def myproxy_upload(dummy, a1, a2, u, p, my_u, my_p):
# SDF - sys.argv must be set up manually when embedding (ie calling from C)
# since python doesn't do it - which results in a crash when code
# tries to process a non-existent thing
# NB : add -k arg if we cant force it to do that auto
sys.argv = ["", a1, a2]
try:
(options, args) = parser.parse_args()
if options.version:
from slick.common import version
print version
return
if not path.exists(options.store_dir):
os.mkdir(options.store_dir)
formatter = None
log_level = logging.WARNING # default
if options.verbose == 1:
formatter = "%(message)s"
log_level = logging.INFO
elif options.verbose >= 2:
formatter = DEBUG_FORMAT
log_level = logging.DEBUG
# Set up basic configuration, out to stderr with a reasonable default format.
if formatter:
logging.basicConfig(level=log_level, format=formatter)
else:
logging.basicConfig(level=log_level)
settings = Settings(options, args)
# CURRENT
# settings.myproxy_host = "myproxy.arcs.org.au"
# settings.myproxy_port = 7512
# settings.myproxy_user = "******"
# check that we can complete all the reqiuested operations with the
# supplied information.
# if settings.slick_myproxy:
# if not (settings.myproxy_host and settings.myproxy_port and settings.myproxy_user):
# print "You haven't sepcified enough information to enable myproxy connection."
# return
# Cert cert using specific IdP
idp = Idp(settings.slcs_idp)
c = SimpleCredentialManager(str(u), str(p))
cj = MozillaCookieJar()
shibopener = Shibboleth(idp, c, cj)
slcsresp = shibopener.openurl(settings.slcs_url)
# Set the settings class idp to equal the idp handlers idp
settings.slcs_idp = idp.idp
log.info("Writing to files")
cert = slcs(slcsresp)
key_path = path.join(options.store_dir, "userkey.pem")
if not options.key:
def callback(verify=False):
from getpass import getpass
while 1:
p1 = getpass("Enter passphrase(or none for idp password):")
if not p1:
p1 = c.get_password()
return p1
p2 = getpass("Verify passphrase:")
if p1 == p2:
return p1
print "Password doesn't match"
else:
def callback(verify=False):
return c.get_password()
# cert.get_key()._key.save_pem(key_path, callback=callback)
cert.get_key()._key.save_pem(key_path, callback=lambda *x: str(p))
os.chmod(key_path, 0600)
cert_path = path.join(options.store_dir, "usercert.pem")
cert_file = open(path.join(options.store_dir, "usercert.pem"), "w")
cert_file.write(repr(cert))
cert_file.close()
os.chmod(cert_path, 0644)
if options.write:
log.info("Writing the config file")
settings.save()
# print "\nexport X509_USER_CERT=%s\nexport X509_USER_KEY=%s" % \
# (cert_path, key_path)
# if settings.slick_proxy:
# p = ProxyCertificate(cert)
# proxy_path = path.join(tempfile.gettempdir(), 'x509up_u' + str(os.getuid()))
# proxy_file = open(proxy_path, 'w')
# proxy_file.write(repr(p))
# proxy_file.write(str(p._proxy.get_key()))
# proxy_file.write(repr(cert))
# proxy_file.close()
# os.chmod(proxy_path, 0600)
# myproxy upload
# NB: GLOBUS_LOCATION env messes with this, undef it if exists?
gl = os.environ.get("GLOBUS_LOCATION")
if gl:
print "WARNING: remove GLOBUS_LOCATION definition from your environment"
# CURRENT - disabled for now as it generates only RFC 3820 proxies (incompat with grisu 0.2.2)
# from myproxy import client
#
# print "uploading proxy for: " + my_u
#
# c = client.MyProxyClient(hostname='myproxy2.arcs.org.au',
# serverDN='/C=AU/O=APACGrid/OU=VPAC/CN=myproxy2.arcs.org.au')
# c.put(my_u, my_p, cert, cert.get_key()._key, lambda *x: str(p), retrievers='*')
return
except KeyboardInterrupt:
print "\nCancelled"
return
if len(sys.argv) == 1:
parser.print_help()
def main(*arg):
try:
(options, args) = parser.parse_args()
if options.version:
from slick.common import version
print version
return
if not path.exists(options.store_dir):
os.mkdir(options.store_dir)
formatter = None
log_level = logging.WARNING # default
if options.verbose == 1:
formatter = "%(message)s"
log_level = logging.INFO
elif options.verbose >= 2:
formatter = DEBUG_FORMAT
log_level = logging.DEBUG
# Set up basic configuration, out to stderr with a reasonable default format.
if formatter:
logging.basicConfig(level=log_level, format=formatter)
else:
logging.basicConfig(level=log_level)
settings = Settings(options, args)
# check that we can complete all the reqiuested operations with the
# supplied information.
if settings.slick_myproxy:
if not (settings.myproxy_host and settings.myproxy_port and settings.myproxy_user):
print "You haven't sepcified enough information to enable myproxy connection."
return
# Cert cert using specific IdP
idp = Idp(settings.slcs_idp)
c = CredentialManager()
cj = MozillaCookieJar()
shibopener = Shibboleth(idp, c, cj)
slcsresp = shibopener.openurl(settings.slcs_url)
# Set the settings class idp to equal the idp handlers idp
settings.slcs_idp = idp.idp
log.info('Writing to files')
cert = slcs(slcsresp)
key_path = path.join(options.store_dir, 'userkey.pem')
if not options.key:
def callback(verify=False):
from getpass import getpass
while 1:
p1 = getpass('Enter passphrase(or none for idp password):')
if not p1:
p1 = c.get_password()
return p1
p2 = getpass('Verify passphrase:')
if p1 == p2:
return p1
print "Password doesn't match"
else:
def callback(verify=False):
return c.get_password()
cert.get_key()._key.save_pem(key_path, callback=callback)
os.chmod(key_path, 0600)
cert_path = path.join(options.store_dir, 'usercert.pem')
cert_file = open(path.join(options.store_dir, 'usercert.pem'), 'w')
cert_file.write(repr(cert))
cert_file.close()
os.chmod(cert_path, 0644)
if options.write:
log.info('Writing the config file')
settings.save()
print "\nexport X509_USER_CERT=%s\nexport X509_USER_KEY=%s" % \
(cert_path, key_path)
if settings.slick_proxy:
p = ProxyCertificate(cert)
proxy_path = path.join(tempfile.gettempdir(), 'x509up_u' + str(os.getuid()))
proxy_file = open(proxy_path, 'w')
proxy_file.write(repr(p))
proxy_file.write(str(p._proxy.get_key()))
proxy_file.write(repr(cert))
proxy_file.close()
os.chmod(proxy_path, 0600)
if settings.slick_myproxy:
if settings.myproxy_host and settings.myproxy_port and settings.myproxy_user:
from myproxy import client
c = client.MyProxyClient(hostname=settings.myproxy_host,
port= settings.myproxy_port,
serverDN='')
username = settings.myproxy_user
def callback(verify=False):
from getpass import getpass
while 1:
p1 = getpass('Enter passphrase:')
if not p1:
p1 = c.get_password()
return p1
p2 = getpass('Verify passphrase:')
if p1 == p2:
return p1
print "Password doesn't match"
passphrase = callback()
c.put(username, passphrase, cert, cert.get_key()._key, lambda *a: '', retrievers='*')
# c.put(username, passphrase, cert, cert.get_key()._key, lambda *a: '',
# ownerCertFile=cert, ownerKeyFile=cert.get_key(), retrievers='*')
else:
print "Not enough info was passed to connect to a myproxy server"
return
except KeyboardInterrupt:
print "\nCancelled"
return
if len(sys.argv) == 1:
parser.print_help()