def create_null_slice_cred(): """Create a slice cred that can be used to list resources.""" slice_urn = create_slice_urn() slice_gid, _ = create_x509_cert(slice_urn) user_gid = GID(filename=settings.GCF_X509_CH_CERT) ucred = create_slice_credential(user_gid, slice_gid) ucred.save_to_file(settings.GCF_NULL_SLICE_CRED)
def get_am_cred(cls): """ Get the slice authority credentials to use for AM calls. @return: GENI credential string. """ slice_urn = create_slice_urn() slice_gid, _ = create_x509_cert(slice_urn) user_gid = GID(filename=settings.GCF_X509_CH_CERT) ucred = create_slice_credential(user_gid, slice_gid) return ucred.save_to_string()
def CreateSlice(user_cert, urn_req=None): # Is this user allowed to create a slice? # first get the user with this cert username = get_username_from_cert(user_cert) try: User.objects.get(username=username) except User.DoesNotExist: raise Exception("Unknown user %s." % username) if urn_req: # check the requested URN urn = URN(urn=urn_req) # make sure that we would generate the same urn if using the # same name (i.e. authority is the same...) urn_gen = get_slice_urn(urn.getName()) if urn_gen != urn_req: raise BadURNException( "The requested URN is not one that would be generated" " by this clearinghouse. Requested was %s, but generated" " is %s" % (urn_req, urn_gen) ) else: # Generate a unique URN for the slice urn_req = create_slice_urn() try: slice_gid = create_x509_cert(urn_req)[0] except Exception as exc: logger.error("Could not create slice. Error\n %s" % traceback.format_exc()) raise Exception("Failed to create slice %s." % urn_req) # Now get the user GID which will have permissions on this slice. # It doesnt have the chain but should be signed # by this CHs cert, which should also be a trusted # root at any federated AM. So everyone can verify it as is. # Note that if a user from a different CH (installed # as trusted by this CH for some reason) called this method, # that user would be used here - and can still get a valid slice try: user_gid = gid.GID(string=user_cert) except Exception, exc: logger.error("CreateSlice failed to create user_gid from SSL client cert: %s", traceback.format_exc()) raise Exception("Failed to create slice %s. Cant get user GID from SSL client certificate." % urn_req, exc)
def __init__(self, *args, **kwargs): urn = kwargs.setdefault("slice_urn", create_slice_urn()) kwargs.setdefault("slice_gid", create_x509_cert(urn)[0].save_to_string()) super(GENISliceInfo, self).__init__(*args, **kwargs)
def __init__(self, *args, **kwargs): urn = kwargs.setdefault("slice_urn", create_slice_urn()) kwargs.setdefault( "slice_gid", create_x509_cert(urn)[0].save_to_string()) super(GENISliceInfo, self).__init__(*args, **kwargs)