From fd395e1944dcd49f10a4d5b27ce4983ad389fb96 Mon Sep 17 00:00:00 2001 From: Thierry Parmentelat Date: Thu, 24 May 2018 14:02:08 +0200 Subject: [PATCH] avoid as much as possible accessing logger through class instances, whenever that looked safe however, this remains as-is in all importers, as well as sfaclientlib/manifolduploader --- sfa/client/sfi.py | 91 ++++++++++++------------- sfa/managers/slice_manager.py | 16 ++--- sfa/methods/Allocate.py | 30 ++++---- sfa/methods/CreateGid.py | 5 +- sfa/methods/Delete.py | 17 +++-- sfa/methods/Describe.py | 16 +++-- sfa/methods/GetCredential.py | 7 +- sfa/methods/GetSelfCredential.py | 15 ++-- sfa/methods/GetVersion.py | 5 +- sfa/methods/List.py | 9 +-- sfa/methods/ListResources.py | 8 ++- sfa/methods/PerformOperationalAction.py | 28 ++++---- sfa/methods/Provision.py | 29 ++++---- sfa/methods/Register.py | 5 +- sfa/methods/Remove.py | 7 +- sfa/methods/Renew.py | 26 +++---- sfa/methods/Resolve.py | 9 +-- sfa/methods/Shutdown.py | 14 ++-- sfa/methods/Status.py | 12 ++-- sfa/methods/Update.py | 7 +- sfa/methods/get_trusted_certs.py | 5 +- sfa/server/sfa-start.py | 7 +- sfa/server/xmlrpcapi.py | 10 ++- sfa/trust/certificate.py | 8 ++- 24 files changed, 210 insertions(+), 176 deletions(-) diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py index df270506..20b878ed 100644 --- a/sfa/client/sfi.py +++ b/sfa/client/sfi.py @@ -346,8 +346,7 @@ class Sfi: self.options = options self.user = None self.authority = None - self.logger = logger - self.logger.enable_console() + logger.enable_console() # various auxiliary material that we keep at hand self.command = None # need to call this other than just 'config' as we have a @@ -448,7 +447,7 @@ class Sfi: msg = "Invalid command\n" msg += "Commands: " msg += ','.join(commands_list) - self.logger.critical(msg) + logger.critical(msg) sys.exit(2) # retrieve args_string @@ -614,10 +613,10 @@ use this if you mean an authority instead""") sys.exit(1) self.options = options - self.logger.setLevelFromOptVerbose(self.options.verbose) + logger.setLevelFromOptVerbose(self.options.verbose) if len(args) <= 0: - self.logger.critical("No command given. Use -h for help.") + logger.critical("No command given. Use -h for help.") self.print_commands_help(options) return -1 @@ -646,14 +645,14 @@ use this if you mean an authority instead""") self.read_config() self.bootstrap() - self.logger.debug("Command={}".format(self.command)) + logger.debug("Command={}".format(self.command)) try: retcod = self.dispatch(command, command_options, command_args) except SystemExit: return 1 except: - self.logger.log_exc("sfi command {} failed".format(command)) + logger.log_exc("sfi command {} failed".format(command)) return 1 return retcod @@ -684,14 +683,14 @@ use this if you mean an authority instead""") config.save(config_file) except: - self.logger.critical( + logger.critical( "Failed to read configuration file {}".format(config_file)) - self.logger.info( + logger.info( "Make sure to remove the export clauses and to add quotes") if self.options.verbose == 0: - self.logger.info("Re-run with -v for more details") + logger.info("Re-run with -v for more details") else: - self.logger.log_exc( + logger.log_exc( "Could not read config file {}".format(config_file)) sys.exit(1) @@ -703,7 +702,7 @@ use this if you mean an authority instead""") elif hasattr(config, "SFI_SM"): self.sm_url = config.SFI_SM else: - self.logger.error( + logger.error( "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in {}".format(config_file)) errors += 1 @@ -713,7 +712,7 @@ use this if you mean an authority instead""") elif hasattr(config, "SFI_REGISTRY"): self.reg_url = config.SFI_REGISTRY else: - self.logger.error( + logger.error( "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in {}".format(config_file)) errors += 1 @@ -723,7 +722,7 @@ use this if you mean an authority instead""") elif hasattr(config, "SFI_USER"): self.user = config.SFI_USER else: - self.logger.error( + logger.error( "You need to set e.g. SFI_USER='plc.princeton.username' in {}".format(config_file)) errors += 1 @@ -733,7 +732,7 @@ use this if you mean an authority instead""") elif hasattr(config, "SFI_AUTH"): self.authority = config.SFI_AUTH else: - self.logger.error( + logger.error( "You need to set e.g. SFI_AUTH='plc.princeton' in {}".format(config_file)) errors += 1 @@ -757,10 +756,10 @@ use this if you mean an authority instead""") # init self-signed cert, user credentials and gid def bootstrap(self): if self.options.verbose: - self.logger.info( + logger.info( "Initializing SfaClientBootstrap with {}".format(self.reg_url)) client_bootstrap = SfaClientBootstrap(self.user, self.reg_url, self.options.sfi_dir, - logger=self.logger) + logger=logger) # if -k is provided, use this to initialize private key if self.options.user_private_key: client_bootstrap.init_private_key_if_missing( @@ -769,18 +768,18 @@ use this if you mean an authority instead""") # trigger legacy compat code if needed # the name has changed from just .pkey to .pkey if not os.path.isfile(client_bootstrap.private_key_filename()): - self.logger.info("private key not found, trying legacy name") + logger.info("private key not found, trying legacy name") try: legacy_private_key = os.path.join(self.options.sfi_dir, "{}.pkey" .format(Xrn.unescape(get_leaf(self.user)))) - self.logger.debug("legacy_private_key={}" + logger.debug("legacy_private_key={}" .format(legacy_private_key)) client_bootstrap.init_private_key_if_missing( legacy_private_key) - self.logger.info("Copied private key from legacy location {}" + logger.info("Copied private key from legacy location {}" .format(legacy_private_key)) except: - self.logger.log_exc("Can't find private key ") + logger.log_exc("Can't find private key ") sys.exit(1) # make it bootstrap @@ -796,7 +795,7 @@ use this if you mean an authority instead""") def my_authority_credential_string(self): if not self.authority: - self.logger.critical( + logger.critical( "no authority specified. Use -a or set SF_AUTH") sys.exit(-1) return self.client_bootstrap.authority_credential_string(self.authority) @@ -821,7 +820,7 @@ use this if you mean an authority instead""") object_hrn = object_gid.get_hrn() if not object_cred.get_privileges().get_all_delegate(): - self.logger.error("Object credential {} does not have delegate bit set" + logger.error("Object credential {} does not have delegate bit set" .format(object_hrn)) return @@ -842,7 +841,7 @@ use this if you mean an authority instead""") def registry(self): # cache the result if not hasattr(self, 'registry_proxy'): - self.logger.info("Contacting Registry at: {}".format(self.reg_url)) + logger.info("Contacting Registry at: {}".format(self.reg_url)) self.registry_proxy \ = SfaServerProxy(self.reg_url, self.private_key, self.my_gid, timeout=self.options.timeout, verbose=self.options.debug) @@ -859,7 +858,7 @@ use this if you mean an authority instead""") records = self.registry().Resolve(node_hrn, self.my_credential_string) records = filter_records('node', records) if not records: - self.logger.warning( + logger.warning( "No such component:{}".format(opts.component)) record = records[0] cm_url = "http://{}:{}/".format(record['hostname'], CM_PORT) @@ -870,7 +869,7 @@ use this if you mean an authority instead""") # the config if not self.sm_url.startswith('http://') or self.sm_url.startswith('https://'): self.sm_url = 'http://' + self.sm_url - self.logger.info( + logger.info( "Contacting Slice Manager at: {}".format(self.sm_url)) self.sliceapi_proxy \ = SfaServerProxy(self.sm_url, self.private_key, self.my_gid, @@ -887,7 +886,7 @@ use this if you mean an authority instead""") cache = Cache(cache_file) except IOError: cache = Cache() - self.logger.info("Local cache not found at: {}".format(cache_file)) + logger.info("Local cache not found at: {}".format(cache_file)) if cache: version = cache.get(cache_key) @@ -897,7 +896,7 @@ use this if you mean an authority instead""") version = ReturnValue.get_value(result) # cache version for 20 minutes cache.add(cache_key, version, ttl=60 * 20) - self.logger.info("Updating cache file {}".format(cache_file)) + logger.info("Updating cache file {}".format(cache_file)) cache.save_to_file(cache_file) return version @@ -954,7 +953,7 @@ use this if you mean an authority instead""") if (os.path.isfile(file)): return file else: - self.logger.critical("No such rspec file {}".format(rspec)) + logger.critical("No such rspec file {}".format(rspec)) sys.exit(1) def get_record_file(self, record): @@ -965,7 +964,7 @@ use this if you mean an authority instead""") if (os.path.isfile(file)): return file else: - self.logger.critical( + logger.critical( "No such registry record file {}".format(record)) sys.exit(1) @@ -1099,7 +1098,7 @@ use this if you mean an authority instead""") hrn, self.my_credential_string, resolve_options) record_dicts = filter_records(options.type, record_dicts) if not record_dicts: - self.logger.error("No record of type {}".format(options.type)) + logger.error("No record of type {}".format(options.type)) return # user has required to focus on some keys if options.keys: @@ -1692,7 +1691,7 @@ use this if you mean an authority instead""") else: filename = os.sep.join( [self.options.sfi_dir, '{}.gid'.format(target_hrn)]) - self.logger.info("writing {} gid to {}".format(target_hrn, filename)) + logger.info("writing {} gid to {}".format(target_hrn, filename)) GID(string=gid).save_to_file(filename) # xxx should analyze result return 0 @@ -1759,7 +1758,7 @@ use this if you mean an authority instead""") filename = os.path.join(self.options.sfi_dir, "{}_for_{}.{}.cred".format(message, to_hrn, to_type)) delegated_credential.save_to_file(filename, save_parents=True) - self.logger.info("delegated credential for {} to {} and wrote to {}" + logger.info("delegated credential for {} to {} and wrote to {}" .format(message, to_hrn, filename)) #################### @@ -1802,7 +1801,7 @@ $ sfi m -b http://mymanifold.foo.com:7080/ self.print_help() sys.exit(1) # enable info by default - self.logger.setLevelFromOptVerbose(self.options.verbose + 1) + logger.setLevelFromOptVerbose(self.options.verbose + 1) # the rough sketch goes like this # (0) produce a p12 file self.client_bootstrap.my_pkcs12() @@ -1828,36 +1827,36 @@ $ sfi m -b http://mymanifold.foo.com:7080/ sys.exit(1) # (b) figure whether we are PI for the authority where we belong - self.logger.info("Resolving our own id {}".format(self.user)) + logger.info("Resolving our own id {}".format(self.user)) my_records = self.registry().Resolve(self.user, self.my_credential_string) if len(my_records) != 1: print("Cannot Resolve {} -- exiting".format(self.user)) sys.exit(1) my_record = my_records[0] my_auths_all = my_record['reg-pi-authorities'] - self.logger.info( + logger.info( "Found {} authorities that we are PI for".format(len(my_auths_all))) - self.logger.debug("They are {}".format(my_auths_all)) + logger.debug("They are {}".format(my_auths_all)) my_auths = my_auths_all if options.delegate_auths: my_auths = list(set(my_auths_all).intersection( set(options.delegate_auths))) - self.logger.debug( + logger.debug( "Restricted to user-provided auths {}".format(my_auths)) # (c) get the set of slices that we are in my_slices_all = my_record['reg-slices'] - self.logger.info( + logger.info( "Found {} slices that we are member of".format(len(my_slices_all))) - self.logger.debug("They are: {}".format(my_slices_all)) + logger.debug("They are: {}".format(my_slices_all)) my_slices = my_slices_all # if user provided slices, deal only with these - if they are found if options.delegate_slices: my_slices = list(set(my_slices_all).intersection( set(options.delegate_slices))) - self.logger.debug( + logger.debug( "Restricted to user-provided slices: {}".format(my_slices)) # (d) make sure we have *valid* credentials for all these @@ -1889,16 +1888,16 @@ $ sfi m -b http://mymanifold.foo.com:7080/ .format(hrn, htype, delegatee_hrn, delegatee_type)) with open(filename, 'w') as f: f.write(delegated_credential) - self.logger.debug("(Over)wrote {}".format(filename)) + logger.debug("(Over)wrote {}".format(filename)) hrn_delegated_credentials.append( (hrn, htype, delegated_credential, filename, )) # (f) and finally upload them to manifold server # xxx todo add an option so the password can be set on the command line # (but *NOT* in the config file) so other apps can leverage this - self.logger.info("Uploading on backend at {}".format( + logger.info("Uploading on backend at {}".format( myslice_dict['backend'])) - uploader = ManifoldUploader(logger=self.logger, + uploader = ManifoldUploader(logger=logger, url=myslice_dict['backend'], platform=myslice_dict['platform'], username=myslice_dict['username'], @@ -1913,7 +1912,7 @@ $ sfi m -b http://mymanifold.foo.com:7080/ if uploader.upload(delegated_credential, message=message): count_success += 1 count_all += 1 - self.logger.info("Successfully uploaded {}/{} credentials" + logger.info("Successfully uploaded {}/{} credentials" .format(count_success, count_all)) # at first I thought we would want to save these, @@ -1944,7 +1943,7 @@ $ sfi m -b http://mymanifold.foo.com:7080/ gid = GID(string=trusted_cert) gid.dump() cert = Certificate(string=trusted_cert) - self.logger.debug('Sfi.trusted -> {}'.format(cert.get_subject())) + logger.debug('Sfi.trusted -> {}'.format(cert.get_subject())) print("Certificate:\n{}\n\n".format(trusted_cert)) # xxx should analyze result return 0 diff --git a/sfa/managers/slice_manager.py b/sfa/managers/slice_manager.py index 92f414cf..a6af10b3 100644 --- a/sfa/managers/slice_manager.py +++ b/sfa/managers/slice_manager.py @@ -132,7 +132,7 @@ class SliceManager: return {"aggregate": aggregate, "result": result, "elapsed": time.time() - tStart, "status": "success"} except Exception as e: - api.logger.log_exc("ListResources failed at %s" % (server.url)) + logger.log_exc("ListResources failed at %s" % (server.url)) return {"aggregate": aggregate, "elapsed": time.time() - tStart, "status": "exception", "exc_info": sys.exc_info()} @@ -152,7 +152,7 @@ class SliceManager: if not xrn and self.cache and cached_requested: rspec = self.cache.get(version_string) if rspec: - api.logger.debug( + logger.debug( "SliceManager.ListResources returns cached advertisement") return rspec @@ -195,12 +195,12 @@ class SliceManager: try: rspec.version.merge(ReturnValue.get_value(res)) except Exception: - api.logger.log_exc( + logger.log_exc( "SM.ListResources: Failed to merge aggregate rspec") # cache the result if self.cache and not xrn: - api.logger.debug("SliceManager.ListResources caches advertisement") + logger.debug("SliceManager.ListResources caches advertisement") self.cache.add(version_string, rspec.toxml()) return rspec.toxml() @@ -286,7 +286,7 @@ class SliceManager: ReturnValue.get_value(res['geni_rspec'])) geni_slivers.extend(res['geni_slivers']) except Exception: - api.logger.log_exc( + logger.log_exc( "SM.Allocate: Failed to merge aggregate rspec") return { 'geni_urn': geni_urn, @@ -355,7 +355,7 @@ class SliceManager: ReturnValue.get_value(res['geni_rspec'])) geni_slivers.extend(res['geni_slivers']) except: - api.logger.log_exc( + logger.log_exc( "SM.Provision: Failed to merge aggregate rspec") return { 'geni_urn': geni_urn, @@ -487,7 +487,7 @@ class SliceManager: geni_urn = result['geni_urn'] geni_slivers.extend(result['geni_slivers']) except Exception: - api.logger.log_exc( + logger.log_exc( "SM.Provision: Failed to merge aggregate rspec") return { 'geni_urn': geni_urn, @@ -536,7 +536,7 @@ class SliceManager: ReturnValue.get_value(result['geni_rspec'])) geni_slivers.extend(result['geni_slivers']) except Exception: - api.logger.log_exc( + logger.log_exc( "SM.Provision: Failed to merge aggregate rspec") return { 'geni_urn': geni_urn, diff --git a/sfa/methods/Allocate.py b/sfa/methods/Allocate.py index c2ecfc55..cd3d889d 100644 --- a/sfa/methods/Allocate.py +++ b/sfa/methods/Allocate.py @@ -11,14 +11,14 @@ from sfa.util.sfalogging import logger class Allocate(Method): """ - Allocate resources as described in a request RSpec argument - to a slice with the named URN. On success, one or more slivers - are allocated, containing resources satisfying the request, and - assigned to the given slice. This method returns a listing and - description of the resources reserved for the slice by this - operation, in the form of a manifest RSpec. Allocated slivers - are held for an aggregate-determined period. Clients must Renew - or Provision slivers before the expiration time (given in the + Allocate resources as described in a request RSpec argument + to a slice with the named URN. On success, one or more slivers + are allocated, containing resources satisfying the request, and + assigned to the given slice. This method returns a listing and + description of the resources reserved for the slice by this + operation, in the form of a manifest RSpec. Allocated slivers + are held for an aggregate-determined period. Clients must Renew + or Provision slivers before the expiration time (given in the return struct), or the aggregate will automatically Delete them. @param slice_urn (string) URN of slice to allocate to @@ -31,12 +31,12 @@ class Allocate(Method): This option can take 3 values (*) options['pltags'] == 'ignore' (default) - This is the recommended mode; in this mode all slice tags passed - here are ignore, which correspond to the XML tags in + This is the recommended mode; in this mode all slice tags passed + here are ignore, which correspond to the XML tags in the areas of incoming rspec to Allocate. In other words you are guaranteed to leave slice tags alone. (*) options['pltags'] == 'append' - All incoming slice tags are added to corresponding slivers, + All incoming slice tags are added to corresponding slivers, unless an exact match can be found in the PLC db (*) options['pltags'] == 'sync' The historical mode, that attempts to leave the PLC db in a state @@ -66,7 +66,7 @@ class Allocate(Method): # the slivers should expire. expiration = datetime_to_string(the_credential.expiration) - self.api.logger.debug( + logger.debug( "Allocate, received expiration from credential: %s" % expiration) # turned off, as passing an empty rspec is indeed useful for cleaning up the slice @@ -80,10 +80,10 @@ class Allocate(Method): chain_name = 'INCOMING' elif self.api.interface in ['slicemgr']: chain_name = 'FORWARD-INCOMING' - self.api.logger.debug("Allocate: sfatables on chain %s" % chain_name) + logger.debug("Allocate: sfatables on chain %s" % chain_name) actual_caller_hrn = the_credential.actual_caller_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, actual_caller_hrn, xrn.get_hrn(), self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, actual_caller_hrn, xrn.get_hrn(), self.name)) rspec = run_sfatables(chain_name, xrn.get_hrn(), actual_caller_hrn, rspec) # turned off, as passing an empty rspec is indeed useful for cleaning up the slice diff --git a/sfa/methods/CreateGid.py b/sfa/methods/CreateGid.py index ab0c6bf1..fe5aacb8 100644 --- a/sfa/methods/CreateGid.py +++ b/sfa/methods/CreateGid.py @@ -1,6 +1,7 @@ from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.storage.parameter import Parameter, Mixed from sfa.trust.credential import Credential @@ -41,7 +42,7 @@ class CreateGid(Method): # log the call origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, xrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, xrn, self.name)) return self.api.manager.CreateGid(self.api, xrn, cert) diff --git a/sfa/methods/Delete.py b/sfa/methods/Delete.py index 92042562..74442ce4 100644 --- a/sfa/methods/Delete.py +++ b/sfa/methods/Delete.py @@ -1,5 +1,7 @@ from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger + from sfa.storage.parameter import Parameter, Mixed from sfa.trust.auth import Auth from sfa.trust.credential import Credential @@ -7,11 +9,11 @@ from sfa.trust.credential import Credential class Delete(Method): """ - Remove the slice or slivers and free the allocated resources + Remove the slice or slivers and free the allocated resources @param xrns human readable name of slice to instantiate (hrn or urn) @param creds credential string specifying the rights of the caller - @return 1 is successful, faults otherwise + @return 1 is successful, faults otherwise """ interfaces = ['aggregate', 'slicemgr', 'component'] @@ -26,13 +28,14 @@ class Delete(Method): returns = Parameter(int, "1 if successful") def call(self, xrns, creds, options): - valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'deletesliver', xrns, - check_sliver_callback=self.api.driver.check_sliver_credentials, - options=options) + valid_creds = self.api.auth.checkCredentialsSpeaksFor( + creds, 'deletesliver', xrns, + check_sliver_callback=self.api.driver.check_sliver_credentials, + options=options) # log the call origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, xrns, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, xrns, self.name)) return self.api.manager.Delete(self.api, xrns, creds, options) diff --git a/sfa/methods/Describe.py b/sfa/methods/Describe.py index 6930f1eb..b04b3a6e 100644 --- a/sfa/methods/Describe.py +++ b/sfa/methods/Describe.py @@ -4,6 +4,8 @@ from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method from sfa.util.sfatablesRuntime import run_sfatables from sfa.util.faults import SfaInvalidArgument +from sfa.util.sfalogging import logger + from sfa.trust.credential import Credential from sfa.storage.parameter import Parameter, Mixed @@ -11,10 +13,10 @@ from sfa.storage.parameter import Parameter, Mixed class Describe(Method): """ - Retrieve a manifest RSpec describing the resources contained by the - named entities, e.g. a single slice or a set of the slivers in a - slice. This listing and description should be sufficiently - descriptive to allow experimenters to use the resources. + Retrieve a manifest RSpec describing the resources contained by the + named entities, e.g. a single slice or a set of the slivers in a + slice. This listing and description should be sufficiently + descriptive to allow experimenters to use the resources. @param credential list @param options dictionary @return dict @@ -29,8 +31,8 @@ class Describe(Method): returns = Parameter(str, "List of resources") def call(self, urns, creds, options): - self.api.logger.info("interface: %s\tmethod-name: %s" % - (self.api.interface, self.name)) + logger.info("interface: %s\tmethod-name: %s" % + (self.api.interface, self.name)) # client must specify a version if not options.get('geni_rspec_version'): @@ -56,7 +58,7 @@ class Describe(Method): chain_name = 'OUTGOING' elif self.api.interface in ['slicemgr']: chain_name = 'FORWARD-OUTGOING' - self.api.logger.debug( + logger.debug( "ListResources: sfatables on chain %s" % chain_name) desc['geni_rspec'] = run_sfatables( chain_name, '', origin_hrn, desc['geni_rspec']) diff --git a/sfa/methods/GetCredential.py b/sfa/methods/GetCredential.py index f7bc721a..9e83f45a 100644 --- a/sfa/methods/GetCredential.py +++ b/sfa/methods/GetCredential.py @@ -1,5 +1,6 @@ from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -15,7 +16,7 @@ class GetCredential(Method): @param cred credential object specifying rights of the caller @param type type of object (user | slice | node | authority ) - @return the string representation of a credential object + @return the string representation of a credential object """ interfaces = ['registry'] @@ -44,7 +45,7 @@ class GetCredential(Method): # log the call origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, hrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, hrn, self.name)) return self.api.manager.GetCredential(self.api, xrn, type, self.api.auth.client_gid.get_urn()) diff --git a/sfa/methods/GetSelfCredential.py b/sfa/methods/GetSelfCredential.py index 385d501f..a528cb14 100644 --- a/sfa/methods/GetSelfCredential.py +++ b/sfa/methods/GetSelfCredential.py @@ -1,6 +1,7 @@ from sfa.util.faults import RecordNotFound, ConnectionKeyGIDMismatch from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.certificate import Certificate @@ -10,11 +11,11 @@ from sfa.storage.parameter import Parameter, Mixed class GetSelfCredential(Method): """ Retrive a credential for an object - @param cert certificate string + @param cert certificate string @param type type of object (user | slice | sa | ma | node) @param hrn human readable name of object (hrn or urn) - @return the string representation of a credential object + @return the string representation of a credential object """ interfaces = ['registry'] @@ -51,8 +52,8 @@ class GetSelfCredential(Method): self.api.auth.verify_object_belongs_to_me(hrn) origin_hrn = Certificate(string=cert).get_subject() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, hrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, hrn, self.name)) # authenticate the gid # import here so we can load this module at build-time for sfa2wsdl @@ -78,12 +79,12 @@ class GetSelfCredential(Method): certificate = Certificate(string=cert) if not certificate.is_pubkey(gid.get_pubkey()): for (obj, name) in [(certificate, "CERT"), (gid, "GID"), ]: - self.api.logger.debug("ConnectionKeyGIDMismatch, %s pubkey: %s" % ( + logger.debug("ConnectionKeyGIDMismatch, %s pubkey: %s" % ( name, obj.get_pubkey().get_pubkey_string())) - self.api.logger.debug( + logger.debug( "ConnectionKeyGIDMismatch, %s dump: %s" % (name, obj.dump_string())) if hasattr(obj, 'filename'): - self.api.logger.debug( + logger.debug( "ConnectionKeyGIDMismatch, %s filename: %s" % (name, obj.filename)) raise ConnectionKeyGIDMismatch(gid.get_subject()) diff --git a/sfa/methods/GetVersion.py b/sfa/methods/GetVersion.py index 4bbc86d8..01136ccf 100644 --- a/sfa/methods/GetVersion.py +++ b/sfa/methods/GetVersion.py @@ -1,4 +1,5 @@ from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.storage.parameter import Parameter @@ -18,6 +19,6 @@ class GetVersion(Method): def call(self, options=None): if options is None: options = {} - self.api.logger.info("interface: %s\tmethod-name: %s" % - (self.api.interface, self.name)) + logger.info("interface: %s\tmethod-name: %s" % + (self.api.interface, self.name)) return self.api.manager.GetVersion(self.api, options) diff --git a/sfa/methods/List.py b/sfa/methods/List.py index 54b74082..b4872856 100644 --- a/sfa/methods/List.py +++ b/sfa/methods/List.py @@ -1,6 +1,7 @@ from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -9,11 +10,11 @@ from sfa.storage.parameter import Parameter, Mixed class List(Method): """ - List the records in an authority. + List the records in an authority. @param cred credential string specifying the rights of the caller @param hrn human readable name of authority to list (hrn or urn) - @return list of record dictionaries + @return list of record dictionaries """ interfaces = ['registry'] @@ -35,7 +36,7 @@ class List(Method): # log the call origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, hrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, hrn, self.name)) return self.api.manager.List(self.api, xrn, options=options) diff --git a/sfa/methods/ListResources.py b/sfa/methods/ListResources.py index e2ec988b..2ae119a7 100644 --- a/sfa/methods/ListResources.py +++ b/sfa/methods/ListResources.py @@ -3,6 +3,8 @@ import zlib from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method from sfa.util.sfatablesRuntime import run_sfatables +from sfa.util.sfalogging import logger + from sfa.util.faults import SfaInvalidArgument from sfa.trust.credential import Credential @@ -25,8 +27,8 @@ class ListResources(Method): returns = Parameter(str, "List of resources") def call(self, creds, options): - self.api.logger.info("interface: %s\tmethod-name: %s" % - (self.api.interface, self.name)) + logger.info("interface: %s\tmethod-name: %s" % + (self.api.interface, self.name)) # client must specify a version if not options.get('geni_rspec_version'): @@ -52,7 +54,7 @@ class ListResources(Method): chain_name = 'OUTGOING' elif self.api.interface in ['slicemgr']: chain_name = 'FORWARD-OUTGOING' - self.api.logger.debug( + logger.debug( "ListResources: sfatables on chain %s" % chain_name) filtered_rspec = run_sfatables(chain_name, '', origin_hrn, rspec) diff --git a/sfa/methods/PerformOperationalAction.py b/sfa/methods/PerformOperationalAction.py index 1081b0e1..57d8db91 100644 --- a/sfa/methods/PerformOperationalAction.py +++ b/sfa/methods/PerformOperationalAction.py @@ -2,17 +2,20 @@ from sfa.util.faults import SfaInvalidArgument, InvalidRSpec from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method from sfa.util.sfatablesRuntime import run_sfatables +from sfa.util.sfalogging import logger + from sfa.trust.credential import Credential + from sfa.storage.parameter import Parameter, Mixed class PerformOperationalAction(Method): """ - Request that the named geni_allocated slivers be made - geni_provisioned, instantiating or otherwise realizing the - resources, such that they have a valid geni_operational_status - and may possibly be made geni_ready for experimenter use. This - operation is synchronous, but may start a longer process, such + Request that the named geni_allocated slivers be made + geni_provisioned, instantiating or otherwise realizing the + resources, such that they have a valid geni_operational_status + and may possibly be made geni_ready for experimenter use. This + operation is synchronous, but may start a longer process, such as creating and imaging a virtual machine @param slice urns ([string]) URNs of slivers to provision to @@ -30,18 +33,19 @@ class PerformOperationalAction(Method): returns = Parameter(dict, "Provisioned Resources") def call(self, xrns, creds, action, options): - self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, xrns, self.name)) + logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, xrns, self.name)) (speaking_for, _) = urn_to_hrn(options.get('geni_speaking_for')) # Find the valid credentials - valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'createsliver', xrns, - check_sliver_callback=self.api.driver.check_sliver_credentials, - options=options) + valid_creds = self.api.auth.checkCredentialsSpeaksFor( + creds, 'createsliver', xrns, + check_sliver_callback=self.api.driver.check_sliver_credentials, + options=options) origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, xrns, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, xrns, self.name)) result = self.api.manager.PerformOperationalAction( self.api, xrns, creds, action, options) return result diff --git a/sfa/methods/Provision.py b/sfa/methods/Provision.py index ad196692..f9f71e41 100644 --- a/sfa/methods/Provision.py +++ b/sfa/methods/Provision.py @@ -2,18 +2,22 @@ from sfa.util.faults import SfaInvalidArgument, InvalidRSpec from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method from sfa.util.sfatablesRuntime import run_sfatables +from sfa.util.sfalogging import logger + from sfa.trust.credential import Credential + from sfa.storage.parameter import Parameter, Mixed + from sfa.rspecs.rspec import RSpec class Provision(Method): """ - Request that the named geni_allocated slivers be made - geni_provisioned, instantiating or otherwise realizing the - resources, such that they have a valid geni_operational_status - and may possibly be made geni_ready for experimenter use. This - operation is synchronous, but may start a longer process, such + Request that the named geni_allocated slivers be made + geni_provisioned, instantiating or otherwise realizing the + resources, such that they have a valid geni_operational_status + and may possibly be made geni_ready for experimenter use. This + operation is synchronous, but may start a longer process, such as creating and imaging a virtual machine @param slice urns ([string]) URNs of slivers to provision to @@ -30,15 +34,16 @@ class Provision(Method): returns = Parameter(dict, "Provisioned Resources") def call(self, xrns, creds, options): - self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, xrns, self.name)) + logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, xrns, self.name)) # Find the valid credentials - valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'createsliver', xrns, - check_sliver_callback=self.api.driver.check_sliver_credentials, - options=options) + valid_creds = self.api.auth.checkCredentialsSpeaksFor( + creds, 'createsliver', xrns, + check_sliver_callback=self.api.driver.check_sliver_credentials, + options=options) origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, xrns, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, xrns, self.name)) result = self.api.manager.Provision(self.api, xrns, creds, options) return result diff --git a/sfa/methods/Register.py b/sfa/methods/Register.py index 8f573546..e95d60fa 100644 --- a/sfa/methods/Register.py +++ b/sfa/methods/Register.py @@ -1,4 +1,5 @@ from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -38,7 +39,7 @@ class Register(Method): # log the call origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, hrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, hrn, self.name)) return self.api.manager.Register(self.api, record) diff --git a/sfa/methods/Remove.py b/sfa/methods/Remove.py index a0614498..413d140c 100644 --- a/sfa/methods/Remove.py +++ b/sfa/methods/Remove.py @@ -1,5 +1,6 @@ from sfa.util.xrn import Xrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -15,7 +16,7 @@ class Remove(Method): @param type record type @param xrn human readable name of record to remove (hrn or urn) - @return 1 if successful, faults otherwise + @return 1 if successful, faults otherwise """ interfaces = ['registry'] @@ -40,7 +41,7 @@ class Remove(Method): # log the call origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tmethod-name: %s\tcaller-hrn: %s\ttarget-urn: %s" % ( - self.api.interface, self.name, origin_hrn, xrn.get_urn())) + logger.info("interface: %s\tmethod-name: %s\tcaller-hrn: %s\ttarget-urn: %s" % ( + self.api.interface, self.name, origin_hrn, xrn.get_urn())) return self.api.manager.Remove(self.api, xrn) diff --git a/sfa/methods/Renew.py b/sfa/methods/Renew.py index e3ae1c30..3cbb9293 100644 --- a/sfa/methods/Renew.py +++ b/sfa/methods/Renew.py @@ -4,6 +4,7 @@ from sfa.util.faults import InsufficientRights from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method from sfa.util.sfatime import utcparse, add_datetime +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -12,7 +13,7 @@ from sfa.storage.parameter import Parameter class Renew(Method): """ - Renews the resources in the specified slice or slivers by + Renews the resources in the specified slice or slivers by extending the lifetime. @param urns ([string]) List of URNs of to renew @@ -32,13 +33,14 @@ class Renew(Method): def call(self, urns, creds, expiration_time, options): # Find the valid credentials - valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'renewsliver', urns, - check_sliver_callback=self.api.driver.check_sliver_credentials, - options=options) + valid_creds = self.api.auth.checkCredentialsSpeaksFor( + creds, 'renewsliver', urns, + check_sliver_callback=self.api.driver.check_sliver_credentials, + options=options) the_credential = Credential(cred=valid_creds[0]) actual_caller_hrn = the_credential.actual_caller_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" % - (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" % + (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name)) # extend as long as possible : take the min of requested and # now+SFA_MAX_SLICE_RENEW @@ -50,21 +52,21 @@ class Renew(Method): # Validate that the time does not go beyond the credential's expiration # time requested_expire = utcparse(expiration_time) - self.api.logger.info("requested_expire = %s" % requested_expire) + logger.info("requested_expire = %s" % requested_expire) credential_expire = the_credential.get_expiration() - self.api.logger.info("credential_expire = %s" % credential_expire) + logger.info("credential_expire = %s" % credential_expire) max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW) max_expire = datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days) if requested_expire > credential_expire: # used to throw an InsufficientRights exception here, this was not # right - self.api.logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" % - (requested_expire, credential_expire)) + logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" % + (requested_expire, credential_expire)) requested_expire = credential_expire if requested_expire > max_expire: # likewise - self.api.logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" % - (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire)) + logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" % + (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire)) requested_expire = max_expire return self.api.manager.Renew(self.api, urns, creds, requested_expire, options) diff --git a/sfa/methods/Resolve.py b/sfa/methods/Resolve.py index 05bffcbb..39618a73 100644 --- a/sfa/methods/Resolve.py +++ b/sfa/methods/Resolve.py @@ -1,5 +1,6 @@ from sfa.util.xrn import Xrn, urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -11,8 +12,8 @@ class Resolve(Method): Resolve a record. @param cred credential string authorizing the caller - @param hrn human readable name to resolve (hrn or urn) - @return a list of record dictionaries or empty list + @param hrn human readable name to resolve (hrn or urn) + @return a list of record dictionaries or empty list """ interfaces = ['registry'] @@ -49,8 +50,8 @@ class Resolve(Method): # log the call origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, hrns, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, hrns, self.name)) # send the call to the right manager return self.api.manager.Resolve(self.api, xrns, type, details=details) diff --git a/sfa/methods/Shutdown.py b/sfa/methods/Shutdown.py index 7b086af3..a1acf9a8 100644 --- a/sfa/methods/Shutdown.py +++ b/sfa/methods/Shutdown.py @@ -1,15 +1,16 @@ from sfa.storage.parameter import Parameter from sfa.trust.credential import Credential from sfa.util.method import Method +from sfa.util.sfalogging import logger class Shutdown(Method): """ - Perform an emergency shut down of a sliver. This operation is intended for administrative use. + Perform an emergency shut down of a sliver. This operation is intended for administrative use. The sliver is shut down but remains available for further forensics. @param slice_urn (string) URN of slice to renew - @param credentials ([string]) of credentials + @param credentials ([string]) of credentials """ interfaces = ['aggregate', 'slicemgr'] accepts = [ @@ -20,11 +21,12 @@ class Shutdown(Method): def call(self, xrn, creds): - valid_creds = self.api.auth.checkCredentials(creds, 'stopslice', xrn, - check_sliver_callback=self.api.driver.check_sliver_credentials) + valid_creds = self.api.auth.checkCredentials( + creds, 'stopslice', xrn, + check_sliver_callback=self.api.driver.check_sliver_credentials) # log the call origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, xrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, xrn, self.name)) return self.api.manager.Shutdown(self.api, xrn, creds) diff --git a/sfa/methods/Status.py b/sfa/methods/Status.py index dd15f5df..577d1b7d 100644 --- a/sfa/methods/Status.py +++ b/sfa/methods/Status.py @@ -1,5 +1,6 @@ from sfa.util.xrn import urn_to_hrn from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.storage.parameter import Parameter, Mixed @@ -20,10 +21,11 @@ class Status(Method): returns = Parameter(dict, "Status details") def call(self, xrns, creds, options): - valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'sliverstatus', xrns, - check_sliver_callback=self.api.driver.check_sliver_credentials, - options=options) + valid_creds = self.api.auth.checkCredentialsSpeaksFor( + creds, 'sliverstatus', xrns, + check_sliver_callback=self.api.driver.check_sliver_credentials, + options=options) - self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, xrns, self.name)) + logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, xrns, self.name)) return self.api.manager.Status(self.api, xrns, creds, options) diff --git a/sfa/methods/Update.py b/sfa/methods/Update.py index 507509cd..5daeb654 100644 --- a/sfa/methods/Update.py +++ b/sfa/methods/Update.py @@ -1,4 +1,5 @@ from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.credential import Credential @@ -14,7 +15,7 @@ class Update(Method): @param cred credential string specifying rights of the caller @param record a record dictionary to be updated - @return 1 if successful, faults otherwise + @return 1 if successful, faults otherwise """ interfaces = ['registry'] @@ -37,7 +38,7 @@ class Update(Method): # log origin_hrn = Credential( string=valid_creds[0]).get_gid_caller().get_hrn() - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % - (self.api.interface, origin_hrn, hrn, self.name)) + logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" % + (self.api.interface, origin_hrn, hrn, self.name)) return self.api.manager.Update(self.api, record_dict) diff --git a/sfa/methods/get_trusted_certs.py b/sfa/methods/get_trusted_certs.py index 53a687f3..3cfc51d7 100644 --- a/sfa/methods/get_trusted_certs.py +++ b/sfa/methods/get_trusted_certs.py @@ -1,4 +1,5 @@ from sfa.util.method import Method +from sfa.util.sfalogging import logger from sfa.trust.auth import Auth from sfa.trust.credential import Credential @@ -9,7 +10,7 @@ from sfa.storage.parameter import Parameter, Mixed class get_trusted_certs(Method): """ @param cred credential string specifying the rights of the caller - @return list of gid strings + @return list of gid strings """ interfaces = ['registry', 'aggregate', 'slicemgr'] @@ -25,7 +26,7 @@ class get_trusted_certs(Method): # If cred is not specified just return the gid for this interface. # This is true when when a peer is attempting to initiate federation # with this interface - self.api.logger.debug("get_trusted_certs: %r" % cred) + logger.debug("get_trusted_certs: %r" % cred) if not cred: gid_strings = [] for gid in self.api.auth.trusted_cert_list: diff --git a/sfa/server/sfa-start.py b/sfa/server/sfa-start.py index cf4ee586..5b386c02 100755 --- a/sfa/server/sfa-start.py +++ b/sfa/server/sfa-start.py @@ -36,14 +36,17 @@ from optparse import OptionParser from sfa.util.sfalogging import init_logger, logger from sfa.util.xrn import get_authority, hrn_to_urn from sfa.util.config import Config + from sfa.trust.gid import GID from sfa.trust.trustedroots import TrustedRoots from sfa.trust.certificate import Keypair, Certificate from sfa.trust.hierarchy import Hierarchy from sfa.trust.gid import GID + from sfa.server.sfaapi import SfaApi from sfa.server.registry import Registries from sfa.server.aggregate import Aggregates + from sfa.client.return_value import ReturnValue @@ -130,11 +133,11 @@ def install_peer_certs(server_key_file, server_cert_file): gid.save_to_file(gid_filename, save_parents=True) message = "installed trusted cert for %s" % new_hrn # log the message - api.logger.info(message) + logger.info(message) except Exception: message = "interface: %s\tunable to install trusted gid for %s" % \ (api.interface, new_hrn) - api.logger.log_exc(message) + logger.log_exc(message) # doesnt matter witch one update_cert_records(peer_gids) diff --git a/sfa/server/xmlrpcapi.py b/sfa/server/xmlrpcapi.py index 9b1e1b8c..51893285 100644 --- a/sfa/server/xmlrpcapi.py +++ b/sfa/server/xmlrpcapi.py @@ -92,7 +92,7 @@ xmlrpc_client.Marshaller._Marshaller__dump = xmlrpclib_dump class XmlrpcApi: """ - The XmlrpcApi class implements a basic xmlrpc (or soap) service + The XmlrpcApi class implements a basic xmlrpc (or soap) service """ protocol = None @@ -107,8 +107,6 @@ class XmlrpcApi: methods, fromlist=[methods]) self.methods = methods_module.all - self.logger = logger - def callable(self, method): """ Return a new instance of the specified method. @@ -125,7 +123,7 @@ class XmlrpcApi: callablemethod = getattr(module, classname)(self) return getattr(module, classname)(self) except (ImportError, AttributeError): - self.logger.log_exc("Error importing method: %s" % method) + logger.log_exc("Error importing method: %s" % method) raise SfaInvalidAPIMethod(method) def call(self, source, method, *args): @@ -167,9 +165,9 @@ class XmlrpcApi: result = self.call(source, method, *args) except SfaFault as fault: result = fault - self.logger.log_exc("XmlrpcApi.handle has caught Exception") + logger.log_exc("XmlrpcApi.handle has caught Exception") except Exception as fault: - self.logger.log_exc("XmlrpcApi.handle has caught Exception") + logger.log_exc("XmlrpcApi.handle has caught Exception") result = SfaAPIError(fault) # Return result diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py index b5296a6a..9552d1ff 100644 --- a/sfa/trust/certificate.py +++ b/sfa/trust/certificate.py @@ -64,7 +64,7 @@ from sfa.util.faults import (CertExpired, CertMissingParent, from sfa.util.sfalogging import logger # this tends to generate quite some logs for little or no value -debug_verify_chain = False +debug_verify_chain = True glo_passphrase_callback = None @@ -789,8 +789,10 @@ class Certificate: # @param cert certificate object def is_signed_by_cert(self, cert): - logger.debug("Certificate.is_signed_by_cert -> invoking verify") k = cert.get_pubkey() + logger.debug("Certificate.is_signed_by_cert -> verify on {}\n" + "with pubkey {}" + .format(self, k)) result = self.verify(k) return result @@ -867,7 +869,7 @@ class Certificate: trusted_cert.pretty_name())) else: logger.debug("verify_chain: not a direct" - " descendant of a trusted root") + " descendant of trusted root #{}".format(i)) # if there is no parent, then no way to verify the chain if not self.parent: -- 2.43.0