Exemplo n.º 1
0
def main(argv=None):
    if argv is None:
        argv = sys.argv
    opts = parse_args(argv)[0]
    level = logging.INFO
    if opts.debug:
        level = logging.DEBUG
    logging.basicConfig(level=level)

    # Read in config file options, command line gets priority
    optspath = None
    if not opts.configfile is None:
        optspath = os.path.expanduser(opts.configfile)

    config = read_config(optspath)   
        
    for (key,val) in config['aggregate_manager'].items():                  
        if hasattr(opts,key) and getattr(opts,key) is None:
            setattr(opts,key,val)
        if not hasattr(opts,key):
            setattr(opts,key,val)            
    if getattr(opts,'rootcadir') is None:
        setattr(opts,'rootcadir',config['global']['rootcadir'])        

    if opts.rootcadir is None:
        sys.exit('Missing path to trusted root certificate directory (-r argument)')
    
    certfile = getAbsPath(opts.certfile)
    keyfile = getAbsPath(opts.keyfile)
    if not os.path.exists(certfile):
        sys.exit("Aggregate certfile %s doesn't exist" % certfile)
    if not os.path.getsize(certfile) > 0:
        sys.exit("Aggregate certfile %s is empty" % certfile)
    
    if not os.path.exists(keyfile):
        sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
    if not os.path.getsize(keyfile) > 0:
        sys.exit("Aggregate keyfile %s is empty" % keyfile)

    # Instantiate an argument guard that will reject or modify
    # arguments and options provided to calls
    argument_guard = None
    if hasattr(opts, 'argument_guard'):
        argument_guard = getInstanceFromClassname(opts.argument_guard)

    # Instantiate authorizer from 'authorizer' config argument
    # By default, use the SFA authorizer
    if hasattr(opts, 'authorizer'):
        authorizer_classname = opts.authorizer
    else:
        authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
    authorizer = getInstanceFromClassname(authorizer_classname, 
                                          getAbsPath(opts.rootcadir), opts, argument_guard)

    # Use XMLRPC authorizer if opt.remote_authorizer is set
    if hasattr(opts, 'remote_authorizer'):
        import xmlrpclib
        authorizer = xmlrpclib.Server(opts.remote_authorizer)

    # Instantiate resource manager from 'authorizer_resource_manager' 
    # config argument. Default = None
    resource_manager = None
    if hasattr(opts, 'authorizer_resource_manager'):
        resource_manager = \
            getInstanceFromClassname(opts.authorizer_resource_manager)

    # rootcadir is  dir of multiple certificates
    delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))

    # here rootcadir is supposed to be a single file with multiple
    # certs possibly concatenated together
    comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))

    if opts.api_version == 1:
        ams = geni.AggregateManagerServer((opts.host, int(opts.port)),
                                          delegate=delegate,
                                          keyfile=keyfile,
                                          certfile=certfile,
                                          ca_certs=comboCertsFile,
                                          base_name=config['global']['base_name'])
    elif opts.api_version == 2:
        ams = gcf.geni.am.am2.AggregateManagerServer((opts.host, int(opts.port)),
                                                     keyfile=keyfile,
                                                     certfile=certfile,
                                                     trust_roots_dir=getAbsPath(opts.rootcadir),
                                                     ca_certs=comboCertsFile,
                                                     base_name=config['global']['base_name'], 
                                                     authorizer=authorizer,
                                                     resource_manager=resource_manager)
    elif opts.api_version == 3:
        ams = gcf.geni.am.am3.AggregateManagerServer((opts.host, int(opts.port)),
                                                     keyfile=keyfile,
                                                     certfile=certfile,
                                                     trust_roots_dir=getAbsPath(opts.rootcadir),
                                                     ca_certs=comboCertsFile,
                                                     base_name=config['global']['base_name'],
                                                     authorizer=authorizer,
                                                     resource_manager=resource_manager)
    else:
        msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
        sys.exit(msg % (opts.api_version))

    logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port))
    ams.serve_forever()
Exemplo n.º 2
0
def main(argv=None):
    if argv is None:
        argv = sys.argv
    opts = parse_args(argv)[0]
    level = logging.INFO
    if opts.debug:
        level = logging.DEBUG
    logging.basicConfig(level=level)

    # Read in config file options, command line gets priority
    optspath = None
    if not opts.configfile is None:
        optspath = os.path.expanduser(opts.configfile)

    config = read_config(optspath)

    for (key, val) in config['aggregate_manager'].items():
        if hasattr(opts, key) and getattr(opts, key) is None:
            setattr(opts, key, val)
        if not hasattr(opts, key):
            setattr(opts, key, val)
    if getattr(opts, 'rootcadir') is None:
        setattr(opts, 'rootcadir', config['global']['rootcadir'])

    if opts.rootcadir is None:
        sys.exit(
            'Missing path to trusted root certificate directory (-r argument)')

    certfile = getAbsPath(opts.certfile)
    keyfile = getAbsPath(opts.keyfile)
    if not os.path.exists(certfile):
        sys.exit("Aggregate certfile %s doesn't exist" % certfile)
    if not os.path.getsize(certfile) > 0:
        sys.exit("Aggregate certfile %s is empty" % certfile)

    if not os.path.exists(keyfile):
        sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
    if not os.path.getsize(keyfile) > 0:
        sys.exit("Aggregate keyfile %s is empty" % keyfile)

    # Instantiate an argument guard that will reject or modify
    # arguments and options provided to calls
    argument_guard = None
    if hasattr(opts, 'argument_guard'):
        argument_guard = getInstanceFromClassname(opts.argument_guard)

    # Instantiate authorizer from 'authorizer' config argument
    # By default, use the SFA authorizer
    if hasattr(opts, 'authorizer'):
        authorizer_classname = opts.authorizer
    else:
        authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
    authorizer = getInstanceFromClassname(authorizer_classname,
                                          getAbsPath(opts.rootcadir), opts,
                                          argument_guard)

    # Use XMLRPC authorizer if opt.remote_authorizer is set
    if hasattr(opts, 'remote_authorizer'):
        import xmlrpclib
        authorizer = xmlrpclib.Server(opts.remote_authorizer)

    # Instantiate resource manager from 'authorizer_resource_manager'
    # config argument. Default = None
    resource_manager = None
    if hasattr(opts, 'authorizer_resource_manager'):
        resource_manager = \
            getInstanceFromClassname(opts.authorizer_resource_manager)

    # rootcadir is  dir of multiple certificates
    delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))

    # here rootcadir is supposed to be a single file with multiple
    # certs possibly concatenated together
    comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(
        getAbsPath(opts.rootcadir))

    if opts.api_version == 1:
        ams = geni.AggregateManagerServer(
            (opts.host, int(opts.port)),
            delegate=delegate,
            keyfile=keyfile,
            certfile=certfile,
            ca_certs=comboCertsFile,
            base_name=config['global']['base_name'])
    elif opts.api_version == 2:
        ams = gcf.geni.am.am2.AggregateManagerServer(
            (opts.host, int(opts.port)),
            keyfile=keyfile,
            certfile=certfile,
            trust_roots_dir=getAbsPath(opts.rootcadir),
            ca_certs=comboCertsFile,
            base_name=config['global']['base_name'],
            authorizer=authorizer,
            resource_manager=resource_manager)
    elif opts.api_version == 3:
        ams = gcf.geni.am.am3.AggregateManagerServer(
            (opts.host, int(opts.port)),
            keyfile=keyfile,
            certfile=certfile,
            trust_roots_dir=getAbsPath(opts.rootcadir),
            ca_certs=comboCertsFile,
            base_name=config['global']['base_name'],
            authorizer=authorizer,
            resource_manager=resource_manager)
    else:
        msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
        sys.exit(msg % (opts.api_version))

    logging.getLogger('gcf-am').info('GENI AM (v%s) Listening on port %s...' %
                                     (opts.api_version, opts.port))
    ams.serve_forever()
Exemplo n.º 3
0
def main(argv=None):
    if argv is None:
        argv = sys.argv
    opts = parse_args(argv)[0]
    level = logging.INFO
    if opts.debug:
        level = logging.DEBUG
    logging.basicConfig(level=level)

    # Read in config file options, command line gets priority
    optspath = None
    if not opts.configfile is None:
        optspath = os.path.expanduser(opts.configfile)

    config = read_config(optspath)   
        
    for (key,val) in config['aggregate_manager'].items():                  
        if hasattr(opts,key) and getattr(opts,key) is None:
            setattr(opts,key,val)
        if not hasattr(opts,key):
            setattr(opts,key,val)            
    if getattr(opts,'rootcadir') is None:
        setattr(opts,'rootcadir',config['global']['rootcadir'])        

    if opts.rootcadir is None:
        sys.exit('Missing path to trusted root certificate directory (-r argument)')
    
    certfile = getAbsPath(opts.certfile)
    keyfile = getAbsPath(opts.keyfile)
    if not os.path.exists(certfile):
        sys.exit("Aggregate certfile %s doesn't exist" % certfile)
    if not os.path.getsize(certfile) > 0:
        sys.exit("Aggregate certfile %s is empty" % certfile)
    
    if not os.path.exists(keyfile):
        sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
    if not os.path.getsize(keyfile) > 0:
        sys.exit("Aggregate keyfile %s is empty" % keyfile)

    # Instantiate an argument guard that will reject or modify
    # arguments and options provided to calls
    argument_guard = None
    if hasattr(opts, 'argument_guard'):
        argument_guard = getInstanceFromClassname(opts.argument_guard)

    # Instantiate authorizer from 'authorizer' config argument
    # By default, use the SFA authorizer
    if hasattr(opts, 'authorizer'):
        authorizer_classname = opts.authorizer
    else:
        authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
    authorizer = getInstanceFromClassname(authorizer_classname, 
                                          getAbsPath(opts.rootcadir), opts, argument_guard)

    # Use XMLRPC authorizer if opt.remote_authorizer is set
    if hasattr(opts, 'remote_authorizer'):
        import xmlrpclib
        authorizer = xmlrpclib.Server(opts.remote_authorizer)

    # Instantiate resource manager from 'authorizer_resource_manager' 
    # config argument. Default = None
    resource_manager = None
    if hasattr(opts, 'authorizer_resource_manager'):
        resource_manager = \
            getInstanceFromClassname(opts.authorizer_resource_manager)

    delegate=None
    if hasattr(opts, 'delegate') and opts.delegate is not None and str(opts.delegate).strip() != "":
        try:
            delegate = getInstanceFromClassname(opts.delegate, 
                                                getAbsPath(opts.rootcadir), 
                                                config['global']['base_name'],
                                                "https://%s:%d/" % (opts.host, int(opts.port)),
                                                **vars(opts)
                                            )
        except AttributeError, e:
            msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate
            msg += e.message
            logging.getLogger('gcf-am').error(msg)
            sys.exit(msg)
Exemplo n.º 4
0
def main(argv=None):
    if argv is None:
        argv = sys.argv
    opts = parse_args(argv)[0]
    level = logging.INFO
    if opts.debug:
        level = logging.DEBUG
    logging.basicConfig(level=level)

    # Read in config file options, command line gets priority
    optspath = None
    if not opts.configfile is None:
        optspath = os.path.expanduser(opts.configfile)

    config = read_config(optspath)

    for (key, val) in config['aggregate_manager'].items():
        if hasattr(opts, key) and getattr(opts, key) is None:
            setattr(opts, key, val)
        if not hasattr(opts, key):
            setattr(opts, key, val)
    if getattr(opts, 'rootcadir') is None:
        setattr(opts, 'rootcadir', config['global']['rootcadir'])

    if opts.rootcadir is None:
        sys.exit(
            'Missing path to trusted root certificate directory (-r argument)')

    certfile = getAbsPath(opts.certfile)
    keyfile = getAbsPath(opts.keyfile)
    if not os.path.exists(certfile):
        sys.exit("Aggregate certfile %s doesn't exist" % certfile)
    if not os.path.getsize(certfile) > 0:
        sys.exit("Aggregate certfile %s is empty" % certfile)

    if not os.path.exists(keyfile):
        sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
    if not os.path.getsize(keyfile) > 0:
        sys.exit("Aggregate keyfile %s is empty" % keyfile)

    # Instantiate an argument guard that will reject or modify
    # arguments and options provided to calls
    argument_guard = None
    if hasattr(opts, 'argument_guard'):
        argument_guard = getInstanceFromClassname(opts.argument_guard)

    # Instantiate authorizer from 'authorizer' config argument
    # By default, use the SFA authorizer
    if hasattr(opts, 'authorizer'):
        authorizer_classname = opts.authorizer
    else:
        authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
    authorizer = getInstanceFromClassname(authorizer_classname,
                                          getAbsPath(opts.rootcadir), opts,
                                          argument_guard)

    # Use XMLRPC authorizer if opt.remote_authorizer is set
    if hasattr(opts, 'remote_authorizer'):
        import xmlrpclib
        authorizer = xmlrpclib.Server(opts.remote_authorizer)

    # Instantiate resource manager from 'authorizer_resource_manager'
    # config argument. Default = None
    resource_manager = None
    if hasattr(opts, 'authorizer_resource_manager'):
        resource_manager = \
            getInstanceFromClassname(opts.authorizer_resource_manager)

    delegate = None
    if hasattr(opts, 'delegate') and opts.delegate is not None and str(
            opts.delegate).strip() != "":
        try:
            delegate = getInstanceFromClassname(
                opts.delegate, getAbsPath(opts.rootcadir),
                config['global']['base_name'],
                "https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts))
        except AttributeError, e:
            msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate
            msg += e.message
            logging.getLogger('gcf-am').error(msg)
            sys.exit(msg)