-
Leigh B. Stoller authored
like this: * Listen for connections on port 3069. The server requires client authentication, and will fail if a certificate is not provided by the client. * Once the certificate is accepted, the server forks a new child. * The child looks inside the certificate to get the CN field of the Distinguished Name (subject). The CN field must hold the uid of the user, which is checked against the DB for a matching user. We get the groupslist from the DB, and do a setgid,setgroups,setuid to flip to the user in the child. * A instance of the emulabserver class is created, and the request is dispatched. I added an sslxmlrpc_client.py script that mirrors the ssh version of the client script. I could probably roll these into one, but decided not to to avoid confusing people who might download it.
5a025f36