Changeset 2827


Ignore:
Timestamp:
17/08/07 18:15:04 (12 years ago)
Author:
pjkersha
Message:
  • Updates to openssl and MyProxy? to be independent of Globus files for

MyProxy? clients

  • added Installation guide
Location:
TI12-security/trunk
Files:
2 added
11 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg-security-install.py

    r2723 r2827  
    221221             
    222222        except IOError, (errMsg, e): 
    223             raise SecurityInstallError, 'Error retrieving Twisted from "%s": %s' % \ 
    224                                                     (twistedTarURI, e[1]) 
     223            raise SecurityInstallError, \ 
     224                'Error retrieving Twisted from "%s": %s' % \ 
     225                                                (self.opt.twistedTarURI, e[1]) 
    225226        except Exception, e: 
    226             raise SecurityInstallError, 'Error retrieving Twisted from "%s": %s' % \ 
    227                                                     (twistedTarURI, str(e)) 
     227            raise SecurityInstallError, \ 
     228                'Error retrieving Twisted from "%s": %s' % \ 
     229                                                (self.opt.twistedTarURI, e) 
    228230 
    229231        import tarfile 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/AttAuthority/__init__.py

    r2796 r2827  
    372372        except Exception, e: 
    373373            # Try to detect exception type from SOAP fault message 
    374             errmsg = str(e) 
     374            errMsg = str(e) 
    375375            for excep in self.excepMap: 
    376376                if excep in errMsg: 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/openssl.py

    r2735 r2827  
    1515import re, os 
    1616from ConfigParser import SafeConfigParser 
     17from M2Crypto.X509 import X509_Name 
    1718 
    1819#_____________________________________________________________________________         
     
    3637    @cvar __gridCASubDir: sub-directory of globus user for CA settings""" 
    3738     
    38     _certReqDNParamName = ('O', 'OU', '0.organizationName', 
    39                             '0.organizationalUnitName') 
     39    _certReqDNParamName = X509_Name.nid.keys() 
    4040     
    4141    _caDirPat = re.compile('\$dir') 
     
    4949         
    5050        @type filePath: string         
    51         @keyword filePath: path to OpenSSL configuration file""" 
     51        @keyword filePath: path to OpenSSL configuration file 
     52         
     53        @type caDir: string 
     54        @keyword caDir: directory for SimpleCA.  This is substituted for $dir 
     55        in OpenSSL config file where present.  caDir can be left out in  
     56        which case the substitution is not done""" 
    5257         
    5358        SafeConfigParser.__init__(self) 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/MyProxy.py

    r2746 r2827  
    169169                   'serverCNprefix', 
    170170                   'gridSecurityDir', 
    171                    'openSSLConfFileName', 
     171                   'openSSLConfFilePath', 
    172172                   'tmpDir', 
    173173                   'proxyCertMaxLifetime', 
     
    220220        if propFilePath is not None: 
    221221            self.readProperties(propFilePath) 
    222          
    223  
    224         # Grid security directory - environment variable setting overrides 
    225         if 'GRID_SECURITY_DIR' in os.environ: 
    226             self.__prop['gridSecurityDir'] = os.environ['GRID_SECURITY_DIR']             
    227  
    228             if 'openSSLConfFileName' in self.__prop: 
    229                 self.__openSSLConf.filePath = \ 
    230                             os.path.join(self.__prop['gridSecurityDir'], 
    231                                          self.__prop['openSSLConfFileName']) 
    232                 self.__openSSLConf.read() 
    233222 
    234223 
     
    250239        # Check 'self.__prop' to ensure both are present in 
    251240        # order to construct a file path 
    252         if 'gridSecurityDir' in prop or \ 
    253            'openSSLConfFileName' in prop and \ 
    254            'gridSecurityDir' in self.__prop and \ 
    255            'openSSLConfFileName' in self.__prop:             
    256             self.__openSSLConf.filePath = \ 
    257                             os.path.join(self.__prop['gridSecurityDir'], 
    258                                          self.__prop['openSSLConfFileName']) 
     241        if 'openSSLConfFilePath' in prop:             
     242            self.__openSSLConf.filePath = self.__prop['openSSLConfFilePath'] 
    259243            self.__openSSLConf.read() 
    260244             
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/__init__.py

    r2796 r2827  
    639639        except Exception, e: 
    640640            raise SessionMgrError, \ 
    641                 "Error parsing tag \"%s\" in properties file" % elem.tag 
     641                'Error parsing tag "%s" in properties file: %s' % (elem.tag,e) 
    642642 
    643643        missingElem.extend(getMissingElem(self.__prop, self.__validElem)) 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/myProxyProperties.xml

    r2017 r2827  
    2222        <serverCNprefix>host/</serverCNprefix>   
    2323        <!-- 
    24         Nb. GRID_SECURITY_DIR environment variable if set, overrides this setting 
     24        This directory path is used to locate the OpenSSL configuration file 
    2525         
    26         This directory path is used to locate the OpenSSL configuration file 
     26        The settings are used to set up the defaults for the Distinguished Name of 
     27        the new proxy cert. issued  
     28         
     29        GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used 
     30        but the settings can be independent of any Globus installation 
    2731        --> 
    28         <gridSecurityDir>$GLOBUS_LOCATION/etc</gridSecurityDir> 
    29         <!-- Open SSL Configuration settings --> 
    30         <openSSLConfFileName>globus-user-ssl.conf</openSSLConfFileName> 
     32        <openSSLConfFilePath>$GLOBUS_LOCATION/etc/globus-user-ssl.conf</openSSLConfFilePath> 
    3133        <tmpDir>/tmp</tmpDir> 
    3234        <!--  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml

    r2746 r2827  
    4444                <serverCNprefix>host/</serverCNprefix>   
    4545                <!-- 
    46                 Nb. GRID_SECURITY_DIR environment variable if set, overrides this  
    47                 setting 
     46                This directory path is used to locate the OpenSSL configuration file 
    4847                 
    49                 This directory path is used to locate the OpenSSL configuration file 
     48                The settings are used to set up the defaults for the Distinguished Name of 
     49                the new proxy cert. issued  
     50                 
     51                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used 
     52                but the settings can be independent of any Globus installation 
    5053                --> 
    51                 <gridSecurityDir>$GLOBUS_LOCATION/etc</gridSecurityDir> 
    52                 <!-- Open SSL Configuration settings --> 
    53                 <openSSLConfFileName>globus-user-ssl.conf</openSSLConfFileName> 
     54                <openSSLConfFilePath>$GLOBUS_LOCATION/etc/globus-user-ssl.conf</openSSLConfFilePath> 
    5455                <tmpDir>/tmp</tmpDir> 
    5556                <!--  
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/MyProxy/Makefile

    r2679 r2827  
    1515PYTHONPATH=/usr/bin/python 
    1616 
    17 initAttAuthorityClientUnittest: ${PROXYFILES} 
     17initAttAuthorityClientUnittest: 
    1818        @echo Set-up AttAuthority unit test by copying proxy file output from this test... 
    1919        ${PYTHONPATH} ./MyProxyClientTest.py MyProxyClientTestCase.test2GetDelegation 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/MyProxy/myProxyProperties.xml

    r2510 r2827  
    2222        <serverCNprefix></serverCNprefix>        
    2323        <!-- 
    24         Nb. GRID_SECURITY_DIR environment variable if set, overrides this setting 
     24        This directory path is used to locate the OpenSSL configuration file 
    2525         
    26         This directory path is used to locate the OpenSSL configuration file 
     26        The settings are used to set up the defaults for the Distinguished Name of 
     27        the new proxy cert. issued  
     28         
     29        GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used 
     30        but the settings can be independent of any Globus installation 
    2731        --> 
    28         <gridSecurityDir>$GLOBUS_LOCATION/etc</gridSecurityDir> 
    29         <!-- Open SSL Configuration settings --> 
    30         <openSSLConfFileName>globus-user-ssl.conf</openSSLConfFileName> 
     32        <openSSLConfFilePath>$GLOBUS_LOCATION/etc/globus-user-ssl.conf</openSSLConfFilePath> 
    3133        <tmpDir>/tmp</tmpDir> 
    3234        <!--  
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg

    r2746 r2827  
    1010# $Id:$ 
    1111[setUp] 
    12 #smuri = https://localhost:5700/SessionManager 
    13 smuri = https://glue.badc.rl.ac.uk:50000/SessionManager 
     12smuri = https://localhost:5700/SessionManager 
     13#smuri = https://glue.badc.rl.ac.uk:50000/SessionManager 
    1414 
    1515# For https connections only.  !Omit ssl* settings if using http! 
     
    5353  
    5454[test2Connect]          
    55 username = lawrence 
    56 #username = raphaelTest 
     55#username = lawrence 
     56username = raphaelTest 
    5757#username = gabriel 
    5858#passphrase =  
     
    6464 
    6565[test6GetAttCertUsingSessID] 
    66 aaURI = https://localhost:5000/AttributeAuthority 
     66aaURI = http://localhost:5000/AttributeAuthority 
    6767 
    6868[test6aGetAttCertRefusedUsingSessID] 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml

    r2530 r2827  
    4343                --> 
    4444                <!-- 
    45                 Nb. GRID_SECURITY_DIR environment variable if set, overrides this  
    46                 setting 
     45                This directory path is used to locate the OpenSSL configuration file 
    4746                 
    48                 This directory path is used to locate the OpenSSL configuration file 
     47                The settings are used to set up the defaults for the Distinguished Name of 
     48                the new proxy cert. issued  
     49                 
     50                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used 
     51                but the settings can be independent of any Globus installation 
    4952                --> 
    50                 <gridSecurityDir>$GLOBUS_LOCATION/etc</gridSecurityDir> 
    51                 <!-- Open SSL Configuration settings --> 
    52                 <openSSLConfFileName>globus-user-ssl.conf</openSSLConfFileName> 
     53                <openSSLConfFilePath>$GLOBUS_LOCATION/etc/globus-user-ssl.conf</openSSLConfFilePath> 
    5354                <tmpDir>/tmp</tmpDir> 
    5455                <!--  
Note: See TracChangeset for help on using the changeset viewer.