コード例 #1
0
def myproxy_upload(dummy, a1, a2, u, p, my_u, my_p):
    # SDF - sys.argv must be set up manually when embedding (ie calling from C)
    # since python doesn't do it - which results in a crash when code
    # tries to process a non-existent thing
    # NB : add -k arg if we cant force it to do that auto
    sys.argv = ["", a1, a2]

    try:
        (options, args) = parser.parse_args()

        if options.version:
            from slick.common import version

            print version
            return

        if not path.exists(options.store_dir):
            os.mkdir(options.store_dir)

        formatter = None
        log_level = logging.WARNING  # default
        if options.verbose == 1:
            formatter = "%(message)s"
            log_level = logging.INFO
        elif options.verbose >= 2:
            formatter = DEBUG_FORMAT
            log_level = logging.DEBUG

        # Set up basic configuration, out to stderr with a reasonable default format.
        if formatter:
            logging.basicConfig(level=log_level, format=formatter)
        else:
            logging.basicConfig(level=log_level)

        settings = Settings(options, args)

        # CURRENT
        #        settings.myproxy_host = "myproxy.arcs.org.au"
        #        settings.myproxy_port = 7512
        #        settings.myproxy_user = "******"

        # check that we can complete all the reqiuested operations with the
        # supplied information.
        # if settings.slick_myproxy:
        #    if not (settings.myproxy_host and settings.myproxy_port and settings.myproxy_user):
        #        print "You haven't sepcified enough information to enable myproxy connection."
        #        return

        # Cert cert using specific IdP
        idp = Idp(settings.slcs_idp)
        c = SimpleCredentialManager(str(u), str(p))

        cj = MozillaCookieJar()
        shibopener = Shibboleth(idp, c, cj)
        slcsresp = shibopener.openurl(settings.slcs_url)

        # Set the settings class idp to equal the idp handlers idp
        settings.slcs_idp = idp.idp

        log.info("Writing to files")
        cert = slcs(slcsresp)
        key_path = path.join(options.store_dir, "userkey.pem")
        if not options.key:

            def callback(verify=False):
                from getpass import getpass

                while 1:
                    p1 = getpass("Enter passphrase(or none for idp password):")
                    if not p1:
                        p1 = c.get_password()
                        return p1
                    p2 = getpass("Verify passphrase:")
                    if p1 == p2:
                        return p1
                    print "Password doesn't match"

        else:

            def callback(verify=False):
                return c.get_password()

        #        cert.get_key()._key.save_pem(key_path, callback=callback)
        cert.get_key()._key.save_pem(key_path, callback=lambda *x: str(p))
        os.chmod(key_path, 0600)
        cert_path = path.join(options.store_dir, "usercert.pem")
        cert_file = open(path.join(options.store_dir, "usercert.pem"), "w")
        cert_file.write(repr(cert))
        cert_file.close()
        os.chmod(cert_path, 0644)

        if options.write:
            log.info("Writing the config file")
            settings.save()

        #        print "\nexport X509_USER_CERT=%s\nexport X509_USER_KEY=%s" % \
        #                (cert_path, key_path)

        #        if settings.slick_proxy:
        #        p = ProxyCertificate(cert)
        #        proxy_path = path.join(tempfile.gettempdir(), 'x509up_u' + str(os.getuid()))
        #        proxy_file = open(proxy_path, 'w')
        #        proxy_file.write(repr(p))
        #        proxy_file.write(str(p._proxy.get_key()))
        #        proxy_file.write(repr(cert))
        #        proxy_file.close()
        #        os.chmod(proxy_path, 0600)

        # myproxy upload
        # NB: GLOBUS_LOCATION env messes with this, undef it if exists?
        gl = os.environ.get("GLOBUS_LOCATION")
        if gl:
            print "WARNING: remove GLOBUS_LOCATION definition from your environment"

        # CURRENT - disabled for now as it generates only RFC 3820 proxies (incompat with grisu 0.2.2)
        #        from myproxy import client
        #
        #        print "uploading proxy for: " + my_u
        #
        #        c = client.MyProxyClient(hostname='myproxy2.arcs.org.au',
        #            serverDN='/C=AU/O=APACGrid/OU=VPAC/CN=myproxy2.arcs.org.au')

        #        c.put(my_u, my_p, cert, cert.get_key()._key, lambda *x: str(p), retrievers='*')

        return

    except KeyboardInterrupt:
        print "\nCancelled"
        return

    if len(sys.argv) == 1:
        parser.print_help()
コード例 #2
0
def main(*arg):
    try:
        (options, args) = parser.parse_args()

        if options.version:
            from slick.common import version
            print version
            return

        if not path.exists(options.store_dir):
            os.mkdir(options.store_dir)

        formatter = None
        log_level = logging.WARNING # default
        if options.verbose == 1:
            formatter = "%(message)s"
            log_level = logging.INFO
        elif options.verbose >= 2:
            formatter = DEBUG_FORMAT
            log_level = logging.DEBUG

        # Set up basic configuration, out to stderr with a reasonable default format.
        if formatter:
            logging.basicConfig(level=log_level, format=formatter)
        else:
            logging.basicConfig(level=log_level)

        settings = Settings(options, args)

        # check that we can complete all the reqiuested operations with the
        # supplied information.
        if settings.slick_myproxy:
            if not (settings.myproxy_host and settings.myproxy_port and settings.myproxy_user):
                print "You haven't sepcified enough information to enable myproxy connection."
                return

        # Cert cert using specific IdP
        idp = Idp(settings.slcs_idp)
        c = CredentialManager()
        cj = MozillaCookieJar()
        shibopener = Shibboleth(idp, c, cj)
        slcsresp = shibopener.openurl(settings.slcs_url)

        # Set the settings class idp to equal the idp handlers idp
        settings.slcs_idp = idp.idp

        log.info('Writing to files')
        cert = slcs(slcsresp)
        key_path = path.join(options.store_dir, 'userkey.pem')
        if not options.key:
            def callback(verify=False):
                from getpass import getpass
                while 1:
                    p1 = getpass('Enter passphrase(or none for idp password):')
                    if not p1:
                        p1 = c.get_password()
                        return p1
                    p2 = getpass('Verify passphrase:')
                    if p1 == p2:
                        return p1
                    print "Password doesn't match"
        else:
            def callback(verify=False):
                return c.get_password()

        cert.get_key()._key.save_pem(key_path, callback=callback)
        os.chmod(key_path, 0600)
        cert_path = path.join(options.store_dir, 'usercert.pem')
        cert_file = open(path.join(options.store_dir, 'usercert.pem'), 'w')
        cert_file.write(repr(cert))
        cert_file.close()
        os.chmod(cert_path, 0644)

        if options.write:
            log.info('Writing the config file')
            settings.save()

        print "\nexport X509_USER_CERT=%s\nexport X509_USER_KEY=%s" % \
                (cert_path, key_path)

        if settings.slick_proxy:
            p = ProxyCertificate(cert)
            proxy_path = path.join(tempfile.gettempdir(), 'x509up_u' + str(os.getuid()))
            proxy_file = open(proxy_path, 'w')
            proxy_file.write(repr(p))
            proxy_file.write(str(p._proxy.get_key()))
            proxy_file.write(repr(cert))
            proxy_file.close()
            os.chmod(proxy_path, 0600)

        if settings.slick_myproxy:
            if settings.myproxy_host and settings.myproxy_port and settings.myproxy_user:
                from myproxy import client
                c = client.MyProxyClient(hostname=settings.myproxy_host,
                                         port= settings.myproxy_port,
                                         serverDN='')
                username = settings.myproxy_user
                def callback(verify=False):
                    from getpass import getpass
                    while 1:
                        p1 = getpass('Enter passphrase:')
                        if not p1:
                            p1 = c.get_password()
                            return p1
                        p2 = getpass('Verify passphrase:')
                        if p1 == p2:
                            return p1
                        print "Password doesn't match"
                passphrase = callback()
                c.put(username, passphrase, cert, cert.get_key()._key, lambda *a: '', retrievers='*')
#                c.put(username, passphrase, cert, cert.get_key()._key, lambda *a: '',
#                      ownerCertFile=cert, ownerKeyFile=cert.get_key(), retrievers='*')

            else:
                print "Not enough info was passed to connect to a myproxy server"
        return
    except KeyboardInterrupt:
        print "\nCancelled"
        return

    if len(sys.argv) == 1:
        parser.print_help()