/ - Diff - snf-occi - Greek Research and Technology Network's projects

     #!/usr/bin/env python
     import re
     import string
     from snfOCCI.registry import snfRegistry
     from snfOCCI.compute import ComputeBackend
     from snfOCCI.config import SERVER_CONFIG, KAMAKI_CONFIG
-...
             self.refresh_compute_instances(compClient)
             ssl_dict = dict()
             ssl_dict["SSL_CLIENT_S_DN_ENV"] = environ["SSL_CLIENT_S_DN_ENV"]
             ssl_dict["SSL_CLIENT_CERT_ENV"] = environ["SSL_CLIENT_CERT_ENV"]
             ssl_dict["SSL_CLIENT_CERT_CHAIN_0_ENV"] = environ["SSL_CLIENT_CERT_CHAIN_0_ENV"]
             #Regular expression in HTTP headers
             #environ[HTTP_SSL] contains PEM certificates in wrong format
             client_cert = re.search(r'^(-----BEGIN CERTIFICATE----- )(.*|\s]*)( -----END CERTIFICATE-----)', environ["HTTP_SSL_CLIENT_CERT"])
             client_chain = re.search(r'^(-----BEGIN CERTIFICATE-----)(.*|\s]*)( -----END CERTIFICATE-----)', environ["HTTP_SSL_CLIENT_CERT_CHAIN_0"])
             client_cert_list=[]
             client_chain_list=[]
             for i in range(1,4):
                 client_cert_list.append(string.strip(client_cert.group(i)))
             for i in range(1,4):
                 client_chain_list.append(string.strip(client_chain.group(i)))
             cert = client_cert_list[0]+"\n"+client_cert_list[1].replace(" "," \n")+"\n"+client_cert_list[2]
             chain = client_chain_list[0]+"\n"+client_chain_list[1].replace(" "," \n")+"\n"+client_chain_list[2]
             ssl_dict["SSL_CLIENT_S_DN"] = environ["HTTP_SSL_CLIENT_S_DN"]
             ssl_dict["SSL_CLIENT_CERT"] = cert
             ssl_dict["SSL_CLIENT_CERT_CHAIN_0"] = chain
             info = voms.authenticate(ssl_dict)
             print info

     SERVER_CONFIG = {
         'port': 8888,
         'port': 8889,
         'hostname': 'snf-%(id)d.vm.okeanos.grnet.gr',
         'compute_arch': 'x86'
+        }
-...
     VOMS_CONFIG = {
         'vomsdir_path': '/etc/grid-security/vomsdir',
         'ca_path': '/etc/grid-security/certificates',
         'vomsapi_lib': 'libvomsapi.so.1',
         'vomsapi_lib': '/usr/lib/libvomsapi.so.0',
+    }

     import M2Crypto
     import snfOCCI.config
     from snfOCCI.config import VOMS_CONFIG
     import voms_helper
     import exception
-...
         cert = ssl_info.get(SSL_CLIENT_CERT_ENV, "")
         chain = ssl_info.get(SSL_CLIENT_CERT_CHAIN_0_ENV, "")
         cert = M2Crypto.X509.load_cert_string(cert)
         aux = M2Crypto.X509.load_cert_string(chain)
         chain = M2Crypto.X509.X509_Stack()
         chain.push(aux)
         return cert, chain
         return (cert, chain)
     def _get_voms_info(self, ssl_info):
     def _get_voms_info(ssl_info):
         """Extract voms info from ssl_info and return dict with it."""
         try:
             cert, chain = self._get_cert_chain(ssl_info)
         except M2Crypto.X509.X509Error:
             print "Error getting certificate chain"
             cert, chain = _get_cert_chain(ssl_info)
         except M2Crypto.X509.X509Error as e:
             print e
         with voms_helper.VOMS(VOMS_CONFIG["vomsdir_path"],VOMS_CONFIG["ca_path"], VOMS_CONFIG["vomsapi_lib"]) as v:
             if self._no_verify:
                 v.set_no_verify()
             voms_data = v.retrieve(cert, chain)
             if not voms_data:
                 print "error \n"
                 raise VomsError(v.error.value)
             d = {}
-...
             return (vogroup, role, capability)
     def authenticate(self, ssl_data):
     def authenticate(ssl_data):
         try:
             voms_info = self._get_voms_info(ssl_data)
             voms_info = _get_voms_info(ssl_data)
         except VomsError as e:
             raise e

b/snfOCCI/voms/voms_helper.py
99	99	0,
100	100	ctypes.byref(self.vd),
101	101	ctypes.byref(self.error))
	102
102	103	if res == 0:
103	104	return None
104	105	else:

Synnefo » snf-occi

Revision 0e9a6098