示例#1
0
def load_consumer_id(context):
    """
    Returns the consumer's ID if it is registered.

    @return: consumer id if registered; None when not registered
    @rtype:  str, None
    """
    filesystem_section = context.config.get('filesystem', None)
    if filesystem_section is None:
        return None

    consumer_cert_path = filesystem_section.get('id_cert_dir', None)
    consumer_cert_filename = filesystem_section.get('id_cert_filename', None)

    if None in (consumer_cert_path, consumer_cert_filename):
        return None

    full_filename = os.path.join(consumer_cert_path, consumer_cert_filename)
    bundle = Bundle(full_filename)

    if not bundle.valid():
        return None

    content = bundle.read()
    x509 = X509.load_cert_string(content)
    subject = _subject(x509)
    return subject['CN']
示例#2
0
 def test_uid_invalid_certificate(self, fake_read, fake_valid):
     fake_read.return_value = CERTIFICATE
     fake_valid.return_value = False
     bundle = Bundle('')
     uid = bundle.uid()
     fake_valid.assert_called_with()
     self.assertTrue(uid is None)
示例#3
0
 def testWrite(self):
     b = Bundle(CRTFILE)
     b.write(BUNDLE)
     f = open(CRTFILE)
     s = f.read()
     f.close()
     self.assertEqual(BUNDLE.strip(), s.strip())
示例#4
0
 def test_uid_invalid_certificate(self, fake_read, fake_valid):
     fake_read.return_value = CERTIFICATE
     fake_valid.return_value = False
     bundle = Bundle('')
     uid = bundle.uid()
     fake_valid.assert_called_with()
     self.assertTrue(uid is None)
示例#5
0
 def testWrite(self):
     b = Bundle(CRTFILE)
     b.write(BUNDLE)
     f = open(CRTFILE)
     s = f.read()
     f.close()
     self.assertEqual(BUNDLE.strip(), s.strip())
示例#6
0
 def test_cn(self, fake_read, fake_valid):
     fake_read.return_value = CERTIFICATE
     fake_valid.return_value = True
     bundle = Bundle('')
     cn = bundle.cn()
     fake_valid.assert_called_with()
     fake_read.assert_called_with()
     self.assertEqual(cn, 'localhost')
示例#7
0
 def test_uid(self, fake_read, fake_valid):
     fake_read.return_value = VERIZON_CERTIFICATE
     fake_valid.return_value = True
     bundle = Bundle('')
     uid = bundle.uid()
     fake_valid.assert_called_with()
     fake_read.assert_called_with()
     self.assertEqual(uid, 'vzn-user')
示例#8
0
文件: model.py 项目: kbotc/pulp
 def __init__(self):
     """
     Read from file-system on construction.
     """
     cfg = Config(CONFIG_PATH)
     files = cfg['filesystem']
     path = os.path.join(files['id_cert_dir'], files['id_cert_filename'])
     Bundle.__init__(self, path)
示例#9
0
 def test_uid(self, fake_read, fake_valid):
     fake_read.return_value = VERIZON_CERTIFICATE
     fake_valid.return_value = True
     bundle = Bundle('')
     uid = bundle.uid()
     fake_valid.assert_called_with()
     fake_read.assert_called_with()
     self.assertEqual(uid, 'vzn-user')
示例#10
0
 def __init__(self):
     """
     Read from file-system on construction.
     """
     cfg = Config(CONFIG_PATH)
     files = cfg['filesystem']
     path = os.path.join(files['id_cert_dir'], files['id_cert_filename'])
     Bundle.__init__(self, path)
示例#11
0
 def test_cn(self, fake_read, fake_valid):
     fake_read.return_value = CERTIFICATE
     fake_valid.return_value = True
     bundle = Bundle('')
     cn = bundle.cn()
     fake_valid.assert_called_with()
     fake_read.assert_called_with()
     self.assertEqual(cn, 'localhost')
示例#12
0
文件: model.py 项目: pulp/pulp
    def run_synchronization(self, progress, cancelled, options):
        """
        Run a repo_sync() on this repository.
        :param progress: A progress report.
        :type progress: pulp_node.progress.RepositoryProgress
        :param options: node synchronization options.
        :type options: dict
        :return: The task result.
        """
        warnings.warn(TASK_DEPRECATION_WARNING, NodeDeprecationWarning)

        bindings = resources.pulp_bindings()
        poller = TaskPoller(bindings)
        max_download = options.get(constants.MAX_DOWNLOAD_CONCURRENCY_KEYWORD, constants.DEFAULT_DOWNLOAD_CONCURRENCY)
        node_certificate = options[constants.PARENT_SETTINGS][constants.NODE_CERTIFICATE]
        key, certificate = Bundle.split(node_certificate)
        configuration = {
            importer_constants.KEY_MAX_DOWNLOADS: max_download,
            importer_constants.KEY_MAX_SPEED: options.get(constants.MAX_DOWNLOAD_BANDWIDTH_KEYWORD),
            importer_constants.KEY_SSL_CLIENT_KEY: key,
            importer_constants.KEY_SSL_CLIENT_CERT: certificate,
            importer_constants.KEY_SSL_VALIDATION: False,
        }
        http = bindings.repo_actions.sync(self.repo_id, configuration)
        if http.response_code != httplib.ACCEPTED:
            raise RepoSyncRestError(self.repo_id, http.response_code)
        # The repo sync is returned with a single sync task in the Call Report
        task = http.response_body.spawned_tasks[0]
        result = poller.join(task.task_id, progress, cancelled)
        if cancelled():
            self._cancel_synchronization(task)
        return result
示例#13
0
文件: model.py 项目: pombreda/pulp
 def run_synchronization(self, progress, cancelled, options):
     """
     Run a repo_sync() on this repository.
     :param progress: A progress report.
     :type progress: pulp_node.progress.RepositoryProgress
     :param options: node synchronization options.
     :type options: dict
     :return: The task result.
     """
     bindings = resources.pulp_bindings()
     poller = TaskPoller(bindings)
     max_download = options.get(
         constants.MAX_DOWNLOAD_CONCURRENCY_KEYWORD,
         constants.DEFAULT_DOWNLOAD_CONCURRENCY)
     node_certificate = options[constants.PARENT_SETTINGS][constants.NODE_CERTIFICATE]
     key, certificate = Bundle.split(node_certificate)
     configuration = {
         importer_constants.KEY_MAX_DOWNLOADS: max_download,
         importer_constants.KEY_MAX_SPEED: options.get(constants.MAX_DOWNLOAD_BANDWIDTH_KEYWORD),
         importer_constants.KEY_SSL_CLIENT_KEY: key,
         importer_constants.KEY_SSL_CLIENT_CERT: certificate,
         importer_constants.KEY_SSL_VALIDATION: False,
     }
     http = bindings.repo_actions.sync(self.repo_id, configuration)
     if http.response_code != httplib.ACCEPTED:
         raise RepoSyncRestError(self.repo_id, http.response_code)
     # The repo sync is returned with a single sync task in the Call Report
     task = http.response_body.spawned_tasks[0]
     result = poller.join(task.task_id, progress, cancelled)
     if cancelled():
         self._cancel_synchronization(task)
     return result
示例#14
0
def load_consumer_id(context):
    """
    Returns the consumer's ID if it is registered.

    @return: consumer id if registered; None when not registered
    @rtype:  str, None
    """
    consumer_cert_path = context.config['filesystem']['id_cert_dir']
    consumer_cert_filename = context.config['filesystem']['id_cert_filename']
    full_filename = os.path.join(consumer_cert_path, consumer_cert_filename)
    bundle = Bundle(full_filename)
    if bundle.valid():
        content = bundle.read()
        x509 = X509.load_cert_string(content)
        subject = _subject(x509)
        return subject['CN']
    else:
        return None
示例#15
0
文件: cud.py 项目: zjhuntin/pulp
    def register(consumer_id,
                 display_name=None,
                 description=None,
                 notes=None,
                 capabilities=None,
                 rsa_pub=None):
        """
        Registers a new Consumer

        :param consumer_id: unique identifier for the consumer
        :type  consumer_id: str
        :param rsa_pub: The consumer public key used for message authentication.
        :type rsa_pub: str
        :param display_name: user-friendly name for the consumer
        :type  display_name: str
        :param description:  user-friendly text describing the consumer
        :type  description: str
        :param notes: key-value pairs to pragmatically tag the consumer
        :type  notes: dict
        :param capabilities: operations supported on the consumer
        :type  capabilities: dict
        :raises DuplicateResource: if there is already a consumer or a used with the requested ID
        :raises InvalidValue: if any of the fields is unacceptable
        :return: A tuple of: (consumer, certificate)
        :rtype: tuple
        """
        if not is_consumer_id_valid(consumer_id):
            raise InvalidValue(['id'])

        collection = Consumer.get_collection()

        consumer = collection.find_one({'id': consumer_id})
        if consumer is not None:
            raise DuplicateResource(consumer_id)

        if notes is not None and not isinstance(notes, dict):
            raise InvalidValue(['notes'])

        if capabilities is not None and not isinstance(capabilities, dict):
            raise InvalidValue(['capabilities'])

        # Use the ID for the display name if one was not specified
        display_name = display_name or consumer_id

        # Creation
        consumer = Consumer(consumer_id, display_name, description, notes, capabilities, rsa_pub)
        _id = collection.save(consumer, safe=True)

        # Generate certificate
        cert_gen_manager = factory.cert_generation_manager()
        expiration_date = config.config.getint('security', 'consumer_cert_expiration')
        key, certificate = cert_gen_manager.make_cert(consumer_id, expiration_date, uid=str(_id))

        factory.consumer_history_manager().record_event(consumer_id, 'consumer_registered')

        return consumer, Bundle.join(key, certificate)
示例#16
0
 def cn(self):
     """
     Get the common name (CN) part of the certificate subject.
     Returns None, if the certificate is invalid.
     :return The common name (CN) part of the certificate subject or None when
         the certificate is not found or invalid.
     :rtype: str
     """
     try:
         return Bundle.cn(self)
     except X509Error:
         log.warn('certificate: %s, not valid', self.path)
示例#17
0
 def testVerify(self):
     self.assertTrue(Bundle.haskey(KEY))
     self.assertTrue(Bundle.haskey(KEY2))
     self.assertFalse(Bundle.hascrt(KEY))
     self.assertTrue(Bundle.hascrt(CERTIFICATE))
     self.assertTrue(Bundle.hascrt(CERTIFICATE))
     self.assertTrue(Bundle.hasboth(BUNDLE))
示例#18
0
 def testVerify(self):
     self.assertTrue(Bundle.haskey(KEY))
     self.assertTrue(Bundle.haskey(KEY2))
     self.assertFalse(Bundle.hascrt(KEY))
     self.assertTrue(Bundle.hascrt(CERTIFICATE))
     self.assertTrue(Bundle.hascrt(CERTIFICATE))
     self.assertTrue(Bundle.hasboth(BUNDLE))
示例#19
0
 def uid(self):
     """
     Get the userid (UID) part of the certificate subject.
     Returns None, if the certificate is invalid.
     :return The userid (UID) part of the certificate subject or None when
         the certificate is not found or invalid.
     :rtype: str
     """
     try:
         return Bundle.uid(self)
     except X509Error:
         msg = _('certificate: %(p)s, not valid')
         log.warn(msg, {'p': self.path})
示例#20
0
 def uid(self):
     """
     Get the userid (UID) part of the certificate subject.
     Returns None, if the certificate is invalid.
     :return The userid (UID) part of the certificate subject or None when
         the certificate is not found or invalid.
     :rtype: str
     """
     try:
         return Bundle.uid(self)
     except X509Error:
         msg = _('certificate: %(p)s, not valid')
         log.warn(msg, {'p': self.path})
示例#21
0
文件: cud.py 项目: jlsherrill/pulp
    def register(self, id, display_name=None, description=None, notes=None, capabilities=None):
        """
        Registers a new Consumer

        @param id: unique identifier for the consumer
        @type  id: str

        @param display_name: user-friendly name for the consumer
        @type  display_name: str

        @param description: user-friendly text describing the consumer
        @type  description: str

        @param notes: key-value pairs to programmatically tag the consumer
        @type  notes: dict

        @param capabilities: operations permitted on the consumer
        @type capabilities: dict

        @raises DuplicateResource: if there is already a consumer or a used with the requested ID
        @raises InvalidValue: if any of the fields is unacceptable
        """
        if not is_consumer_id_valid(id):
            raise InvalidValue(['id'])
        
        existing_consumer = Consumer.get_collection().find_one({'id' : id})
        if existing_consumer is not None:
            raise DuplicateResource(id)
            
        if notes is not None and not isinstance(notes, dict):
            raise InvalidValue(['notes'])

        if capabilities is not None and not isinstance(capabilities, dict):
            raise InvalidValue(['capabilities'])

        # Use the ID for the display name if one was not specified
        display_name = display_name or id

        # Generate certificate
        cert_gen_manager = factory.cert_generation_manager()
        expiration_date = config.config.getint('security', 'consumer_cert_expiration')
        key, crt = cert_gen_manager.make_cert(id, expiration_date)

        # Creation
        create_me = Consumer(id, display_name, description, notes, capabilities, certificate=crt.strip())
        Consumer.get_collection().save(create_me, safe=True)

        factory.consumer_history_manager().record_event(id, 'consumer_registered')
        create_me.certificate = Bundle.join(key, crt)
        return create_me
示例#22
0
    def register(self, id, display_name=None, description=None, notes=None, capabilities=None):
        """
        Registers a new Consumer

        @param id: unique identifier for the consumer
        @type  id: str

        @param display_name: user-friendly name for the consumer
        @type  display_name: str

        @param description: user-friendly text describing the consumer
        @type  description: str

        @param notes: key-value pairs to programmatically tag the consumer
        @type  notes: dict

        @param capabilities: operations permitted on the consumer
        @type capabilities: dict

        @raises DuplicateResource: if there is already a consumer or a used with the requested ID
        @raises InvalidValue: if any of the fields is unacceptable
        """
        if not is_consumer_id_valid(id):
            raise InvalidValue(['id'])

        existing_consumer = Consumer.get_collection().find_one({'id' : id})
        if existing_consumer is not None:
            raise DuplicateResource(id)

        if notes is not None and not isinstance(notes, dict):
            raise InvalidValue(['notes'])

        if capabilities is not None and not isinstance(capabilities, dict):
            raise InvalidValue(['capabilities'])

        # Use the ID for the display name if one was not specified
        display_name = display_name or id

        # Generate certificate
        cert_gen_manager = factory.cert_generation_manager()
        expiration_date = config.config.getint('security', 'consumer_cert_expiration')
        key, crt = cert_gen_manager.make_cert(id, expiration_date)

        # Creation
        create_me = Consumer(id, display_name, description, notes, capabilities, certificate=crt.strip())
        Consumer.get_collection().save(create_me, safe=True)

        factory.consumer_history_manager().record_event(id, 'consumer_registered')
        create_me.certificate = Bundle.join(key, crt)
        return create_me
示例#23
0
 def test_repository(self, *mocks):
     # Setup
     repository = Repository(REPO_ID)
     progress = Mock()
     cancelled = Mock(return_value=False)
     # Test
     options = {
         constants.MAX_DOWNLOAD_CONCURRENCY_KEYWORD: MAX_CONCURRENCY,
         constants.MAX_DOWNLOAD_BANDWIDTH_KEYWORD: MAX_BANDWIDTH,
         constants.PARENT_SETTINGS: PARENT_SETTINGS,
     }
     repository.run_synchronization(progress, cancelled, options)
     binding = mocks[1]
     key, certificate = Bundle.split(NODE_CERTIFICATE)
     expected_conf = {
         importer_constants.KEY_SSL_VALIDATION: False,
         importer_constants.KEY_MAX_DOWNLOADS: MAX_CONCURRENCY,
         importer_constants.KEY_MAX_SPEED: MAX_BANDWIDTH,
         importer_constants.KEY_SSL_CLIENT_KEY: key,
         importer_constants.KEY_SSL_CLIENT_CERT: certificate,
     }
     # Verify
     binding.assert_called_with(REPO_ID, expected_conf)
示例#24
0
 def test_repository(self, *mocks):
     # Setup
     repository = Repository(REPO_ID)
     progress = Mock()
     cancelled = Mock(return_value=False)
     # Test
     options = {
         constants.MAX_DOWNLOAD_CONCURRENCY_KEYWORD: MAX_CONCURRENCY,
         constants.MAX_DOWNLOAD_BANDWIDTH_KEYWORD: MAX_BANDWIDTH,
         constants.PARENT_SETTINGS: PARENT_SETTINGS,
     }
     repository.run_synchronization(progress, cancelled, options)
     binding = mocks[1]
     key, certificate = Bundle.split(NODE_CERTIFICATE)
     expected_conf = {
         importer_constants.KEY_SSL_VALIDATION: False,
         importer_constants.KEY_MAX_DOWNLOADS: MAX_CONCURRENCY,
         importer_constants.KEY_MAX_SPEED: MAX_BANDWIDTH,
         importer_constants.KEY_SSL_CLIENT_KEY: key,
         importer_constants.KEY_SSL_CLIENT_CERT: certificate,
     }
     # Verify
     binding.assert_called_with(REPO_ID, expected_conf)
示例#25
0
文件: __init__.py 项目: Tvaske/sponge
 def __init__(self, user):
     path = str(os.path.join(getattr(settings,
                                     'PULP_CERTIFICATE_PATH',
                                     'certs'),
                             "%s.crt" % user))
     Bundle.__init__(self, path)
示例#26
0
 def testJoin(self):
     bundle = Bundle.join(KEY, CERTIFICATE)
     print bundle
     self.assertTrue(KEY.strip() in bundle)
     self.assertTrue(CERTIFICATE.strip() in bundle)
示例#27
0
 def testSplit(self):
     key, crt = Bundle.split(BUNDLE)
     self.assertEqual(key.strip(), KEY.strip())
     self.assertEqual(crt.strip(), CERTIFICATE.strip())
示例#28
0
 def __init__(self):
     path = os.path.join(cfg.filesystem.id_cert_dir,
                         cfg.filesystem.id_cert_filename)
     Bundle.__init__(self, path)
示例#29
0
 def testRead(self):
     b = Bundle(CRTFILE)
     b.write(BUNDLE)
     s = b.read()
     self.assertEqual(BUNDLE.strip(), s.strip())
示例#30
0
 def __init__(self):
     Bundle.__init__(self, cfg.rest.clientcert)
示例#31
0
 def __init__(self):
     path = os.path.join(
         cfg['filesystem']['id_cert_dir'],
         cfg['filesystem']['id_cert_filename'])
     BundleImpl.__init__(self, path)
示例#32
0
 def testRead(self):
     b = Bundle(CRTFILE)
     b.write(BUNDLE)
     s = b.read()
     self.assertEqual(BUNDLE.strip(), s.strip())
示例#33
0
 def __init__(self):
     path = os.path.join(
         cfg['filesystem']['id_cert_dir'],
         cfg['filesystem']['id_cert_filename'])
     BundleImpl.__init__(self, path)
示例#34
0
 def __init__(self):
     path = os.path.join(cfg.filesystem.id_cert_dir, cfg.filesystem.id_cert_filename)
     Bundle.__init__(self, path)
示例#35
0
 def testSplit(self):
     key, crt = Bundle.split(BUNDLE)
     self.assertEqual(key.strip(), KEY.strip())
     self.assertEqual(crt.strip(), CERTIFICATE.strip())
示例#36
0
 def testJoin(self):
     bundle = Bundle.join(KEY, CERTIFICATE)
     print bundle
     self.assertTrue(KEY.strip() in bundle)
     self.assertTrue(CERTIFICATE.strip() in bundle)