Commit 27cd0e80 authored by Leigh B Stoller's avatar Leigh B Stoller

Small fixes for shutdown, and cleanup certificate stuff, getting

rid of self signed certs that are bogus (for other authorities that
are not us).
parent f09fd53e
......@@ -87,8 +87,7 @@ my $SNMPIT = "$TB/bin/snmpit";
my $PRERENDER = "$TB/libexec/vis/prerender";
my $XMLLINT = "/usr/local/bin/xmllint";
my $EMULAB_PEMFILE = "@prefix@/etc/genicm.pem";
my $API_VERSION = 1;
my $API_VERSION = 1;
#
# Tell the client what API revision we support. The correspondence
......@@ -1298,10 +1297,15 @@ sub GetTicketAuxAux($$$$$$$$$)
my $node = GeniUtil::LookupNode($component_uuid);
my $colocate = GeniXML::GetText("colocate", $rspec) ||
GeniXML::GetText("phys_nickname", $rspec);
my $exclusive = GeniXML::GetText("exclusive", $rspec);
my $subnode_of = GeniXML::GetText("subnode_of", $rspec);
$exclusive = 0
if (!defined($exclusive));
#
# Regardless of whether the user asked for an exclusive node
# or not, we have to change the rspec (ticket) to reflect
# that it is a shared node node or not. We do not need to change
# the virt_nodes entry since exclusive is just a desire.
#
my $exclusive = (defined($node->sharing_mode()) ? "0" : "1");
GeniXML::SetText("component_urn", $rspec,
GeniHRN::Generate( $OURDOMAIN, "node",
......@@ -1309,6 +1313,7 @@ sub GetTicketAuxAux($$$$$$$$$)
GeniXML::SetText("component_uuid", $rspec, $component_uuid);
GeniXML::SetText("component_manager_urn", $rspec, $ENV{'MYURN'});
GeniXML::SetText("component_manager_uuid", $rspec, $ENV{'MYUUID'});
GeniXML::SetText("exclusive", $rspec, $exclusive);
# Also update the virtexperiment table row.
# Do not update subnodes; they are fixed to the parent,
......@@ -3080,7 +3085,7 @@ sub ShutdownAux($$)
#
my $slice = GeniSlice->Lookup($credential->target_urn());
if (!defined($slice)) {
return GeniResponse->Create(GENIRESPONSE_SUCCESS);
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED);
}
#
# Do not worry about locking when setting the shutdown time.
......@@ -3134,15 +3139,9 @@ sub ListUsage($)
return $credential
if (GeniResponse::IsResponse($credential));
if ($credential->target_urn() ne $ENV{'MYURN'}) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"This is not your CM!");
}
# Just one of these, at Utah.
my $GENICH_PEMFILE = "@prefix@/etc/genich.pem";
my $certificate = GeniCertificate->LoadFromFile($GENICH_PEMFILE);
my $certificate = GeniRegistry::ClearingHouse->GetCertificate();
if (!defined($certificate)) {
print STDERR "Could not load certificate from $GENICH_PEMFILE\n";
print STDERR "Could not load ClearingHouse certificate\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
......@@ -3218,15 +3217,9 @@ sub ListHistory($)
return $credential
if (GeniResponse::IsResponse($credential));
if ($credential->target_urn() ne $ENV{'MYURN'}) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"This is not your CM!");
}
# Just one of these, at Utah.
my $GENICH_PEMFILE = "@prefix@/etc/genich.pem";
my $certificate = GeniCertificate->LoadFromFile($GENICH_PEMFILE);
my $certificate = GeniRegistry::ClearingHouse->GetCertificate();
if (!defined($certificate)) {
print STDERR "Could not load certificate from $GENICH_PEMFILE\n";
print STDERR "Could not load clearinghouse certificate\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
......@@ -3748,12 +3741,7 @@ sub RegisterAux($$)
return -1;
}
}
my $credential = GeniRegistry::Client->CreateCredential($authority);
if (!defined($authority)) {
print STDERR "Could not create a credential for $authority\n";
return -1;
}
my $registry = GeniRegistry::Client->Create($authority, undef,$credential);
my $registry = GeniRegistry::Client->Create($authority);
if (!defined($registry)) {
print STDERR "Could not create a registry client for $authority\n";
return -1;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment