Context Navigation

-                      r9460b1e
+                      r51cc9df
 from optparse import OptionParser
+from fedd_util import fedd_ssl_context, fedid
+from fedd_util import fedd_ssl_context
+from fedid import fedid
 from fedd_deter_impl import new_feddservice
 from fedd_services import ns0

fedd/fedd_access.py

r9460b1e	r51cc9df
22	22	from fedd_util import *
23	23	from fedd_allocate_project import *
	24	from fedid import fedid, generate_fedid
24	25	import parse_detail
25	26	from service_error import *

fedd/fedd_allocate_project.py

r9460b1e	r51cc9df
20	20	from fedd_internal_services import *
21	21	from fedd_util import *
	22	from fedid import fedid
22	23	from fixed_resource import read_key_db, read_project_db
23	24	from remote_service import xmlrpc_handler, soap_handler, service_caller

fedd/fedd_client.py

-                      r9460b1e
+                      r51cc9df
 import xmlrpclib
+from fedd_util import fedid, fedd_ssl_context, pack_id, unpack_id
+from fedd_util import fedd_ssl_context, pack_id, unpack_id
+from fedid import fedid
 from remote_service import service_caller
 from service_error import *

fedd/fedd_experiment_control.py

r9460b1e	r51cc9df
27	27	from fedd_internal_services import *
28	28	from fedd_util import *
	29	from fedid import fedid, generate_fedid
29	30	from remote_service import xmlrpc_handler, soap_handler, service_caller
30	31	import parse_detail

fedd/fedd_split.py

r9460b1e	r51cc9df
27	27	from fedd_internal_services import *
28	28	from fedd_util import *
	29	from fedid import fedid
29	30	from remote_service import xmlrpc_handler, soap_handler
30	31	import parse_detail

fedd/fedd_util.py

-                      r9460b1e
+                      r51cc9df
 #!/usr/local/bin/python
-import os, sys
-import subprocess
-import tempfile
 import logging
-import copy
+from M2Crypto import SSL, X509, EVP
+from pyasn1.codec.der import decoder
+# The version of M2Crypto on users is pretty old and doesn't have all the
+# features that are useful.  The legacy code is somewhat more brittle than the
+# main line, but will work.
+if "as_der" not in dir(EVP.PKey):
+    from asn1_raw import get_key_bits_from_file, get_key_bits_from_cert
+    legacy = True
+else:
+    legacy = False
+from M2Crypto import SSL
+from fedid import fedid
 class fedd_ssl_context(SSL.Context):
 …
         self.set_verify(SSL.verify_peer, 10)
-class fedid:
-    """
-    Wrapper around the federated ID from an X509 certificate.
-    """
-    HASHSIZE=20
-    def __init__(self, bits=None, hexstr=None, cert=None, file=None):
-        if bits != None:
-            self.set_bits(bits)
-        elif hexstr != None:
-            self.set_hexstr(hexstr)
-        elif cert != None:
-            self.set_cert(cert)
-        elif file != None:
-            self.set_file(file)
-        else:
-            self.buf = None
-    def __hash__(self):
-        return hash(self.buf)
-    def __eq__(self, other):
-        if isinstance(other, type(self)):
-            return self.buf == other.buf
-        elif isinstance(other, type(str())):
-            return self.buf == other;
-        else:
-            return False
-    def __ne__(self, other): return not self.__eq__(other)
-    def __str__(self):
-        if self.buf != None:
-            return str().join([ "%02x" % ord(x) for x in self.buf])
-        else: return ""
-    def __repr__(self):
-        return "fedid(hexstr='%s')" % self.__str__()
-    def pack_soap(self):
-        return self.buf
-    def pack_xmlrpc(self):
-        return self.buf
-    def digest_bits(self, bits):
-        """Internal function.  Compute the fedid from bits and store in buf"""
-        d = EVP.MessageDigest('sha1')
-        d.update(bits)
-        self.buf = d.final()
-    def set_hexstr(self, hexstr):
-        h = hexstr.replace(':','')
-        self.buf= str().join([chr(int(h[i:i+2],16)) \
-                for i in range(0,2*fedid.HASHSIZE,2)])
-    def get_hexstr(self):
-        """Return the hexstring representation of the fedid"""
-        return __str__(self)
-    def set_bits(self, bits):
-        """Set the fedid to bits(a 160 bit buffer)"""
-        self.buf = bits
-    def get_bits(self):
-        """Get the 160 bit buffer from the fedid"""
-        return self.buf
-    def set_file(self, file):
-        """Get the fedid from a certificate file
-        Calculate the SHA1 hash over the bit string of the public key as
-        defined in RFC3280.
-        """
-        self.buf = None
-        if legacy: self.digest_bits(get_key_bits_from_file(file))
-        else: self.set_cert(X509.load_cert(file))
-    def set_cert(self, cert):
-        """Get the fedid from a certificate.
-        Calculate the SHA1 hash over the bit string of the public key as
-        defined in RFC3280.
-        """
-        self.buf = None
-        if (cert != None):
-            if legacy:
-                self.digest_bits(get_key_bits_from_cert(cert))
-            else:
-                b = []
-                k = cert.get_pubkey()
-                # Getting the key was easy, but getting the bit string of the
-                # key requires a side trip through ASN.1
-                dec = decoder.decode(k.as_der())
-                # kv is a tuple of the bits in the key.  The loop below
-                # recombines these into bytes and then into a buffer for the
-                # SSL digest function.
-                kv =  dec[0].getComponentByPosition(1)
-                for i in range(0, len(kv), 8):
-                    v = 0
-                    for j in range(0, 8):
-                        v = (v << 1) + kv[i+j]
-                    b.append(v)
-                # The comprehension turns b from a list of bytes into a buffer
-                # (string) of bytes
-                self.digest_bits(str().join([chr(x) for x in b]))
 def pack_id(id):
     """
 …
         if id.has_key(k): return id[k]
     return None
-def generate_fedid(subj, bits=2048, log=None, dir=None, trace=sys.stderr,
-        ssl_prog="/usr/bin/openssl"):
-    """
-    Create a new certificate and derive a fedid from it.
-    The fedid and the certificate are returned as a tuple.
-    """
-    keypath = None
-    certpath = None
-    try:
-        try:
-            kd, keypath = tempfile.mkstemp(dir=dir, prefix="key",
-                    suffix=".pem")
-            cd, certpath = tempfile.mkstemp(dir=dir, prefix="cert",
-                    suffix=".pem")
-            cmd = [ssl_prog, "req", "-text", "-newkey",
-                    "rsa:%d" % bits, "-keyout", keypath,  "-nodes",
-                    "-subj", "/CN=%s" % subj, "-x509", "-days", "30",
-                    "-out", certpath]
-            if log:
-                log.debug("[generate_fedid] %s" % " ".join(cmd))
-            if trace: call_out = trace
-            else:
-                call_out = open("/dev/null", "w")
-            rv = subprocess.call(cmd, stdout=call_out, stderr=call_out)
-            log.debug("rv = %d" % rv)
-            if rv == 0:
-                cert = ""
-                for p in (certpath, keypath):
-                    f = open(p)
-                    for line in f:
-                        cert += line
-                fid = fedid(file=certpath)
-                return (fid, cert)
-            else:
-                return (None, None)
-        except IOError, e:
-            raise e
-    finally:
-        if keypath: os.remove(keypath)
-        if certpath: os.remove(certpath)
 def set_log_level(config, sect, log):

fedd/remote_service.py

-                      r9460b1e
+                      r51cc9df
 from xmlrpclib import ServerProxy, dumps, loads, Fault, Error, Binary
+from fedd_util import fedd_ssl_context, fedid
+from fedd_util import fedd_ssl_context
+from fedid import fedid

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 51cc9df

Legend:

Download in other formats: