root / snfOCCI / snf_voms / voms_helper.py @ f25a4623
History | View | Annotate | Download (3.3 kB)
1 | fe35958e | nasia | # Copyright 2012 Spanish National Research Council
|
---|---|---|---|
2 | fe35958e | nasia | #
|
3 | fe35958e | nasia | # Licensed under the Apache License, Version 2.0 (the "License"); you may
|
4 | fe35958e | nasia | # not use this file except in compliance with the License. You may obtain
|
5 | fe35958e | nasia | # a copy of the License at
|
6 | fe35958e | nasia | #
|
7 | fe35958e | nasia | # http://www.apache.org/licenses/LICENSE-2.0
|
8 | fe35958e | nasia | #
|
9 | fe35958e | nasia | # Unless required by applicable law or agreed to in writing, software
|
10 | fe35958e | nasia | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
11 | fe35958e | nasia | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
12 | fe35958e | nasia | # License for the specific language governing permissions and limitations
|
13 | fe35958e | nasia | # under the License.
|
14 | fe35958e | nasia | |
15 | fe35958e | nasia | import ctypes |
16 | fe35958e | nasia | |
17 | f25a4623 | nasia | import M2Crypto |
18 | fe35958e | nasia | |
19 | fe35958e | nasia | |
20 | fe35958e | nasia | class _voms(ctypes.Structure): |
21 | fe35958e | nasia | _fields_ = [ |
22 | fe35958e | nasia | ("siglen", ctypes.c_int32),
|
23 | fe35958e | nasia | ("signature", ctypes.c_char_p),
|
24 | fe35958e | nasia | ("user", ctypes.c_char_p),
|
25 | fe35958e | nasia | ("userca", ctypes.c_char_p),
|
26 | fe35958e | nasia | ("server", ctypes.c_char_p),
|
27 | fe35958e | nasia | ("serverca", ctypes.c_char_p),
|
28 | fe35958e | nasia | ("voname", ctypes.c_char_p),
|
29 | fe35958e | nasia | ("uri", ctypes.c_char_p),
|
30 | fe35958e | nasia | ("date1", ctypes.c_char_p),
|
31 | fe35958e | nasia | ("date2", ctypes.c_char_p),
|
32 | fe35958e | nasia | ("type", ctypes.c_int32),
|
33 | fe35958e | nasia | ("std", ctypes.c_void_p),
|
34 | fe35958e | nasia | ("custom", ctypes.c_char_p),
|
35 | fe35958e | nasia | ("datalen", ctypes.c_int32),
|
36 | fe35958e | nasia | ("version", ctypes.c_int32),
|
37 | fe35958e | nasia | ("fqan", ctypes.POINTER(ctypes.c_char_p)),
|
38 | fe35958e | nasia | ("serial", ctypes.c_char_p),
|
39 | fe35958e | nasia | ("ac", ctypes.c_void_p),
|
40 | fe35958e | nasia | ("holder", ctypes.c_void_p),
|
41 | fe35958e | nasia | ] |
42 | fe35958e | nasia | |
43 | fe35958e | nasia | |
44 | fe35958e | nasia | class _vomsdata(ctypes.Structure): |
45 | fe35958e | nasia | _fields_ = [ |
46 | fe35958e | nasia | ("cdir", ctypes.c_char_p),
|
47 | fe35958e | nasia | ("vdir", ctypes.c_char_p),
|
48 | fe35958e | nasia | ("data", ctypes.POINTER(ctypes.POINTER(_voms))),
|
49 | fe35958e | nasia | ("workvo", ctypes.c_char_p),
|
50 | fe35958e | nasia | ("extra_data", ctypes.c_char_p),
|
51 | fe35958e | nasia | ("volen", ctypes.c_int32),
|
52 | fe35958e | nasia | ("extralen", ctypes.c_int32),
|
53 | fe35958e | nasia | ("real", ctypes.c_void_p),
|
54 | fe35958e | nasia | ] |
55 | fe35958e | nasia | |
56 | fe35958e | nasia | |
57 | fe35958e | nasia | class VOMS(object): |
58 | fe35958e | nasia | """Context Manager for VOMS handling"""
|
59 | fe35958e | nasia | |
60 | fe35958e | nasia | def __init__(self, vomsdir_path, ca_path, vomsapi_lib): |
61 | fe35958e | nasia | self.VOMSApi = ctypes.CDLL(vomsapi_lib)
|
62 | fe35958e | nasia | self.VOMSApi.VOMS_Init.restype = ctypes.POINTER(_vomsdata)
|
63 | fe35958e | nasia | |
64 | fe35958e | nasia | self.VOMSDIR = vomsdir_path
|
65 | fe35958e | nasia | self.CADIR = ca_path
|
66 | fe35958e | nasia | |
67 | fe35958e | nasia | self.vd = None |
68 | fe35958e | nasia | |
69 | fe35958e | nasia | def __enter__(self): |
70 | fe35958e | nasia | self.vd = self.VOMSApi.VOMS_Init(self.VOMSDIR, self.CADIR).contents |
71 | fe35958e | nasia | return self |
72 | fe35958e | nasia | |
73 | fe35958e | nasia | def set_no_verify(self): |
74 | fe35958e | nasia | """Skip verification of AC.
|
75 | fe35958e | nasia |
|
76 | fe35958e | nasia | This method skips the AC signature verification, this it should
|
77 | fe35958e | nasia | only be used for debugging and tests.
|
78 | fe35958e | nasia | """
|
79 | fe35958e | nasia | |
80 | fe35958e | nasia | error = ctypes.c_int32(0)
|
81 | fe35958e | nasia | self.VOMSApi.VOMS_SetVerificationType(0x040, |
82 | fe35958e | nasia | ctypes.byref(self.vd),
|
83 | fe35958e | nasia | ctypes.byref(error)) |
84 | fe35958e | nasia | |
85 | fe35958e | nasia | def retrieve(self, cert, chain): |
86 | fe35958e | nasia | """Retrieve VOMS credentials from a certificate and chain."""
|
87 | fe35958e | nasia | |
88 | fe35958e | nasia | self.error = ctypes.c_int32(0) |
89 | fe35958e | nasia | |
90 | fe35958e | nasia | cert_ptr = ctypes.cast(long(cert._ptr()), ctypes.c_void_p)
|
91 | fe35958e | nasia | chain_ptr = ctypes.cast(long(chain._ptr()), ctypes.c_void_p)
|
92 | fe35958e | nasia | |
93 | fe35958e | nasia | res = self.VOMSApi.VOMS_Retrieve(cert_ptr,
|
94 | fe35958e | nasia | chain_ptr, |
95 | fe35958e | nasia | 0,
|
96 | fe35958e | nasia | ctypes.byref(self.vd),
|
97 | fe35958e | nasia | ctypes.byref(self.error))
|
98 | fe35958e | nasia | if res == 0: |
99 | fe35958e | nasia | return None |
100 | fe35958e | nasia | else:
|
101 | fe35958e | nasia | return self.vd.data.contents.contents |
102 | fe35958e | nasia | |
103 | fe35958e | nasia | def __exit__(self, type, value, tb): |
104 | fe35958e | nasia | self.VOMSApi.VOMS_Destroy(ctypes.byref(self.vd)) |