=_console_logger
+
+# clients would change the default by issuing one of these call
+def sfa_logger_goes_to_import():
+ current_module=sys.modules[globals()['__name__']]
+ current_module._logger=_sfa_import_logger
+
+# this is how to retrieve the 'right' logger
+def sfa_logger():
+ return _the_logger
########################################
import time
logger.setLevel(logging.DEBUG)
logger.debug("logger.debug again")
- @profile(console_logger)
+ sfa_logger_goes_to_console()
+ my_logger=sfa_logger()
+ my_logger.info("redirected to console")
+
+ @profile(my_logger)
def sleep(seconds = 1):
time.sleep(seconds)
-
- console_logger.info('console.info')
+ my_logger.info('console.info')
sleep(0.5)
- console_logger.setLevel(logging.DEBUG)
+ my_logger.setLevel(logging.DEBUG)
sleep(0.25)
+
import xmlrpclib
-from sfa.util.sfalogging import sfa_logger, console_logger
+from sfa.util.sfalogging import sfa_logger
##
# ServerException, ExceptionUnmarshaller
verbose = False
if self.options and self.options.debug:
verbose = True
- if self.options and hasattr(self.options,'client'):
- XMLRPCServerProxy.logger=console_logger
- else:
- XMLRPCServerProxy.logger=sfa_logger
xmlrpclib.ServerProxy.__init__(self, url, transport, allow_none=allow_none, verbose=verbose)
def __getattr__(self, attr):
- XMLRPCServerProxy.logger.debug("Calling xml-rpc method:%s"%attr)
+ sfa_logger().debug("Calling xml-rpc method:%s"%attr)
return xmlrpclib.ServerProxy.__getattr__(self, attr)