#!/usr/bin/env python
+import re
+import string
from snfOCCI.registry import snfRegistry
from snfOCCI.compute import ComputeBackend
from snfOCCI.config import SERVER_CONFIG, KAMAKI_CONFIG
self.refresh_compute_instances(compClient)
ssl_dict = dict()
- ssl_dict["SSL_CLIENT_S_DN_ENV"] = environ["SSL_CLIENT_S_DN_ENV"]
- ssl_dict["SSL_CLIENT_CERT_ENV"] = environ["SSL_CLIENT_CERT_ENV"]
- ssl_dict["SSL_CLIENT_CERT_CHAIN_0_ENV"] = environ["SSL_CLIENT_CERT_CHAIN_0_ENV"]
+
+ #Regular expression in HTTP headers
+ #environ[HTTP_SSL] contains PEM certificates in wrong format
+ client_cert = re.search(r'^(-----BEGIN CERTIFICATE----- )(.*|\s]*)( -----END CERTIFICATE-----)', environ["HTTP_SSL_CLIENT_CERT"])
+ client_chain = re.search(r'^(-----BEGIN CERTIFICATE-----)(.*|\s]*)( -----END CERTIFICATE-----)', environ["HTTP_SSL_CLIENT_CERT_CHAIN_0"])
+
+ client_cert_list=[]
+ client_chain_list=[]
+
+ for i in range(1,4):
+ client_cert_list.append(string.strip(client_cert.group(i)))
+
+ for i in range(1,4):
+ client_chain_list.append(string.strip(client_chain.group(i)))
+
+
+ cert = client_cert_list[0]+"\n"+client_cert_list[1].replace(" "," \n")+"\n"+client_cert_list[2]
+ chain = client_chain_list[0]+"\n"+client_chain_list[1].replace(" "," \n")+"\n"+client_chain_list[2]
+
+ ssl_dict["SSL_CLIENT_S_DN"] = environ["HTTP_SSL_CLIENT_S_DN"]
+ ssl_dict["SSL_CLIENT_CERT"] = cert
+ ssl_dict["SSL_CLIENT_CERT_CHAIN_0"] = chain
info = voms.authenticate(ssl_dict)
print info
projects / snf-occi / blobdiff