- Timestamp:
- Sep 19, 2011 2:31:55 PM (13 years ago)
- Branches:
- compt_changes, info-ops, master
- Children:
- cd360a0
- Parents:
- a55f2f9
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/fedd_to_abac.py
ra55f2f9 r4157521 10 10 11 11 from string import join 12 13 import Creddy 12 14 13 15 from federation.authorizer import abac_authorizer … … 29 31 default=False, help='Create the --dir directory') 30 32 self.add_option('--debug', action='store_true', dest='debug', 31 default=False, help='Just print the creddy commands')33 default=False, help='Just print the libcreddy parameters') 32 34 self.add_option('--policy_only', action='store_const', const=False, 33 35 dest='make_authorizer', default=True, … … 97 99 def make_credentials(roles, cert, key, creds_dir, debug): 98 100 """ 99 From the dict of identities, indexed by fedid, call creddy to create the101 From the dict of identities, indexed by fedid, call libcreddy to create the 100 102 ABAC certificates. Return a list of the created files. If debug is true, 101 just print the creddy commands.103 just print the creddy attribute creation parameters. 102 104 """ 103 105 credfiles = [] … … 106 108 cf = '%s/%s%03d_attr.der' % \ 107 109 (creds_dir or 'new_cert_dir', id.name, i) 108 cmd = ['creddy', '--attribute', 109 '--issuer=%s' % (cert or 'cert_file'), 110 '--key=%s' % (key or 'key_file'), '--role=%s' % r, 111 '--subject-id=%s' % k, '--out=%s' % cf ] 110 111 cid = Creddy.ID(cert) 112 cid.load_privkey(key) 113 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10) 114 cattr.principal(k) 115 112 116 if debug: 113 print join(cmd) 117 print 'cert %s key %s role %s principal %s out %s' % \ 118 (cert, key, r, k, cf) 114 119 else: 115 rv = subprocess.call(cmd) 116 if rv != 0: 117 raise RuntimeError('%s failed: %d' % (join(cmd), rv)) 118 else: 119 credfiles.append(cf) 120 cattr.bake() 121 cattr.write_name(cf) 122 credfiles.append(cf) 120 123 return credfiles 121 124
Note: See TracChangeset
for help on using the changeset viewer.