Ignore:
Timestamp:
09/02/07 14:55:08 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/setup.py:

  • comment out Twisted from install - won't do egg install
  • updated long description

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

  • added verifyingCertFilePath keyword to SignatureHandler? initialisation
  • added SSL capability

python/conf/attAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml,
python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
added element names for reading SSL settings from properties file.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
added verifyingCertFilePath keyword to SignatureHandler? initialisation

python/conf/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml,
python/ndg.security.server/ndg/security/server/SessionMgr/init.py:
added clntCertFile properties file element name for setting certificate for
verifying incoming SOAP messages.

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile:
corrected typo.

python/ndg.security.server/ndg/security/server/MyProxy.py:
Put OpenSSLConfig and OpenSSLConfigError classes into their own package
'openssl' so that they can also be used by the Certificate Authority client.

python/www/html/certificateAuthority.wsdl,
python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services.py: updated operations to issueCert, revokeCert and getCRL.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: changed address of service to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
alternative username connection settings

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
fixed typos in error message and comments.

ython/ndg.security.common/ndg/security/common/XMLSec.py: changed call to
getAttributeNodeNS to getAttributeNode for retrieving reference element URI
attribute.

python/ndg.security.common/ndg/security/common/ca/init.py: code for
Certificate Authority client

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • tidied up imports
  • added properties for setting keywords to reference and SignedInfo? C14N
  • changed sign method so that it is truely configurable allow use of inclusive or exclusive C14N based on the keywords set for reference and SignedInfo? C14N calls.
  • swapped calls to getAttributeNodeNS with getAttributeNode where appropriate.

java/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/AttAuthority/build/classes/META-INF/ibm-webservicesclient-bnd.xmi:
updated to that request generator correctly places X.509 cert in
BinarySecurityToken? element.

java/DEWS/AttAuthority/appClientModule/Main.java,
java/DEWS/AttAuthority/appClientjava/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmiModule/Main.java:
include calls to getX509Cert and getAttCert methods.

java/DEWS/SessionMgr/build/classes/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/SessionMgr/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi:
updates for testing Session MAnager client

java/DEWS/SessionMgr/appClientModule/Main.java: switched username setting.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/MyProxy.py

    r2070 r2136  
    2424from M2Crypto import X509, RSA, EVP, m2, BIO, SSL 
    2525 
    26 import re 
    2726import base64 
    2827 
     
    3130import cElementTree as ElementTree 
    3231 
     32from ndg.security.common.openssl import OpenSSLConfig, OpenSSLConfigError 
    3333 
    3434 
     
    858858 
    859859 
    860 #_____________________________________________________________________________         
    861 class OpenSSLConfigError(Exception): 
    862     """Exceptions related to OpenSSLConfig class"""    
    863  
    864  
    865 #_____________________________________________________________________________         
    866 class OpenSSLConfig(object): 
    867     """Wrapper to OpenSSL Configuration file to allow extraction of 
    868     required distinguished name used for making certificate requests 
    869      
    870     @cvar __reqDnRE: regular expression pattern for locating required 
    871     distinguished name from the config file""" 
    872      
    873     __reqDnRE = '\[ req_distinguished_name \].*\[' 
    874      
    875     def __init__(self, filePath=None): 
    876         """Initial OpenSSL configuration optionally setting a file path to 
    877         read from 
    878          
    879         @param filePath: path to OpenSSL configuration file""" 
    880          
    881         # Content of file 
    882         self.__fileTxt = None 
    883         self.__setFilePath(filePath) 
    884  
    885              
    886     def __setFilePath(self, filePath): 
    887         """Set property method 
    888         @param filePath: path for OpenSSL configuration file""" 
    889         if filePath is not None: 
    890             if not isinstance(filePath, basestring): 
    891                 raise OpenSSLConfigError, \ 
    892                     "Input OpenSSL config file path must be a string" 
    893  
    894             self.__filePath = filePath 
    895                      
    896             try: 
    897                 if not os.access(self.__filePath, os.R_OK): 
    898                     raise OpenSSLConfigError, "not found or no read access" 
    899                                           
    900             except Exception, e: 
    901                 raise OpenSSLConfigError, \ 
    902                     "OpenSSL config file path is not valid: \"%s\": %s" % \ 
    903                     (self.__filePath, str(e)) 
    904  
    905  
    906     def __getFilePath(self): 
    907         """Get property method 
    908         @param filePath: file path for OpenSSL configuration file""" 
    909         return self.__filePath 
    910  
    911     filePath = property(fget=__getFilePath, 
    912                         fset=__setFilePath, 
    913                         doc="file path for configuration file") 
    914      
    915     def __getFileTxt(self): 
    916         """Get content of file in call to getReqDN 
    917         @return string content of file""" 
    918         return self.__fileTxt 
    919      
    920     def __setFileTxt(self, input): 
    921         """Set content of file 
    922         @param input: string content of  file. - Set to None to re-read  
    923         file content in call to getReqDN""" 
    924         self.__fileTxt = input 
    925      
    926      
    927     fileTxt = property(fset=__setFileTxt, 
    928                        fget=__getFileTxt, 
    929                        doc="Content of SSL file") 
    930      
    931     def _read(self): 
    932         """Read OpenSSL configuration file and return as string 
    933          
    934         @return fileTxt: content of the file""" 
    935  
    936         self.__fileTxt = self.__fileTxt or open(self.__filePath).read() 
    937         return self.__fileTxt 
    938  
    939  
    940     def getReqDN(self): 
    941         """Read Required DN parameters from the configuration file returning 
    942         them in a dictionary 
    943          
    944         @return Distinguished Name OU and O defaults in a dictionary""" 
    945          
    946         # Nb. Match over line boundaries 
    947         try: 
    948             reqDnTxt = re.findall(self.__reqDnRE, self._read(), re.S)[0] 
    949  
    950             # Separate lines 
    951             reqDnLines = reqDnTxt.split(os.linesep) 
    952              
    953             # Match the '*_default' entries and make a dictionary 
    954             # 
    955             # Make sure comment lies are omitted - P J Kershaw 22/07/05 
    956             return dict([re.split('_default\s*=\s*', line) \ 
    957                          for line in reqDnLines \ 
    958                          if re.match('[^#].*_default\s*=', line)])  
    959         except Exception, e: 
    960             raise "Error reading content of OpenSSL config file \"%s\: %s" % \ 
    961                                                     (self.__filePath, str(e)) 
    962  
    963  
    964860#_____________________________________________________________________________    
    965861def main(): 
Note: See TracChangeset for help on using the changeset viewer.