- Timestamp:
- May 30, 2013 3:53:29 PM (11 years ago)
- Branches:
- master
- Children:
- 1f9c361, b213b53
- Parents:
- e8f2d4c
- Location:
- fedd
- Files:
-
- 6 edited
-
access_to_abac.py (modified) (3 diffs)
-
fedd_create.py (modified) (2 diffs)
-
fedd_to_abac.py (modified) (2 diffs)
-
fedd_to_user_certs.py (modified) (2 diffs)
-
federation/authorizer.py (modified) (9 diffs)
-
federation/proof.py (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
fedd/access_to_abac.py
re8f2d4c r67fa1cf 10 10 from tempfile import mkdtemp 11 11 12 import Creddy12 import ABAC 13 13 14 14 from deter import fedid … … 326 326 cfiles = [] 327 327 for i, c in enumerate(creds): 328 cid = Creddy.ID(cert)328 cid = ABAC.ID(cert) 329 329 cid.load_privkey(key) 330 cattr = Creddy.Attribute(cid, c.attr, 3600 * 24 * 365 * 10)330 cattr = ABAC.Attribute(cid, c.attr, 3600 * 24 * 365 * 10) 331 331 for r in c.req: 332 332 if r.principal and r.link and r.attr: … … 340 340 cattr.bake() 341 341 fn = '%s/cred%d_attr.der' % (dir, i) 342 cattr.write_ name(fn)342 cattr.write_file(fn) 343 343 cfiles.append(fn) 344 344 return cfiles -
fedd/fedd_create.py
re8f2d4c r67fa1cf 6 6 7 7 import ABAC 8 import Creddy9 8 10 9 from string import join, ascii_letters … … 129 128 130 129 try: 131 cid = Creddy.ID(certfile)130 cid = ABAC.ID(certfile) 132 131 cid.load_privkey(keyfile) 133 cattr = Creddy.Attribute(cid, 'acting_for', 3600 * 24 * 365 * 10)132 cattr = ABAC.Attribute(cid, 'acting_for', 3600 * 24 * 365 * 10) 134 133 cattr.principal("%s" % expid) 135 134 cattr.bake() 136 cattr.write_ name(fn)135 cattr.write_file(fn) 137 136 except RuntimeError: 138 137 print >>sys.stderr, "Cannot create ABAC delegation. " + \ -
fedd/fedd_to_abac.py
re8f2d4c r67fa1cf 11 11 from string import join 12 12 13 import Creddy13 import ABAC 14 14 15 15 from federation.authorizer import abac_authorizer … … 114 114 (cert, key, r, k, cf) 115 115 else: 116 cid = Creddy.ID(cert)116 cid = ABAC.ID(cert) 117 117 cid.load_privkey(key) 118 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10)118 cattr = ABAC.Attribute(cid, r, 3600 * 24 * 365 * 10) 119 119 cattr.principal(k) 120 120 cattr.bake() 121 cattr.write_ name(cf)121 cattr.write_file(cf) 122 122 credfiles.append(cf) 123 123 return credfiles -
fedd/fedd_to_user_certs.py
re8f2d4c r67fa1cf 10 10 from tempfile import mkdtemp 11 11 12 import Creddy12 import ABAC 13 13 14 14 from federation.authorizer import abac_authorizer … … 118 118 try: 119 119 os.chdir(td) 120 cid = Creddy.ID(cert)120 cid = ABAC.ID(cert) 121 121 cid.write_cert_name('issuer.pem') 122 122 zf.write('issuer.pem') 123 123 for i, r in enumerate(id.roles): 124 124 cf = '%s%03d_attr.der' % (id.name, i) 125 cid = Creddy.ID(cert)125 cid = ABAC.ID(cert) 126 126 cid.load_privkey(key) 127 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10)127 cattr = ABAC.Attribute(cid, r, 3600 * 24 * 365 * 10) 128 128 cattr.principal(k) 129 129 cattr.bake() 130 cattr.write_ name(cf)130 cattr.write_file(cf) 131 131 zf.write(cf) 132 132 os.chdir(cwd) -
fedd/federation/authorizer.py
re8f2d4c r67fa1cf 15 15 16 16 import ABAC 17 import Creddy18 17 import pickle 19 18 … … 258 257 259 258 for dir in certs or []: 260 self. context.load_directory(dir)259 self.resilient_load_directory(dir) 261 260 262 261 if load: … … 266 265 self.creddy_id = None 267 266 try: 268 self.creddy_id = Creddy.ID(self.me)267 self.creddy_id = ABAC.ID(self.me) 269 268 except: 270 269 raise abac_authorizer.bad_cert_error('Cannot load cert %s' \ … … 277 276 raise abac_authorized_bad_cert_error('Cannot load key %s' \ 278 277 % self.key) 278 279 def resilient_load_directory(self, dirname): 280 ''' 281 ABAC.Context.load_directory has foolish arbitrary filename 282 distinctions. This tries to load the contents of dirname into the 283 authorizer's context first as IDs and then any that fail as attributes. 284 ''' 285 files = os.listdir(dirname) 286 attrs = [] 287 for f in files: 288 p = os.path.join(dirname, f) 289 if not os.path.isfile(p): continue 290 if self.context.load_id_file(p) != ABAC.ABAC_CERT_SUCCESS: 291 attrs.append(p) 292 for p in attrs: 293 self.context.load_attribute_file(p) 279 294 280 295 … … 318 333 if data_list is None: data_list = [] 319 334 for fn in file_list: 320 # Try to parse file as a CreddyID, so we can import PEM files335 # Try to parse file as a ABAC ID, so we can import PEM files 321 336 try: 322 cid = Creddy.ID(fn)337 cid = ABAC.ID(fn) 323 338 data_list.append(cid.cert_chunk()) 324 339 continue … … 379 394 # This will simplify when we have libcreddy 380 395 try: 381 attrcert = Creddy.Attribute(self.creddy_id,396 attrcert = ABAC.Attribute(self.creddy_id, 382 397 self.clean_attr(attr), 3600 * 24 * 365 * 10) 383 398 attrcert.principal("%s" % name) … … 575 590 attr = c.attribute_cert() 576 591 # NB: file naming conventions matter here. The trailing_ID and 577 # _attr are required by ABAC.COntext.load_directory() 592 # _attr are required by ABAC.Context.load_directory(). We use 593 # resilient_load_directory now, but no sense pulling these out 594 # now. 578 595 if id and id not in seenid: 579 f = open("%s/certs/ID_%05d_ID. der" % (dir, ii), "w")596 f = open("%s/certs/ID_%05d_ID.xml" % (dir, ii), "w") 580 597 f.write(id) 581 598 f.close() … … 583 600 seenid.add(id) 584 601 if attr and attr not in seenattr: 585 f = open("%s/certs/attr_%05d_attr. der" % (dir, ai), "w")602 f = open("%s/certs/attr_%05d_attr.xml" % (dir, ai), "w") 586 603 f.write(attr) 587 604 f.close() … … 620 637 if self.key: 621 638 self.init_libcreddy_id() 622 self. context.load_directory("%s/certs" % dir)639 self.resilient_load_directory("%s/certs" % dir) 623 640 self.save_dir = dir 624 641 except EnvironmentError, e: -
fedd/federation/proof.py
re8f2d4c r67fa1cf 3 3 4 4 import ABAC 5 import Creddy6 5 import sys 7 6 import os, os.path … … 43 42 f.close() 44 43 45 cid = Creddy.ID(der_name)44 cid = ABAC.ID(der_name) 46 45 47 46 tf = open(pem_name, 'w')
Note: See TracChangeset
for help on using the changeset viewer.
