[7da9da6] | 1 | #!/usr/local/bin/python |
---|
| 2 | |
---|
| 3 | import os,sys |
---|
| 4 | |
---|
| 5 | from BaseHTTPServer import BaseHTTPRequestHandler |
---|
| 6 | from ZSI import * |
---|
| 7 | from M2Crypto import SSL |
---|
| 8 | from M2Crypto.m2xmlrpclib import SSL_Transport |
---|
| 9 | from M2Crypto.SSL.SSLServer import SSLServer |
---|
| 10 | import M2Crypto.httpslib |
---|
| 11 | import xmlrpclib |
---|
| 12 | |
---|
| 13 | import re |
---|
| 14 | import random |
---|
| 15 | import string |
---|
| 16 | import subprocess |
---|
| 17 | import tempfile |
---|
| 18 | |
---|
| 19 | from fedd_services import * |
---|
[7aec37d] | 20 | from fedd_internal_services import * |
---|
[7da9da6] | 21 | from fedd_util import * |
---|
[7583a62] | 22 | import fixed_key |
---|
[7da9da6] | 23 | import parse_detail |
---|
[ef36c1e] | 24 | from service_error import * |
---|
[11a08b0] | 25 | import logging |
---|
| 26 | |
---|
| 27 | |
---|
[0ea11af] | 28 | # Configure loggers to dump to /dev/null which avoids errors if calling classes |
---|
| 29 | # don't configure them. |
---|
[11a08b0] | 30 | class nullHandler(logging.Handler): |
---|
| 31 | def emit(self, record): pass |
---|
| 32 | |
---|
| 33 | fl = logging.getLogger("fedd.allocate.local") |
---|
| 34 | fl.addHandler(nullHandler()) |
---|
| 35 | fl = logging.getLogger("fedd.allocate.remote") |
---|
| 36 | fl.addHandler(nullHandler()) |
---|
[7da9da6] | 37 | |
---|
[4ed10ae] | 38 | |
---|
[7da9da6] | 39 | class fedd_allocate_project_local: |
---|
[0ea11af] | 40 | """ |
---|
| 41 | Allocate projects on this machine in response to an access request. |
---|
| 42 | """ |
---|
[4ed10ae] | 43 | def __init__(self, config): |
---|
[7da9da6] | 44 | """ |
---|
| 45 | Initializer. Parses a configuration if one is given. |
---|
| 46 | """ |
---|
| 47 | |
---|
[4ed10ae] | 48 | self.debug = config.get("access", "debug_project", False) |
---|
| 49 | self.wap = config.get('access', 'wap', '/usr/testbed/sbin/wap') |
---|
| 50 | self.newproj = config.get('access', 'newproj', |
---|
| 51 | '/usr/testbed/sbin/newproj') |
---|
| 52 | self.mkproj = config.get('access', 'mkproj', '/usr/testbed/sbin/mkproj') |
---|
[7583a62] | 53 | self.rmproj = config.get('access', 'rmproj', '/usr/testbed/sbin/rmproj') |
---|
[4ed10ae] | 54 | self.addpubkey = config.get('access', 'addpubkey', |
---|
| 55 | '/usr/testbed/sbin/taddpubkey') |
---|
| 56 | self.grantnodetype = config.get('access', 'grantnodetype', |
---|
| 57 | '/usr/testbed/sbin/grantnodetype') |
---|
[11a08b0] | 58 | self.log = logging.getLogger("fedd.allocate.local") |
---|
[4ed10ae] | 59 | set_log_level(config, "access", self.log) |
---|
[7583a62] | 60 | fixed_key_db = config.get("access", "fixed_keys", None) |
---|
| 61 | fixed_project_db = config.get("access", "fixed_projects", None) |
---|
| 62 | if fixed_key_db: |
---|
| 63 | try: |
---|
| 64 | self.fixed_keys = fixed_key.read_db(fixed_key_db) |
---|
| 65 | except: |
---|
| 66 | log.debug("Can't read fixed_key_db from %s" % fixed_key_db) |
---|
| 67 | else: |
---|
| 68 | self.fixed_keys = set() |
---|
| 69 | |
---|
| 70 | if fixed_project_db: |
---|
| 71 | try: |
---|
| 72 | f = open(fixed_project_db, "r") |
---|
| 73 | for line in f: |
---|
| 74 | self.fixed_projects.add(line.rstrip()) |
---|
| 75 | f.close() |
---|
| 76 | except: |
---|
| 77 | log.debug("Can't read fixed_project_db from %s" % \ |
---|
| 78 | fixed_project_db) |
---|
| 79 | else: |
---|
| 80 | self.fixed_projects = set() |
---|
| 81 | |
---|
[7da9da6] | 82 | |
---|
[0ea11af] | 83 | # Internal services are SOAP only |
---|
| 84 | self.soap_services = {\ |
---|
| 85 | "AllocateProject": make_soap_handler(\ |
---|
| 86 | AllocateProjectRequestMessage.typecode,\ |
---|
| 87 | self.dynamic_project, AllocateProjectResponseMessage,\ |
---|
[4ed10ae] | 88 | "AllocateProjectResponseBody"), |
---|
| 89 | "StaticProject": make_soap_handler(\ |
---|
| 90 | StaticProjectRequestMessage.typecode,\ |
---|
| 91 | self.static_project, StaticProjectResponseMessage,\ |
---|
[7583a62] | 92 | "StaticProjectResponseBody"),\ |
---|
| 93 | #"ReleaseProject": make_soap_handler(\ |
---|
| 94 | #ReleaseProjectRequestMessage.typecode,\ |
---|
| 95 | #self.release_project, ReleaseProjectResponseMessage,\ |
---|
| 96 | #"ReleaseProjectResponseBody")\ |
---|
[0ea11af] | 97 | } |
---|
| 98 | self.xmlrpc_services = { } |
---|
| 99 | |
---|
[7da9da6] | 100 | def random_string(self, s, n=3): |
---|
| 101 | """Append n random ASCII characters to s and return the string""" |
---|
| 102 | rv = s |
---|
| 103 | for i in range(0,n): |
---|
| 104 | rv += random.choice(string.ascii_letters) |
---|
| 105 | return rv |
---|
| 106 | |
---|
| 107 | def write_attr_xml(self, file, root, lines): |
---|
| 108 | """ |
---|
| 109 | Write an emulab config file for a dynamic project. |
---|
| 110 | |
---|
| 111 | Format is <root><attribute name=lines[0]>lines[1]</attribute></root> |
---|
| 112 | """ |
---|
| 113 | # Convert a pair to an attribute line |
---|
| 114 | out_attr = lambda a,v : \ |
---|
| 115 | '<attribute name="%s"><value>%s</value></attribute>' % (a, v) |
---|
| 116 | |
---|
| 117 | f = os.fdopen(file, "w") |
---|
| 118 | f.write("<%s>\n" % root) |
---|
| 119 | f.write("\n".join([out_attr(*l) for l in lines])) |
---|
| 120 | f.write("</%s>\n" % root) |
---|
| 121 | f.close() |
---|
| 122 | |
---|
| 123 | |
---|
[ef36c1e] | 124 | def dynamic_project(self, req, fedid=None): |
---|
[7da9da6] | 125 | """ |
---|
| 126 | Create a dynamic project with ssh access |
---|
| 127 | |
---|
| 128 | Req includes the project and resources as a dictionary |
---|
| 129 | """ |
---|
| 130 | # tempfiles for the parameter files |
---|
| 131 | uf, userfile = tempfile.mkstemp(prefix="usr", suffix=".xml", |
---|
| 132 | dir="/tmp") |
---|
| 133 | pf, projfile = tempfile.mkstemp(prefix="proj", suffix=".xml", |
---|
| 134 | dir="/tmp") |
---|
| 135 | |
---|
[ef36c1e] | 136 | if req.has_key('AllocateProjectRequestBody') and \ |
---|
| 137 | req['AllocateProjectRequestBody'].has_key('project'): |
---|
| 138 | proj = req['AllocateProjectRequestBody']['project'] |
---|
| 139 | else: |
---|
| 140 | raise service_error(service_error.req, |
---|
| 141 | "Badly formed allocation request") |
---|
[7da9da6] | 142 | # Take the first user and ssh key |
---|
| 143 | name = proj.get('name', None) or self.random_string("proj",4) |
---|
| 144 | user = proj.get('user', None) |
---|
| 145 | if user != None: |
---|
| 146 | user = user[0] # User is a list, take the first entry |
---|
| 147 | if not user.has_key("userID"): |
---|
| 148 | uname = self.random_string("user", 3) |
---|
| 149 | else: |
---|
| 150 | uid = proj['userID'] |
---|
| 151 | # XXX: fedid |
---|
[e40c7ee] | 152 | uname = uid.get('localname', None) or \ |
---|
[7da9da6] | 153 | uid.get('kerberosUsername', None) or \ |
---|
| 154 | uid.get('uri', None) |
---|
| 155 | if uname == None: |
---|
| 156 | raise fedd_proj.service_error(fedd_proj.service_error.req, |
---|
| 157 | "No ID for user"); |
---|
| 158 | |
---|
| 159 | access = user.get('access', None) |
---|
| 160 | if access != None: |
---|
[ef36c1e] | 161 | ssh = access[0].get('sshPubkey', None) |
---|
[7da9da6] | 162 | if ssh == None: |
---|
| 163 | raise fedd_proj.service_error(fedd_proj.service_error.req, |
---|
| 164 | "No ssh key for user"); |
---|
| 165 | else: |
---|
| 166 | raise fedd_proj.service_error(fedd_proj.service_error.req, |
---|
| 167 | "No access information for project"); |
---|
| 168 | |
---|
| 169 | # uname, name and ssh are set |
---|
| 170 | user_fields = [ |
---|
| 171 | ("name", "Federation User %s" % uname), |
---|
| 172 | ("email", "%s-fed@isi.deterlab.net" % uname), |
---|
| 173 | ("password", self.random_string("", 8)), |
---|
| 174 | ("login", uname), |
---|
| 175 | ("address", "4676 Admiralty"), |
---|
| 176 | ("city", "Marina del Rey"), |
---|
| 177 | ("state", "CA"), |
---|
| 178 | ("zip", "90292"), |
---|
| 179 | ("country", "USA"), |
---|
| 180 | ("phone", "310-448-9190"), |
---|
| 181 | ("title", "None"), |
---|
| 182 | ("affiliation", "USC/ISI"), |
---|
| 183 | ("pubkey", ssh) |
---|
| 184 | ] |
---|
| 185 | |
---|
| 186 | proj_fields = [ |
---|
| 187 | ("name", name), |
---|
| 188 | ("short description", "dynamic federated project"), |
---|
| 189 | ("URL", "http://www.isi.edu/~faber"), |
---|
| 190 | ("funders", "USC/USU"), |
---|
| 191 | ("long description", "Federation access control"), |
---|
| 192 | ("public", "1"), |
---|
| 193 | ("num_pcs", "100"), |
---|
| 194 | ("linkedtous", "1"), |
---|
| 195 | ("newuser_xml", userfile) |
---|
| 196 | ] |
---|
| 197 | |
---|
| 198 | |
---|
| 199 | # Write out the files |
---|
| 200 | self.write_attr_xml(uf, "user", user_fields) |
---|
| 201 | self.write_attr_xml(pf, "project", proj_fields) |
---|
| 202 | |
---|
| 203 | # Generate the commands (only grantnodetype's are dynamic) |
---|
| 204 | cmds = [ |
---|
| 205 | (self.wap, self.newproj, projfile), |
---|
| 206 | (self.wap, self.mkproj, name) |
---|
| 207 | ] |
---|
| 208 | |
---|
| 209 | # Add commands to grant access to any resources in the request. |
---|
| 210 | for nt in [ h for r in req.get('resources', []) \ |
---|
| 211 | if r.has_key('node') and r['node'].has_key('hardware')\ |
---|
| 212 | for h in r['node']['hardware'] ] : |
---|
| 213 | cmds.append((self.wap, self.grantnodetype, '-p', name, nt)) |
---|
| 214 | |
---|
| 215 | # Create the projects |
---|
| 216 | rc = 0 |
---|
| 217 | for cmd in cmds: |
---|
[11a08b0] | 218 | self.log.debug("[dynamic_project]: %s" % ' '.join(cmd)) |
---|
[4ed10ae] | 219 | if not self.debug: |
---|
[7da9da6] | 220 | try: |
---|
| 221 | rc = subprocess.call(cmd) |
---|
| 222 | except OSerror, e: |
---|
[4ed10ae] | 223 | raise service_error(service_error.internal, |
---|
[7da9da6] | 224 | "Dynamic project subprocess creation error "+ \ |
---|
| 225 | "[%s] (%s)" % (cmd[1], e.strerror)) |
---|
| 226 | |
---|
| 227 | if rc != 0: |
---|
[4ed10ae] | 228 | raise service_error(service_error.internal, |
---|
[7da9da6] | 229 | "Dynamic project subprocess error " +\ |
---|
| 230 | "[%s] (%d)" % (cmd[1], rc)) |
---|
| 231 | # Clean up tempfiles |
---|
| 232 | os.unlink(userfile) |
---|
| 233 | os.unlink(projfile) |
---|
| 234 | rv = {\ |
---|
| 235 | 'project': {\ |
---|
[e40c7ee] | 236 | 'name': { 'localname': name }, |
---|
[7da9da6] | 237 | 'user' : [ {\ |
---|
[e40c7ee] | 238 | 'userID': { 'localname' : uname }, |
---|
[7da9da6] | 239 | 'access': [ { 'sshPubkey' : ssh } ], |
---|
| 240 | } ]\ |
---|
| 241 | }\ |
---|
| 242 | } |
---|
| 243 | return rv |
---|
[ef36c1e] | 244 | |
---|
[4ed10ae] | 245 | def static_project(self, req, fedid=None): |
---|
[ef36c1e] | 246 | """ |
---|
[4ed10ae] | 247 | Be certain that the local project in the request has access to the |
---|
| 248 | proper resources and users have correct keys. Add them if necessary. |
---|
[ef36c1e] | 249 | """ |
---|
| 250 | |
---|
[4ed10ae] | 251 | cmds = [] |
---|
[ef36c1e] | 252 | |
---|
[4ed10ae] | 253 | # While we should be more careful about this, for the short term, add |
---|
| 254 | # the keys to the specified users. |
---|
| 255 | |
---|
| 256 | try: |
---|
| 257 | users = req['StaticProjectRequestBody']['project']['user'] |
---|
| 258 | pname = req['StaticProjectRequestBody']['project']\ |
---|
| 259 | ['name']['localname'] |
---|
| 260 | resources = req['StaticProjectRequestBody'].get('resources', []) |
---|
| 261 | except KeyError: |
---|
| 262 | raise service_error(service_error.req, "Badly formed request") |
---|
| 263 | |
---|
| 264 | |
---|
| 265 | for u in users: |
---|
| 266 | try: |
---|
| 267 | name = u['userID']['localname'] |
---|
| 268 | except KeyError: |
---|
| 269 | raise service_error(service_error.req, "Badly formed user") |
---|
| 270 | for sk in [ k['sshPubkey'] for k in u.get('access', []) \ |
---|
| 271 | if k.has_key('sshPubkey')]: |
---|
[7583a62] | 272 | cmds.append((self.wap, self.addpubkey, '-w', \ |
---|
| 273 | '-u', name, '-k', sk)) |
---|
[0ea11af] | 274 | |
---|
[4ed10ae] | 275 | |
---|
| 276 | # Add commands to grant access to any resources in the request. The |
---|
| 277 | # list comprehension pulls out the hardware types in the node entries |
---|
| 278 | # in the resources list. |
---|
| 279 | for nt in [ h for r in resources \ |
---|
| 280 | if r.has_key('node') and r['node'].has_key('hardware')\ |
---|
| 281 | for h in r['node']['hardware'] ] : |
---|
| 282 | cmds.append((self.wap, self.grantnodetype, '-p', pname, nt)) |
---|
| 283 | |
---|
| 284 | # Run the commands |
---|
| 285 | rc = 0 |
---|
| 286 | for cmd in cmds: |
---|
| 287 | self.log.debug("[static_project]: %s" % ' '.join(cmd)) |
---|
| 288 | if not self.debug: |
---|
| 289 | try: |
---|
| 290 | rc = subprocess.call(cmd) |
---|
| 291 | except OSError, e: |
---|
| 292 | print "Static project subprocess creation error "+ \ |
---|
| 293 | "[%s] (%s)" % (cmd[0], e.strerror) |
---|
| 294 | raise service_error(service_error.internal, |
---|
| 295 | "Static project subprocess creation error "+ \ |
---|
| 296 | "[%s] (%s)" % (cmd[0], e.strerror)) |
---|
| 297 | |
---|
| 298 | if rc != 0: |
---|
| 299 | raise service_error(service_error.internal, |
---|
| 300 | "Static project subprocess error " +\ |
---|
| 301 | "[%s] (%d)" % (cmd[0], rc)) |
---|
| 302 | |
---|
| 303 | return { 'project': req['StaticProjectRequestBody']['project']} |
---|
| 304 | |
---|
[7583a62] | 305 | def release_project(self, req, fedid=None): |
---|
| 306 | """ |
---|
| 307 | Remove user keys from users and delete dynamic projects. |
---|
| 308 | |
---|
| 309 | Only keys not in the set of fixed keys are deleted. and there are |
---|
| 310 | similar protections for projects. |
---|
| 311 | """ |
---|
| 312 | |
---|
| 313 | cmds = [] |
---|
| 314 | pname = None |
---|
| 315 | users = [] |
---|
| 316 | |
---|
| 317 | print "release %s" % req |
---|
| 318 | try: |
---|
| 319 | if req['ReleaseProjectRequestBody']['project'].has_key('name'): |
---|
| 320 | pname = req['ReleaseProjectRequestBody']['project']\ |
---|
| 321 | ['name']['localname'] |
---|
| 322 | if req['ReleaseProjectRequestBody']['project'].has_key('user'): |
---|
| 323 | users = req['ReleaseProjectRequestBody']['project']['user'] |
---|
| 324 | except KeyError: |
---|
| 325 | raise service_error(service_error.req, "Badly formed request") |
---|
| 326 | |
---|
| 327 | for u in users: |
---|
| 328 | try: |
---|
| 329 | name = u['userID']['localname'] |
---|
| 330 | except KeyError: |
---|
| 331 | raise service_error(service_error.req, "Badly formed user") |
---|
| 332 | for sk in [ k['sshPubkey'] for k in u.get('access', []) \ |
---|
| 333 | if k.has_key('sshPubkey')]: |
---|
| 334 | if (name, sk) not in self.fixed_keys: |
---|
| 335 | cmds.append((self.wap, self.addpubkey, '-R', '-w', \ |
---|
| 336 | '-u', name, '-k', sk)) |
---|
| 337 | if pname and pname not in fixed_projects: |
---|
| 338 | cmds.append((self.wap, self.rmproj, pname)) |
---|
| 339 | |
---|
| 340 | # Run the commands |
---|
| 341 | rc = 0 |
---|
| 342 | for cmd in cmds: |
---|
| 343 | self.log.debug("[release_project]: %s" % ' '.join(cmd)) |
---|
| 344 | if not self.debug: |
---|
| 345 | try: |
---|
| 346 | rc = subprocess.call(cmd) |
---|
| 347 | except OSError, e: |
---|
| 348 | print "Release project subprocess creation error "+ \ |
---|
| 349 | "[%s] (%s)" % (cmd[0], e.strerror) |
---|
| 350 | raise service_error(service_error.internal, |
---|
| 351 | "Release project subprocess creation error "+ \ |
---|
| 352 | "[%s] (%s)" % (cmd[0], e.strerror)) |
---|
| 353 | |
---|
| 354 | if rc != 0: |
---|
| 355 | raise service_error(service_error.internal, |
---|
| 356 | "Release project subprocess error " +\ |
---|
| 357 | "[%s] (%d)" % (cmd[0], rc)) |
---|
| 358 | |
---|
| 359 | return { 'project': req['ReleaseProjectRequestBody']['project']} |
---|
| 360 | |
---|
[4ed10ae] | 361 | def make_proxy(method, req_name, req_alloc, resp_name): |
---|
| 362 | """ |
---|
| 363 | Construct the proxy calling function from the given parameters. |
---|
| 364 | """ |
---|
| 365 | |
---|
| 366 | # Define the proxy, NB, the parameters to make_proxy are visible to the |
---|
| 367 | # definition of proxy. |
---|
| 368 | def proxy(self, req, fedid=None): |
---|
[ef36c1e] | 369 | """ |
---|
| 370 | Send req on to a remote project instantiator. |
---|
| 371 | |
---|
[4ed10ae] | 372 | Req is just the message to be sent. This function re-wraps it. |
---|
[ef36c1e] | 373 | It also rethrows any faults. |
---|
| 374 | """ |
---|
[4ed10ae] | 375 | |
---|
[ef36c1e] | 376 | # No retry loop here. Proxy servers must correctly authenticate |
---|
| 377 | # themselves without help |
---|
| 378 | try: |
---|
| 379 | ctx = fedd_ssl_context(self.cert_file, self.trusted_certs, |
---|
| 380 | password=self.cert_pwd) |
---|
| 381 | except SSL.SSLError: |
---|
| 382 | raise service_error(service_error.server_config, |
---|
| 383 | "Server certificates misconfigured") |
---|
| 384 | |
---|
[7aec37d] | 385 | loc = feddInternalServiceLocator(); |
---|
| 386 | port = loc.getfeddInternalPortType(self.url, |
---|
[ef36c1e] | 387 | transport=M2Crypto.httpslib.HTTPSConnection, |
---|
| 388 | transdict={ 'ssl_context' : ctx }) |
---|
| 389 | |
---|
[4ed10ae] | 390 | if req.has_key(req_name): |
---|
| 391 | req = req[req_name] |
---|
[ef36c1e] | 392 | else: |
---|
| 393 | raise service_error(service_error.req, "Bad formated request"); |
---|
| 394 | |
---|
| 395 | # Reconstruct the full request message |
---|
[4ed10ae] | 396 | msg = req_alloc() |
---|
| 397 | set_elem = getattr(msg, "set_element_%s" % req_name) |
---|
| 398 | set_elem(pack_soap(msg, req_name, req)) |
---|
[ef36c1e] | 399 | try: |
---|
[4ed10ae] | 400 | mattr = getattr(port, method) |
---|
| 401 | resp = mattr(msg) |
---|
[ef36c1e] | 402 | except ZSI.ParseException, e: |
---|
| 403 | raise service_error(service_error.proxy, |
---|
| 404 | "Bad format message (XMLRPC??): %s" % str(e)) |
---|
[4ed10ae] | 405 | except ZSI.FaultException, e: |
---|
| 406 | resp = e.fault.detail[0] |
---|
| 407 | |
---|
[ef36c1e] | 408 | r = unpack_soap(resp) |
---|
| 409 | |
---|
[4ed10ae] | 410 | if r.has_key(resp_name): |
---|
| 411 | return r[resp_name] |
---|
[ef36c1e] | 412 | else: |
---|
| 413 | raise service_error(service_error.proxy, "Bad proxy response") |
---|
[4ed10ae] | 414 | # NB: end of proxy function definition |
---|
| 415 | return proxy |
---|
[ef36c1e] | 416 | |
---|
[4ed10ae] | 417 | class fedd_allocate_project_remote: |
---|
| 418 | """ |
---|
| 419 | Allocate projects on a remote machine using the internal SOAP interface |
---|
| 420 | """ |
---|
| 421 | dynamic_project = make_proxy("AllocateProject", |
---|
| 422 | "AllocateProjectRequestBody", AllocateProjectRequestMessage, |
---|
| 423 | "AllocateProjectResponseBody") |
---|
| 424 | static_project = make_proxy("StaticProject", |
---|
| 425 | "StaticProjectRequestBody", StaticProjectRequestMessage, |
---|
| 426 | "StaticProjectResponseBody") |
---|
| 427 | |
---|
| 428 | def __init__(self, config): |
---|
| 429 | """ |
---|
| 430 | Initializer. Parses a configuration if one is given. |
---|
| 431 | """ |
---|
| 432 | |
---|
| 433 | self.debug = config.get("access", "debug_project", False) |
---|
| 434 | self.url = config.get("access", "dynamic_projects_url", "") |
---|
| 435 | |
---|
| 436 | self.cert_file = config.get("access", "cert_file", None) |
---|
| 437 | self.cert_pwd = config.get("access", "cert_pwd", None) |
---|
| 438 | self.trusted_certs = config.get("access", "trusted_certs", None) |
---|
| 439 | |
---|
| 440 | # Certs are promoted from the generic to the specific, so without a if |
---|
| 441 | # no dynamic project certificates, then proxy certs are used, and if |
---|
| 442 | # none of those the main certs. |
---|
| 443 | |
---|
| 444 | if config.has_option("globals", "proxy_cert_file"): |
---|
| 445 | if not self.cert_file: |
---|
| 446 | self.cert_file = config.get("globals", "proxy_cert_file") |
---|
| 447 | if config.has_option("globals", "porxy_cert_pwd"): |
---|
| 448 | self.cert_pwd = config.get("globals", "proxy_cert_pwd") |
---|
| 449 | |
---|
| 450 | if config.has_option("globals", "proxy_trusted_certs") and \ |
---|
| 451 | not self.trusted_certs: |
---|
| 452 | self.trusted_certs = \ |
---|
| 453 | config.get("globals", "proxy_trusted_certs") |
---|
| 454 | |
---|
| 455 | if config.has_option("globals", "cert_file"): |
---|
| 456 | has_pwd = config.has_option("globals", "cert_pwd") |
---|
| 457 | if not self.cert_file: |
---|
| 458 | self.cert_file = config.get("globals", "cert_file") |
---|
| 459 | if has_pwd: |
---|
| 460 | self.cert_pwd = config.get("globals", "cert_pwd") |
---|
| 461 | |
---|
| 462 | if config.get("globals", "trusted_certs") and not self.trusted_certs: |
---|
| 463 | self.trusted_certs = \ |
---|
| 464 | config.get("globals", "trusted_certs") |
---|
| 465 | |
---|
| 466 | self.soap_services = { } |
---|
| 467 | self.xmlrpc_services = { } |
---|
| 468 | self.log = logging.getLogger("fedd.allocate.remote") |
---|
| 469 | set_log_level(config, "access", self.log) |
---|
[7583a62] | 470 | self.release_project = None |
---|