Changeset 67fa1cf for fedd


Ignore:
Timestamp:
May 30, 2013 3:53:29 PM (12 years ago)
Author:
Ted Faber <faber@…>
Branches:
master
Children:
1f9c361, b213b53
Parents:
e8f2d4c
Message:

MOve over to ABAC 0.1.4

Location:
fedd
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • fedd/access_to_abac.py

    re8f2d4c r67fa1cf  
    1010from tempfile import mkdtemp
    1111
    12 import Creddy
     12import ABAC
    1313
    1414from deter import fedid
     
    326326    cfiles = []
    327327    for i, c in enumerate(creds):
    328         cid = Creddy.ID(cert)
     328        cid = ABAC.ID(cert)
    329329        cid.load_privkey(key)
    330         cattr = Creddy.Attribute(cid, c.attr, 3600 * 24 * 365 * 10)
     330        cattr = ABAC.Attribute(cid, c.attr, 3600 * 24 * 365 * 10)
    331331        for r in c.req:
    332332            if r.principal and r.link and r.attr:
     
    340340        cattr.bake()
    341341        fn = '%s/cred%d_attr.der' % (dir, i)
    342         cattr.write_name(fn)
     342        cattr.write_file(fn)
    343343        cfiles.append(fn)
    344344    return cfiles
  • fedd/fedd_create.py

    re8f2d4c r67fa1cf  
    66
    77import ABAC
    8 import Creddy
    98
    109from string import join, ascii_letters
     
    129128
    130129        try:
    131             cid = Creddy.ID(certfile)
     130            cid = ABAC.ID(certfile)
    132131            cid.load_privkey(keyfile)
    133             cattr = Creddy.Attribute(cid, 'acting_for', 3600 * 24 * 365 * 10)
     132            cattr = ABAC.Attribute(cid, 'acting_for', 3600 * 24 * 365 * 10)
    134133            cattr.principal("%s" % expid)
    135134            cattr.bake()
    136             cattr.write_name(fn)
     135            cattr.write_file(fn)
    137136        except RuntimeError:
    138137            print >>sys.stderr, "Cannot create ABAC delegation. " + \
  • fedd/fedd_to_abac.py

    re8f2d4c r67fa1cf  
    1111from string import join
    1212
    13 import Creddy
     13import ABAC
    1414
    1515from federation.authorizer import abac_authorizer
     
    114114                        (cert, key, r, k, cf)
    115115            else:
    116                 cid = Creddy.ID(cert)
     116                cid = ABAC.ID(cert)
    117117                cid.load_privkey(key)
    118                 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10)
     118                cattr = ABAC.Attribute(cid, r, 3600 * 24 * 365 * 10)
    119119                cattr.principal(k)
    120120                cattr.bake()
    121                 cattr.write_name(cf)
     121                cattr.write_file(cf)
    122122                credfiles.append(cf)
    123123    return credfiles
  • fedd/fedd_to_user_certs.py

    re8f2d4c r67fa1cf  
    1010from tempfile import mkdtemp
    1111
    12 import Creddy
     12import ABAC
    1313
    1414from federation.authorizer import abac_authorizer
     
    118118        try:
    119119            os.chdir(td)
    120             cid = Creddy.ID(cert)
     120            cid = ABAC.ID(cert)
    121121            cid.write_cert_name('issuer.pem')
    122122            zf.write('issuer.pem')
    123123            for i, r in enumerate(id.roles):
    124124                cf = '%s%03d_attr.der' % (id.name, i)
    125                 cid = Creddy.ID(cert)
     125                cid = ABAC.ID(cert)
    126126                cid.load_privkey(key)
    127                 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10)
     127                cattr = ABAC.Attribute(cid, r, 3600 * 24 * 365 * 10)
    128128                cattr.principal(k)
    129129                cattr.bake()
    130                 cattr.write_name(cf)
     130                cattr.write_file(cf)
    131131                zf.write(cf)
    132132            os.chdir(cwd)
  • fedd/federation/authorizer.py

    re8f2d4c r67fa1cf  
    1515
    1616import ABAC
    17 import Creddy
    1817import pickle
    1918
     
    258257
    259258        for dir in certs or []:
    260             self.context.load_directory(dir)
     259            self.resilient_load_directory(dir)
    261260
    262261        if load:
     
    266265        self.creddy_id = None
    267266        try:
    268             self.creddy_id = Creddy.ID(self.me)
     267            self.creddy_id = ABAC.ID(self.me)
    269268        except:
    270269            raise abac_authorizer.bad_cert_error('Cannot load cert %s' \
     
    277276            raise abac_authorized_bad_cert_error('Cannot load key %s' \
    278277                    % self.key)
     278
     279    def resilient_load_directory(self, dirname):
     280        '''
     281        ABAC.Context.load_directory has foolish arbitrary filename
     282        distinctions.  This tries to load the contents of dirname into the
     283        authorizer's context first as IDs and then any that fail as attributes.
     284        '''
     285        files = os.listdir(dirname)
     286        attrs = []
     287        for f in files:
     288            p = os.path.join(dirname, f)
     289            if not os.path.isfile(p): continue
     290            if self.context.load_id_file(p) != ABAC.ABAC_CERT_SUCCESS:
     291                attrs.append(p)
     292        for p in attrs:
     293            self.context.load_attribute_file(p)
    279294
    280295
     
    318333            if data_list is None: data_list = []
    319334            for fn in file_list:
    320                 # Try to parse file as a Creddy ID, so we can import PEM files
     335                # Try to parse file as a ABAC ID, so we can import PEM files
    321336                try:
    322                     cid = Creddy.ID(fn)
     337                    cid = ABAC.ID(fn)
    323338                    data_list.append(cid.cert_chunk())
    324339                    continue
     
    379394                # This will simplify when we have libcreddy
    380395                try:
    381                     attrcert = Creddy.Attribute(self.creddy_id,
     396                    attrcert = ABAC.Attribute(self.creddy_id,
    382397                            self.clean_attr(attr), 3600 * 24 * 365 * 10)
    383398                    attrcert.principal("%s" % name)
     
    575590                attr = c.attribute_cert()
    576591                # NB: file naming conventions matter here.  The trailing_ID and
    577                 # _attr are required by ABAC.COntext.load_directory()
     592                # _attr are required by ABAC.Context.load_directory().  We use
     593                # resilient_load_directory now, but no sense pulling these out
     594                # now.
    578595                if id and id not in seenid:
    579                     f = open("%s/certs/ID_%05d_ID.der" % (dir, ii), "w")
     596                    f = open("%s/certs/ID_%05d_ID.xml" % (dir, ii), "w")
    580597                    f.write(id)
    581598                    f.close()
     
    583600                    seenid.add(id)
    584601                if attr and attr not in seenattr:
    585                     f = open("%s/certs/attr_%05d_attr.der" % (dir, ai), "w")
     602                    f = open("%s/certs/attr_%05d_attr.xml" % (dir, ai), "w")
    586603                    f.write(attr)
    587604                    f.close()
     
    620637                if self.key:
    621638                    self.init_libcreddy_id()
    622             self.context.load_directory("%s/certs" % dir)
     639            self.resilient_load_directory("%s/certs" % dir)
    623640            self.save_dir = dir
    624641        except EnvironmentError, e:
  • fedd/federation/proof.py

    re8f2d4c r67fa1cf  
    33
    44import ABAC
    5 import Creddy
    65import sys
    76import os, os.path
     
    4342                f.close()
    4443
    45                 cid = Creddy.ID(der_name)
     44                cid = ABAC.ID(der_name)
    4645
    4746                tf = open(pem_name, 'w')
Note: See TracChangeset for help on using the changeset viewer.