Commit b95edc28 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Redo the CM versioning approach; not sure what I was thinking when I

did this originally, totally stupid. Anyway, the version number is now
a path argument to the script. No path info means version 1.0. In
other words, a URL like:

	/protogeni/xmlrpc/cm
	/protogeni/xmlrpc/cm/1.0

means to use version 1 of the API, while:

	/protogeni/xmlrpc/cm/2.0

gets you version 2 of the API.
parent 2d82bce1
......@@ -111,7 +111,7 @@ params["slice_urn"] = SLICEURN
params["rspec"] = rspec
params["keys"] = mykeys
params["impotent"] = impotent
rval,response = do_method("cmv2", "CreateSliver", params)
rval,response = do_method("cm", "CreateSliver", params, version="2.0")
if rval:
Fatal("Could not create sliver")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -51,7 +51,7 @@ print "Deleting the slice"
params = {}
params["credentials"] = (slicecred,)
params["slice_urn"] = SLICEURN
rval,response = do_method("cmv2", "DeleteSlice", params)
rval,response = do_method("cm", "DeleteSlice", params, version="2.0")
if rval:
Fatal("Could not delete slice")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -51,7 +51,7 @@ print "Resolving the slice at the CM"
params = {}
params["credentials"] = (slicecred,)
params["urn"] = myslice["urn"]
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not resolve slice")
pass
......@@ -68,7 +68,7 @@ if not "sliver_urn" in myslice:
params = {}
params["credentials"] = (slicecred,)
params["slice_urn"] = SLICEURN
rval,response = do_method("cmv2", "GetSliver", params)
rval,response = do_method("cm", "GetSliver", params, version="2.0")
if rval:
Fatal("Could not get Sliver credential")
pass
......@@ -81,7 +81,7 @@ print "Got the sliver credential, deleting the sliver";
params = {}
params["credentials"] = (slivercred,)
params["sliver_urn"] = myslice["sliver_urn"]
rval,response = do_method("cmv2", "DeleteSliver", params)
rval,response = do_method("cm", "DeleteSliver", params, version="2.0")
if rval:
Fatal("Could not delete sliver")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -34,7 +34,7 @@ mycredential = get_self_credential()
#
params = {}
params["credentials"] = (mycredential,)
rval,response = do_method("cmv2", "DiscoverResources", params)
rval,response = do_method("cm", "DiscoverResources", params, version="2.0")
if rval:
Fatal("Could not get a list of resources")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -99,7 +99,7 @@ params["slice_urn"] = SLICEURN
params["credentials"] = (myslice,)
params["rspec"] = rspec
params["impotent"] = 0
rval,response = do_method("cmv2", "GetTicket", params)
rval,response = do_method("cm", "GetTicket", params, version="2.0")
if rval:
Fatal("Could not get ticket")
pass
......@@ -116,7 +116,7 @@ params["ticket"] = ticket
params["credentials"] = (myslice,)
params["rspec"] = rspec
params["impotent"] = 0
rval,response = do_method("cmv2", "UpdateTicket", params)
rval,response = do_method("cm", "UpdateTicket", params, version="2.0")
if rval:
Fatal("Could not update ticket")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -76,7 +76,7 @@ print "Resolving the slice at the CM"
params = {}
params["credentials"] = (slicecred,)
params["urn"] = myslice["urn"]
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not resolve slice")
pass
......@@ -94,7 +94,7 @@ print "Asking for the ticket"
params = {}
params["credentials"] = (slicecred,)
params["urn"] = myslice["ticket_urn"]
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not get the ticket")
pass
......@@ -110,7 +110,7 @@ params["credentials"] = (slicecred,)
params["ticket"] = ticket
params["slice_urn"] = SLICEURN
params["keys"] = mykeys
rval,response = do_method("cmv2", "RedeemTicket", params)
rval,response = do_method("cm", "RedeemTicket", params, version="2.0")
if rval:
Fatal("Could not redeem the ticket")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -64,7 +64,7 @@ print "Resolving the slice at the CM"
params = {}
params["credentials"] = (slicecred,)
params["urn"] = myslice["urn"]
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not resolve slice")
pass
......@@ -82,7 +82,7 @@ print "Asking for the ticket"
params = {}
params["credentials"] = (slicecred,)
params["urn"] = myslice["ticket_urn"]
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not get the ticket")
pass
......@@ -97,7 +97,7 @@ params = {}
params["slice_urn"] = myslice["urn"]
params["credentials"] = (slicecred,)
params["ticket"] = ticket
rval,response = do_method("cmv2", "ReleaseTicket", params)
rval,response = do_method("cm", "ReleaseTicket", params, version="2.0")
if rval:
Fatal("Could not release the ticket")
pass
......
......@@ -82,7 +82,7 @@ print "Got the slice credential, renewing the sliver";
params = {}
params["credentials"] = (slicecred,)
params["slice_urn"] = SLICEURN
rval,response = do_method("cmv2", "RenewSlice", params)
rval,response = do_method("cm", "RenewSlice", params, version="2.0")
if rval:
Fatal("Could not renew sliver")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2009 University of Utah and the Flux Group.
# Copyright (c) 2009-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -45,7 +45,7 @@ print "Resolving at the local CM"
params = {}
params["credentials"] = (mycredential,)
params["urn"] = URN
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not resolve")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -65,7 +65,7 @@ print "Got the slice credential, asking for a sliver credential ..."
params = {}
params["credentials"] = (slicecred,)
params["slice_urn"] = SLICEURN
rval,response = do_method("cmv2", "GetSliver", params)
rval,response = do_method("cm", "GetSliver", params, version="2.0")
if rval:
Fatal("Could not get Sliver credential")
pass
......@@ -90,7 +90,7 @@ if URN:
else:
params["slice_urn"] = SLICEURN
pass
rval,response = do_method("cmv2", method, params)
rval,response = do_method("cm", method, params, version="2.0")
if rval:
Fatal("Could not start sliver")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -50,7 +50,7 @@ print "Got the slice credential, asking for a sliver credential ..."
params = {}
params["slice_urn"] = SLICEURN
params["credentials"] = (slicecred,)
rval,response = do_method("cmv2", "GetSliver", params)
rval,response = do_method("cm", "GetSliver", params, version="2.0")
if rval:
Fatal("Could not get Sliver credential")
pass
......@@ -63,7 +63,7 @@ print "Got the sliver credential, asking for sliver status";
params = {}
params["slice_urn"] = SLICEURN
params["credentials"] = (slivercred,)
rval,response = do_method("cmv2", "SliverStatus", params)
rval,response = do_method("cm", "SliverStatus", params, version="2.0")
if rval:
Fatal("Could not get sliver status")
pass
......
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -138,7 +138,7 @@ def PassPhraseCB(v, prompt1='Enter passphrase:', prompt2='Verify passphrase:'):
#
# Call the rpc server.
#
def do_method(module, method, params, URI=None, quiet=False):
def do_method(module, method, params, URI=None, quiet=False, version=None):
if not os.path.exists(CERTIFICATE):
return Fatal("error: missing emulab certificate: %s\n" % CERTIFICATE)
......@@ -165,6 +165,10 @@ def do_method(module, method, params, URI=None, quiet=False):
URI = URI + "/" + module
pass
if version:
URI = URI + "/" + version
pass
scheme, netloc, path, query, fragment = urlsplit(URI)
if not scheme:
URI = "https://" + URI
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -95,7 +95,7 @@ print "Resolving the slice at the CM"
params = {}
params["credentials"] = (slicecred,)
params["urn"] = myslice["urn"]
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not get resolve slice")
pass
......@@ -108,7 +108,7 @@ print str(myslice)
print "Asking for sliver credential"
params = {}
params["credentials"] = (slicecred,)
rval,response = do_method("cmv2", "GetSliver", params)
rval,response = do_method("cm", "GetSliver", params, version="2.0")
if rval:
Fatal("Could not get Sliver credential")
pass
......@@ -125,7 +125,7 @@ params = {}
params["credentials"] = (slivercred,)
params["slice_urn"] = SLICEURN
params["valid_until"] = valid_until
rval,response = do_method("cmv2", "RenewSliver", params)
rval,response = do_method("cm", "RenewSliver", params, version="2.0")
if rval:
Fatal("Could not renew sliver")
pass
......@@ -140,7 +140,7 @@ params["sliver_urn"] = myslice["sliver_urn"]
params["credentials"] = (slicecred,)
params["rspec"] = rspec
params["impotent"] = impotent
rval,response = do_method("cmv2", "UpdateSliver", params)
rval,response = do_method("cm", "UpdateSliver", params, version="2.0")
if rval:
Fatal("Could not update sliver")
pass
......
#! /usr/bin/env python
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
# Permission to use, copy, modify and distribute this software is hereby
......@@ -54,7 +54,7 @@ if debug:
params = {}
params["credentials"] = (slicecred,)
params["slice_urn"] = SLICEURN
rval,response = do_method("cmv2", "GetSliver", params)
rval,response = do_method("cm", "GetSliver", params, version="2.0")
if rval:
Fatal("Could not get Sliver credential")
pass
......@@ -71,7 +71,7 @@ params = {}
params["slice_urn"] = SLICEURN
params["credentials"] = (slivercred,)
while True: # #@(%ing Python doesn't have do loops
rval,response = do_method("cmv2", "SliverStatus", params)
rval,response = do_method("cm", "SliverStatus", params, version="2.0")
if rval:
Fatal("Could not get sliver status")
if response[ "value" ][ "status" ] == "ready": # no #@(%ing switch, either
......@@ -90,7 +90,7 @@ if debug:
params = {}
params["urn"] = SLICEURN
params["credentials"] = (slicecred,)
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not resolve slice")
pass
......@@ -105,7 +105,7 @@ if debug:
params = {}
params["urn"] = sliver_urn
params["credentials"] = (slicecred,)
rval,response = do_method("cmv2", "Resolve", params)
rval,response = do_method("cm", "Resolve", params, version="2.0")
if rval:
Fatal("Could not resolve sliver")
pass
......
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2000-2009 University of Utah and the Flux Group.
# Copyright (c) 2000-2010 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -21,7 +21,7 @@ SETUID_LIBX_SCRIPTS =
# configure if the .in file is changed.
#
all: protogeni-cm.pl protogeni-ch.pl protogeni-sa.pl protogeni-ses.pl \
Genixmlrpc.pm GeniResponse.pm protogeni-cmv2.pl
Genixmlrpc.pm GeniResponse.pm
include $(TESTBED_SRCDIR)/GNUmakerules
......@@ -32,7 +32,6 @@ install-libs: $(INSTALL_LIBDIR)/Genixmlrpc.pm \
install-scripts: $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-sa.pl \
$(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cm.pl \
$(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cmv2.pl \
$(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ch.pl \
$(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ses.pl
$(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-sa.pl
......@@ -41,8 +40,6 @@ install-scripts: $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-sa.pl \
$(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ch.pl
$(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cm.pl
$(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cm.pl
$(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cmv2.pl
$(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cmv2.pl
$(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ses.pl
$(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ses.pl
......
#!/usr/bin/perl -w
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -33,11 +33,14 @@ BEGIN { $GENI_DBNAME = "geni-cm"; }
# Configure variables
my $EMULAB_PEMFILE = "@prefix@/etc/genicm.pem";
my $MAINSITE = @TBMAINSITE@;
my $VERSION = "1.0";
# Testbed libraries.
use lib '@prefix@/lib';
use GeniCM;
use GeniCMV2;
use Genixmlrpc;
use GeniResponse;
use libaudit;
# Geniuser.
......@@ -47,6 +50,9 @@ my $group = "GeniSlices";
# Need a command line option.
my $debug = 0;
# Determined by version.
my $responder;
#
# Turn off line buffering on output
#
......@@ -120,42 +126,86 @@ if (!defined($request)) {
exit(0);
}
#
# Use libaudit to capture any output from libraries and programs.
# Send that to tbops so they can be fixed.
#
LogStart(0, undef, LIBAUDIT_LOGTBOPS());
if (exists($ENV{'PATH_INFO'}) && $ENV{'PATH_INFO'} ne "") {
my $pathinfo = $ENV{'PATH_INFO'};
$pathinfo =~ s/^\///;
my @parts = split(/\//, $pathinfo);
if (@parts) {
my $v = $parts[0];
if ($v =~ /^[\d\.]+$/) {
$VERSION = "$v";
}
}
}
#
# Create and set our RPC context for any calls we end up making.
#
Genixmlrpc->SetContext(Genixmlrpc->Context($certificate));
my $responder = Frontier::Responder->new( "methods" => {
"GetVersion" => \&GeniCM::GetVersion,
"Resolve" => \&GeniCM::Resolve,
"DiscoverResources" => \&GeniCM::DiscoverResources,
"GetTicket" => \&GeniCM::GetTicket,
"UpdateTicket" => \&GeniCM::UpdateTicket,
"ReleaseTicket" => \&GeniCM::ReleaseTicket,
"RedeemTicket" => \&GeniCM::RedeemTicket,
"StartSliver" => \&GeniCM::StartSliver,
"DeleteSliver" => \&GeniCM::DeleteSliver,
"DeleteSlice" => \&GeniCM::DeleteSlice,
"SplitSliver" => \&GeniCM::SplitSliver,
"UpdateSliver" => \&GeniCM::UpdateSliver,
"GetSliver" => \&GeniCM::GetSliver,
"BindToSlice" => \&GeniCM::BindToSlice,
"Shutdown" => \&GeniCM::Shutdown,
"ListUsage" => \&GeniCM::ListUsage,
"SliceStatus" => \&GeniCM::SliceStatus,
"SliverStatus" => \&GeniCM::SliverStatus,
"SliverTicket" => \&GeniCM::SliverTicket,
"ListTickets" => \&GeniCM::ListTickets,
"ListHistory" => \&GeniCM::ListHistory,
"RenewSlice" => \&GeniCM::RenewSlice,
},
);
if ($VERSION eq "1.0") {
$responder = Frontier::Responder->new( "methods" => {
"GetVersion" => \&GeniCM::GetVersion,
"Resolve" => \&GeniCM::Resolve,
"DiscoverResources" => \&GeniCM::DiscoverResources,
"GetTicket" => \&GeniCM::GetTicket,
"UpdateTicket" => \&GeniCM::UpdateTicket,
"ReleaseTicket" => \&GeniCM::ReleaseTicket,
"RedeemTicket" => \&GeniCM::RedeemTicket,
"StartSliver" => \&GeniCM::StartSliver,
"DeleteSliver" => \&GeniCM::DeleteSliver,
"DeleteSlice" => \&GeniCM::DeleteSlice,
"SplitSliver" => \&GeniCM::SplitSliver,
"UpdateSliver" => \&GeniCM::UpdateSliver,
"GetSliver" => \&GeniCM::GetSliver,
"BindToSlice" => \&GeniCM::BindToSlice,
"Shutdown" => \&GeniCM::Shutdown,
"ListUsage" => \&GeniCM::ListUsage,
"SliceStatus" => \&GeniCM::SliceStatus,
"SliverStatus" => \&GeniCM::SliverStatus,
"SliverTicket" => \&GeniCM::SliverTicket,
"ListTickets" => \&GeniCM::ListTickets,
"ListHistory" => \&GeniCM::ListHistory,
"RenewSlice" => \&GeniCM::RenewSlice,
},);
}
elsif ($VERSION eq "2.0") {
$responder = Frontier::Responder->new( "methods" => {
"GetVersion" => \&GeniCMV2::GetVersion,
"Resolve" => \&GeniCMV2::Resolve,
"DiscoverResources" => \&GeniCMV2::DiscoverResources,
"CreateSliver" => \&GeniCMV2::CreateSliver,
"UpdateSliver" => \&GeniCMV2::UpdateSliver,
"DeleteSliver" => \&GeniCMV2::DeleteSliver,
"GetSliver" => \&GeniCMV2::GetSliver,
"Shutdown" => \&GeniCMV2::Shutdown,
"SliverStatus" => \&GeniCMV2::SliverStatus,
"RenewSlice" => \&GeniCMV2::RenewSlice,
"GetTicket" => \&GeniCMV2::GetTicket,
"ReleaseTicket" => \&GeniCMV2::ReleaseTicket,
"UpdateTicket" => \&GeniCMV2::UpdateTicket,
"RedeemTicket" => \&GeniCMV2::RedeemTicket,
"DeleteSlice" => \&GeniCMV2::DeleteSlice,
"StartSliver" => \&GeniCMV2::StartSliver,
"StopSliver" => \&GeniCMV2::StopSliver,
"RestartSliver" => \&GeniCMV2::RestartSliver,
"BindToSlice" => \&GeniCMV2::BindToSlice,
"ListUsage" => \&GeniCMV2::ListUsage,
"ListHistory" => \&GeniCMV2::ListHistory,
},);
}
else {
my $decoder = Frontier::RPC2->new();
print "Content-Type: text/xml \n\n";
print $decoder->encode_fault(-3, "Invalid API Version");
exit(0);
}
#
# Use libaudit to capture any output from libraries and programs.
# Send that to tbops so they can be fixed.
#
LogStart(0, undef, LIBAUDIT_LOGTBOPS());
# Add stuff for log message if sent.
AddAuditInfo("message", $request);
......
#!/usr/bin/perl -w
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
#
# Simple CGI interface to the GENI xmlrpc interface. This script is invoked
# from the web server. The certificate information is in the environment
# set up by apache.
#
use strict;
use English;
use Frontier::Responder;
use Frontier::RPC2;
use Data::Dumper;
use POSIX;
# Yack. apache does not close fds before the exec, and if this dies
# we are left with a giant mess.
BEGIN {
no warnings;
for (my $i = 3; $i < 2048; $i++) {
POSIX:close($i);
}
}
# Do this early so that we talk to the right DB.
use vars qw($GENI_DBNAME);
BEGIN { $GENI_DBNAME = "geni-cm"; }
# Configure variables
my $EMULAB_PEMFILE = "@prefix@/etc/genicm.pem";
my $MAINSITE = @TBMAINSITE@;
# Testbed libraries.
use lib '@prefix@/lib';
use GeniCM;
use GeniCMV2;
use Genixmlrpc;
use libaudit;
# Geniuser.
my $user = "geniuser";
my $group = "GeniSlices";
# Need a command line option.
my $debug = 0;
#
# Turn off line buffering on output
#
$| = 1;
#
# Untaint the path
#
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# So we know who/what we are acting as.
#
my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE);
if (!defined($certificate)) {
die("*** $0:\n".
" Could not get uuid from $EMULAB_PEMFILE\n");
}
$ENV{'MYUUID'} = $certificate->uuid();
# The URN could also come from the certificate, and that might be preferable
# in some ways (if anybody is doing something silly like authenticating
# with somebody else's certificate). But that would require everybody to
# upgrade to URNs in their certificates, so we can't assume it yet.
$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+cm";
#
# In the prototype, we accept certificate signed by trusted roots
# (CA certs we have locally cached). This script runs as "geniuser"
# so that there is an emulab user context, or many of the scripts we
# invoke will complain and croak.
#
my $unix_uid = getpwnam("$user") or
die("*** $0:\n".
" No such user $user\n");
my $unix_gid = getgrnam("$group") or
die("*** $0:\n".
" No such group $group\n");
# Flip to user and never go back
$GID = $unix_gid;
$EGID = "$unix_gid $unix_gid";
$EUID = $UID = $unix_uid;
$ENV{'USER'} = $user;
$ENV{'LOGNAME'} = $user;
#
# The UUID of the client certificate is in the env var SSL_CLIENT_S_DN_CN.
# If it actually looks like a UUID, then this correponds to an actual user,
# and the supplied credentials/tickets must match. At present, if there is
# no UUID, it is another emulab making a request directly, with no user
# context, and we just let that pass for now.
#
if (exists($ENV{'SSL_CLIENT_S_DN_CN'}) &&
$ENV{'SSL_CLIENT_S_DN_CN'} =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) {
$ENV{'GENIUSER'} = $ENV{'SSL_CLIENT_S_DN_CN'};
$ENV{'GENIUUID'} = $ENV{'SSL_CLIENT_S_DN_CN'};
}
else {
my $decoder = Frontier::RPC2->new();
print "Content-Type: text/xml \n\n";
print $decoder->encode_fault(-1, "Invalid certificate; no UUID");
exit(0);
}
#
# Reaching into the Frontier code so I can debug this crap.
#
my $request = Frontier::Responder::get_cgi_request();
if (!defined($request)) {
print "Content-Type: text/txt\n\n";
exit(0);
}
#
# Use libaudit to capture any output from libraries and programs.
# Send that to tbops so they can be fixed.
#
LogStart(0, undef, LIBAUDIT_LOGTBOPS());
#
# Create and set our RPC context for any calls we end up making.
#
Genixmlrpc->SetContext(Genixmlrpc->Context($certificate));
my $responder = Frontier::Responder->new( "methods" => {
"GetVersion" => \&GeniCMV2::GetVersion,
"Resolve" => \&GeniCMV2::Resolve,
"DiscoverResources" => \&GeniCMV2::DiscoverResources,
"CreateSliver" => \&GeniCMV2::CreateSliver,
"UpdateSliver" => \&GeniCMV2::UpdateSliver,
"DeleteSliver" => \&GeniCMV2::DeleteSliver,
"GetSliver" => \&GeniCMV2::GetSliver,
"Shutdown" => \&GeniCMV2::Shutdown,
"SliverStatus" => \&GeniCMV2::SliverStatus,
"RenewSlice" => \&GeniCMV2::RenewSlice,
"GetTicket" => \&GeniCMV2::GetTicket,
"ReleaseTicket" => \&GeniCMV2::ReleaseTicket,
"UpdateTicket" => \&GeniCMV2::UpdateTicket,
"RedeemTicket" => \&GeniCMV2::RedeemTicket,
"DeleteSlice" => \&GeniCMV2::DeleteSlice,
"StartSliver" => \&GeniCMV2::StartSliver,
"StopSliver" => \&GeniCMV2::StopSliver,
"RestartSliver" => \&GeniCMV2::RestartSliver,
"BindToSlice" => \&GeniCMV2::BindToSlice,
"ListUsage" => \&GeniCMV2::ListUsage,
"ListHistory" => \&GeniCMV2::ListHistory,
},
);
# Add stuff for log message if sent.
AddAuditInfo("message", $request);
# CC errors to Utah for now.