def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts, argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))
if opts.api_version == 1:
ams = geni.AggregateManagerServer((opts.host, int(opts.port)),
delegate=delegate,
keyfile=keyfile,
certfile=certfile,
ca_certs=comboCertsFile,
base_name=config['global']['base_name'])
elif opts.api_version == 2:
ams = gcf.geni.am.am2.AggregateManagerServer((opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
elif opts.api_version == 3:
ams = gcf.geni.am.am3.AggregateManagerServer((opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
else:
msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
sys.exit(msg % (opts.api_version))
logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port))
ams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config['aggregate_manager'].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, 'rootcadir') is None:
setattr(opts, 'rootcadir', config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit(
'Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts,
argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(
getAbsPath(opts.rootcadir))
if opts.api_version == 1:
ams = geni.AggregateManagerServer(
(opts.host, int(opts.port)),
delegate=delegate,
keyfile=keyfile,
certfile=certfile,
ca_certs=comboCertsFile,
base_name=config['global']['base_name'])
elif opts.api_version == 2:
ams = gcf.geni.am.am2.AggregateManagerServer(
(opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
elif opts.api_version == 3:
ams = gcf.geni.am.am3.AggregateManagerServer(
(opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
else:
msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
sys.exit(msg % (opts.api_version))
logging.getLogger('gcf-am').info('GENI AM (v%s) Listening on port %s...' %
(opts.api_version, opts.port))
ams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts, argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
delegate=None
if hasattr(opts, 'delegate') and opts.delegate is not None and str(opts.delegate).strip() != "":
try:
delegate = getInstanceFromClassname(opts.delegate,
getAbsPath(opts.rootcadir),
config['global']['base_name'],
"https://%s:%d/" % (opts.host, int(opts.port)),
**vars(opts)
)
except AttributeError, e:
msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate
msg += e.message
logging.getLogger('gcf-am').error(msg)
sys.exit(msg)
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config['aggregate_manager'].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, 'rootcadir') is None:
setattr(opts, 'rootcadir', config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit(
'Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts,
argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
delegate = None
if hasattr(opts, 'delegate') and opts.delegate is not None and str(
opts.delegate).strip() != "":
try:
delegate = getInstanceFromClassname(
opts.delegate, getAbsPath(opts.rootcadir),
config['global']['base_name'],
"https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts))
except AttributeError, e:
msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate
msg += e.message
logging.getLogger('gcf-am').error(msg)
sys.exit(msg)
