Пример #1
0
def generate_slice_credentials( observer_pkey_pem, syndicate_url, user_email, volume_name, slice_name, observer_secret, slice_secret, 
                                instantiate_UG=False, run_UG=False, UG_port=0, UG_closure=None,
                                instantiate_RG=False, run_RG=False, RG_port=0, RG_closure=None, RG_global_hostname=None,
                                instantiate_AG=False, run_AG=False, AG_port=0, AG_closure=None, AG_global_hostname=None,
                                gateway_name_prefix="", existing_user=None, user_pkey_pem=None ):
    """
    Generate and return the set of credentials to be sent off to the slice VMs.
    exisitng_user is a Syndicate user, as a dictionary.
    
    Return None on failure
    """
    
    # get the user's private key 
    logger.info("Obtaining private key for %s" % user_email)
    
    # it might be in the existing_user...
    if existing_user is not None:
       user_pkey_pem = existing_user.get('private_key', None)
       
    # no luck?
    if user_pkey_pem is None:
      try:
         # get it from storage
         user_pkey_pem = get_principal_pkey( user_email, observer_secret )
         assert user_pkey_pem is not None, "No private key for %s" % user_email
         
      except:
         traceback.print_exc()
         logger.error("Failed to get private key; cannot generate credentials for %s in %s" % (user_email, volume_name) )
         return None
    
    # generate a credetials blob 
    logger.info("Generating credentials for %s's slice" % (user_email))
    try:
       creds = observer_cred.create_slice_credential_blob( observer_pkey_pem, slice_name, slice_secret, syndicate_url, volume_name, user_email, user_pkey_pem,
                                                           instantiate_UG=instantiate_UG, run_UG=run_UG, UG_port=UG_port, UG_closure=UG_closure,
                                                           instantiate_RG=instantiate_RG, run_RG=run_RG, RG_port=RG_port, RG_closure=RG_closure, RG_global_hostname=RG_global_hostname,
                                                           instantiate_AG=instantiate_AG, run_AG=run_AG, AG_port=AG_port, AG_closure=AG_closure, AG_global_hostname=AG_global_hostname,
                                                           gateway_name_prefix=gateway_name_prefix )
       
       assert creds is not None, "Failed to create credentials for %s" % user_email 
    
    except:
       traceback.print_exc()
       logger.error("Failed to generate credentials for %s in %s" % (user_email, volume_name))
       return None
    
    return creds
Пример #2
0
def ft_do_push( syndicate_url, volume_name, volume_owner, slice_name, slice_secret, principal_pkey_path, hostname, automount_daemon_port,
                instantiate_UG=None, run_UG=None, UG_port=0, UG_closure=None,
                instantiate_RG=None, run_RG=None, RG_port=0, RG_closure=None, RG_global_hostname=None,
                instantiate_AG=None, run_AG=None, AG_port=0, AG_closure=None, AG_global_hostname=None,
                gateway_name_prefix="" ):
   
    """
    Push credentials to a single host.
    """
    
    c_syndicate.crypto_init()
    
    observer_key = syndicate_storage_api.read_private_key( CONFIG.SYNDICATE_OBSERVER_PRIVATE_KEY )
    user_key = syndicate_storage_api.read_private_key( principal_pkey_path )
    
    observer_key_pem = observer_key.exportKey()
    user_pkey_pem = user_key.exportKey()
    
    if observer_key_pem is None:
       raise Exception("Failed to read observer private key from %s" % observer_key_pem )
    
    if user_pkey_pem is None:
       raise Exception("Failed to read user private key from %s" % principal_pkey_path )
    
    # convert to binary
    slice_secret = binascii.unhexlify( slice_secret )
    
    cred = observer_cred.create_slice_credential_blob( observer_key_pem, slice_name, slice_secret, syndicate_url, volume_name, volume_owner, user_pkey_pem,
                                                       instantiate_UG=instantiate_UG, run_UG=run_UG, UG_port=UG_port, UG_closure=UG_closure,
                                                       instantiate_RG=instantiate_RG, run_RG=run_RG, RG_port=RG_port, RG_closure=RG_closure, RG_global_hostname=RG_global_hostname,
                                                       instantiate_AG=instantiate_AG, run_AG=run_AG, AG_port=AG_port, AG_closure=AG_closure, AG_global_hostname=AG_global_hostname,
                                                       gateway_name_prefix=gateway_name_prefix )
    
    if cred is None:
       raise Exception("Failed to generate slice credential")
    
    rc = do_push( [hostname], automount_daemon_port, cred )
    
    c_syndicate.crypto_shutdown()
Пример #3
0
def generate_slice_credentials(observer_pkey_pem,
                               syndicate_url,
                               user_email,
                               volume_name,
                               slice_name,
                               observer_secret,
                               slice_secret,
                               instantiate_UG=False,
                               run_UG=False,
                               UG_port=0,
                               UG_closure=None,
                               instantiate_RG=False,
                               run_RG=False,
                               RG_port=0,
                               RG_closure=None,
                               RG_global_hostname=None,
                               instantiate_AG=False,
                               run_AG=False,
                               AG_port=0,
                               AG_closure=None,
                               AG_global_hostname=None,
                               gateway_name_prefix="",
                               existing_user=None,
                               user_pkey_pem=None):
    """
    Generate and return the set of credentials to be sent off to the slice VMs.
    exisitng_user is a Syndicate user, as a dictionary.
    
    Return None on failure
    """

    # get the user's private key
    logger.info("Obtaining private key for %s" % user_email)

    # it might be in the existing_user...
    if existing_user is not None:
        user_pkey_pem = existing_user.get('signing_private_key', None)

    # no luck?
    if user_pkey_pem is None:
        try:
            # get it from storage
            user_pkey_pem = get_principal_pkey(user_email, observer_secret)
            assert user_pkey_pem is not None, "No private key for %s" % user_email

        except:
            traceback.print_exc()
            logger.error(
                "Failed to get private key; cannot generate credentials for %s in %s"
                % (user_email, volume_name))
            return None

    # generate a credetials blob
    logger.info("Generating credentials for %s's slice" % (user_email))
    try:
        creds = observer_cred.create_slice_credential_blob(
            observer_pkey_pem,
            slice_name,
            slice_secret,
            syndicate_url,
            volume_name,
            user_email,
            user_pkey_pem,
            instantiate_UG=instantiate_UG,
            run_UG=run_UG,
            UG_port=UG_port,
            UG_closure=UG_closure,
            instantiate_RG=instantiate_RG,
            run_RG=run_RG,
            RG_port=RG_port,
            RG_closure=RG_closure,
            RG_global_hostname=RG_global_hostname,
            instantiate_AG=instantiate_AG,
            run_AG=run_AG,
            AG_port=AG_port,
            AG_closure=AG_closure,
            AG_global_hostname=AG_global_hostname,
            gateway_name_prefix=gateway_name_prefix)

        assert creds is not None, "Failed to create credentials for %s" % user_email

    except:
        traceback.print_exc()
        logger.error("Failed to generate credentials for %s in %s" %
                     (user_email, volume_name))
        return None

    return creds