[Swift-commit] r3602 - in trunk: . bin etc etc/certificate

noreply at svn.ci.uchicago.edu noreply at svn.ci.uchicago.edu
Sat Sep 4 21:38:34 CDT 2010


Author: davidk
Date: 2010-09-04 21:38:34 -0500 (Sat, 04 Sep 2010)
New Revision: 3602

Added:
   trunk/etc/certificate/
   trunk/etc/certificate/b0cb24a8.0
   trunk/etc/certificate/b0cb24a8.signing_policy
   trunk/etc/certificate/swift.usercert.pem
   trunk/etc/certificate/swift.userkey.pem
   trunk/etc/certificate/x509up_swift
Modified:
   trunk/bin/swiftrun
   trunk/build.xml
Log:
Dummy certificate for coasters. Swiftrun will set appropriate variables when -certificate is specified.


Modified: trunk/bin/swiftrun
===================================================================
--- trunk/bin/swiftrun	2010-09-05 00:47:13 UTC (rev 3601)
+++ trunk/bin/swiftrun	2010-09-05 02:38:34 UTC (rev 3602)
@@ -14,10 +14,11 @@
 use SwiftConfig;
 
 # Command line processing
-my @option_sites;     # Site name to execute upon
-my $option_script;    # Script name to run
-my @option_inputs;    # Name of data to include with execution
-my @option_groups;    # Name of group/groups to run script on
+my @option_sites;      	# Site name to execute upon
+my $option_script;     	# Script name to run
+my @option_inputs;     	# Name of data to include with execution
+my @option_groups;     	# Name of group/groups to run script on
+my $option_certificate;	# Use a default certificate instead of your own 
 
 GetOptions(
     'site|sites=s{,}'   => \@option_sites,
@@ -25,6 +26,7 @@
     'input|inputs=s{,}' => \@option_inputs,
     'help|man|h'        => sub { pod2usage(-verbose => 2); },
     'group|groups=s{,}' => \@option_groups,
+    'certificate'	=> \$option_certificate,
 );
 
 # Check arguments
@@ -152,6 +154,14 @@
         || die "Unable to create symlink to $new_path\n";
 }
 
+# Handle certificates if needed
+if($option_certificate) {
+	$ENV{'X509_CERT_DIR'} = "$FindBin::Bin/../etc/certificate";
+	$ENV{'X509_CADIR'} = "$FindBin::Bin/../etc/certificate";
+	$ENV{'X509_USER_PROXY'} = "$FindBin::Bin/../etc/certificate/x509up_swift";
+}
+
+
 # Run swift
 chdir("$run_directory") || die "Unable to chdir to $run_directory\n";
 print "Executing script $option_script\n";

Modified: trunk/build.xml
===================================================================
--- trunk/build.xml	2010-09-05 00:47:13 UTC (rev 3601)
+++ trunk/build.xml	2010-09-05 02:38:34 UTC (rev 3602)
@@ -223,6 +223,9 @@
 		<copy todir="${dist.dir}/etc/apps">
 			<fileset dir="${cog.dir}/modules/${module.name}/etc/apps"/>
 		</copy>
+		<copy todir="${dist.dir}/etc/certificate">
+			<fileset dir="${cog.dir}/modules/${module.name}/etc/certificate"/>
+		</copy>
 		<chmod perm="+x" file="${dist.dir}/bin/swift"/>
 		<chmod perm="+x" file="${dist.dir}/bin/swift-osg-ress-site-catalog"/>
 		<chmod perm="+x" file="${dist.dir}/libexec/cdm_broadcast.sh"/>

Added: trunk/etc/certificate/b0cb24a8.0
===================================================================
--- trunk/etc/certificate/b0cb24a8.0	                        (rev 0)
+++ trunk/etc/certificate/b0cb24a8.0	2010-09-05 02:38:34 UTC (rev 3602)
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICgTCCAeqgAwIBAgIJANcvv4SNybEAMA0GCSqGSIb3DQEBBQUAMF8xDTALBgNV
+BAoTBEdyaWQxEzARBgNVBAsTCkdsb2J1c1Rlc3QxHjAcBgNVBAsTFXNpbXBsZUNB
+LXN3aWZ0LWxhcHRvcDEZMBcGA1UEAxMQR2xvYnVzIFNpbXBsZSBDQTAeFw0xMDA4
+MzExOTQxMzRaFw0xNTA4MzAxOTQxMzRaMF8xDTALBgNVBAoTBEdyaWQxEzARBgNV
+BAsTCkdsb2J1c1Rlc3QxHjAcBgNVBAsTFXNpbXBsZUNBLXN3aWZ0LWxhcHRvcDEZ
+MBcGA1UEAxMQR2xvYnVzIFNpbXBsZSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEAsx+GyaNvx9mH8UZRgM4jgQq9h3Us8qJD+/AgsbRB3JPF3M+aKGVnrcfP
+pBOo9+ykk5zCF6X7hS9BtJnhniaYQLBoHFE1YQqNKoP4+J77KmmkZYAYjJfGvyBn
+Ac2SAqR+7l25LmIGL+Sg3+ykPqFEhTXtGZEgUDYYPRZuePLLpbUCAwEAAaNFMEMw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUjd4qyt3WgOqh65/Tkq40wtJMGsAw
+EQYJYIZIAYb4QgEBBAQDAgAHMA0GCSqGSIb3DQEBBQUAA4GBAA4YawTmBK58kESD
+QtaNmoIRlw3UCW6gyACJlwbrUts5W6j7VA+MiBOFaLNbTf5XZA8cKYqD7xa/05FQ
+TLGWd6iFhx65sAj6/ravGxrepUWAqwmTyvFvDoUmlKAuQs8GftsYOcvmnBTzxtQt
+AkaWrwmGFR7a12k4MjXygJt1Ggy3
+-----END CERTIFICATE-----

Added: trunk/etc/certificate/b0cb24a8.signing_policy
===================================================================
--- trunk/etc/certificate/b0cb24a8.signing_policy	                        (rev 0)
+++ trunk/etc/certificate/b0cb24a8.signing_policy	2010-09-05 02:38:34 UTC (rev 3602)
@@ -0,0 +1,33 @@
+# ca-signing-policy.conf, see ca-signing-policy.doc for more information
+#
+# This is the configuration file describing the policy for what CAs are
+# allowed to sign whoses certificates.
+#
+# This file is parsed from start to finish with a given CA and subject
+# name.
+# subject names may include the following wildcard characters:
+#    *    Matches any number of characters.
+#    ?    Matches any single character.
+#
+# CA names must be specified (no wildcards). Names containing whitespaces
+# must be included in single quotes, e.g. 'Certification Authority'. 
+# Names must not contain new line symbols. 
+# The value of condition attribute is represented as a set of regular 
+# expressions. Each regular expression must be included in double quotes.  
+#
+# This policy file dictates the following policy:
+#   -The Globus CA can sign Globus certificates
+#
+# Format:
+#------------------------------------------------------------------------
+#  token type  | def.authority |                value              
+#--------------|---------------|-----------------------------------------
+# EACL entry #1|
+
+ access_id_CA      X509         '/O=Grid/OU=GlobusTest/OU=simpleCA-swift-laptop/CN=Globus Simple CA'
+
+ pos_rights        globus        CA:sign
+
+ cond_subjects     globus       '"/O=Grid/OU=GlobusTest/OU=simpleCA-swift-laptop/*"'
+
+# end of EACL

Added: trunk/etc/certificate/swift.usercert.pem
===================================================================
--- trunk/etc/certificate/swift.usercert.pem	                        (rev 0)
+++ trunk/etc/certificate/swift.usercert.pem	2010-09-05 02:38:34 UTC (rev 3602)
@@ -0,0 +1,51 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: O=Grid, OU=GlobusTest, OU=simpleCA-swift-laptop, CN=Globus Simple CA
+        Validity
+            Not Before: Aug 31 20:07:52 2010 GMT
+            Not After : Aug 31 20:07:52 2011 GMT
+        Subject: O=Grid, OU=GlobusTest, OU=simpleCA-swift-laptop, CN=Swift Laptop
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c1:9a:15:08:a5:47:f1:05:04:cc:26:a5:a9:58:
+                    24:40:67:04:27:45:05:2e:84:34:16:96:1a:b5:0a:
+                    06:15:a1:fd:e4:c0:ef:aa:d5:8a:6f:3f:ba:64:ab:
+                    9c:dd:e7:9e:73:23:5a:f3:64:cb:d3:14:a8:d4:3e:
+                    65:68:ff:75:60:c7:a4:6a:f2:24:09:81:67:59:8c:
+                    71:64:12:28:be:14:e6:00:fe:7a:ea:56:a4:65:91:
+                    af:31:5c:f1:34:2a:22:0c:63:57:1f:bc:f8:85:b5:
+                    08:5c:41:70:6c:d2:7b:d4:55:7d:b3:f8:20:c4:91:
+                    57:17:f5:5c:fe:87:a0:bc:a1
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL Client, SSL Server, S/MIME, Object Signing
+    Signature Algorithm: sha1WithRSAEncryption
+        4e:23:cd:8c:81:1b:2c:b2:3a:41:ba:7a:ee:83:a7:6a:24:ae:
+        28:74:25:fb:58:8e:8e:7c:ed:f0:43:a8:11:c4:1c:06:f7:e1:
+        1b:f0:cf:24:64:2c:93:ab:da:a3:93:a4:01:06:b6:33:ec:96:
+        dd:92:f3:1c:c3:67:98:56:f2:ea:da:0d:3c:6c:b8:83:da:3b:
+        46:74:64:56:a5:e6:65:5e:c4:9c:5b:7a:fc:f3:1b:46:13:2b:
+        bc:76:32:c1:80:08:90:f1:c2:87:95:5c:a6:37:da:ae:d2:38:
+        6c:35:d7:be:e2:92:fe:16:a9:a0:2f:b3:49:f4:8d:82:00:16:
+        03:fb
+-----BEGIN CERTIFICATE-----
+MIICRTCCAa6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQ0wCwYDVQQKEwRHcmlk
+MRMwEQYDVQQLEwpHbG9idXNUZXN0MR4wHAYDVQQLExVzaW1wbGVDQS1zd2lmdC1s
+YXB0b3AxGTAXBgNVBAMTEEdsb2J1cyBTaW1wbGUgQ0EwHhcNMTAwODMxMjAwNzUy
+WhcNMTEwODMxMjAwNzUyWjBbMQ0wCwYDVQQKEwRHcmlkMRMwEQYDVQQLEwpHbG9i
+dXNUZXN0MR4wHAYDVQQLExVzaW1wbGVDQS1zd2lmdC1sYXB0b3AxFTATBgNVBAMT
+DFN3aWZ0IExhcHRvcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwZoVCKVH
+8QUEzCalqVgkQGcEJ0UFLoQ0FpYatQoGFaH95MDvqtWKbz+6ZKuc3eeecyNa82TL
+0xSo1D5laP91YMekavIkCYFnWYxxZBIovhTmAP566lakZZGvMVzxNCoiDGNXH7z4
+hbUIXEFwbNJ71FV9s/ggxJFXF/Vc/oegvKECAwEAAaMVMBMwEQYJYIZIAYb4QgEB
+BAQDAgTwMA0GCSqGSIb3DQEBBQUAA4GBAE4jzYyBGyyyOkG6eu6Dp2okrih0JftY
+jo587fBDqBHEHAb34RvwzyRkLJOr2qOTpAEGtjPslt2S8xzDZ5hW8uraDTxsuIPa
+O0Z0ZFal5mVexJxbevzzG0YTK7x2MsGACJDxwoeVXKY32q7SOGw1177ikv4WqaAv
+s0n0jYIAFgP7
+-----END CERTIFICATE-----

Added: trunk/etc/certificate/swift.userkey.pem
===================================================================
--- trunk/etc/certificate/swift.userkey.pem	                        (rev 0)
+++ trunk/etc/certificate/swift.userkey.pem	2010-09-05 02:38:34 UTC (rev 3602)
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,55AAA5E005750907
+
+SD3JZeEdG1iLwFbFmScMZcLncTp4iTuNsNodF9jrHw5SenkE0l6VMJPwaW9eqF6c
+U/BzY1maxuf6cU0zjldBe75OzuEzWygx4v/yNVjw2zyBPuhe5l+xc1RLhXSNzlP6
+10F5jmu+fBdMMTqbRGTPSaWMWc36RQrsypBt0DWIO3kc7Lgf+FUix3dKnHnCrT9b
+lcaZhbZcCzlMl6UDWxqErerkNYoCo8i9n2RYMo8mvFOn7toeWzHOEXB+mSh73mi/
+goBeV2ezDPF5GJgeBaDv91jbzj5riy3Cnigvo9ClHwWAbG/VSdMgsB65/a1YjdBO
+4vA297LduALKMwENfEBaKiQ0FBlkUsQt+c0QRA9TOov3MsiASZzTdagKx2Obb8EG
+d26XXFA/DX7slZiJgQ7kFo0wmQsEuIkCE9hn1mQHud42u4WZptagvWzCQ5Ik8wtr
+qAacDlcAMuG4HUHtpOQT8ucpKnIRGEOvc7FKz03BGrGttY+l+eJf6i+nKFyRh3KM
+RnJ2GtSboZhE4ptnWDbgDdzxnwqJT3c9PQUbDMIwgII/licvJsIZjwSrzzVfY+HA
+UtCwt3safnxXNt55MVw7+42pwXM5gfrFDcMetsCZYitXp8hulmUV4viDrJyYVyPh
+UGmJ0qTjwiVBRiVLYtTYtvixSHZJtRWISQR5PQkAO+xAULpkDxTtZ36rm82sqKU3
+ej+LO16iFlzZIxX2j+Z5vcSn28nsJzFHffNQCs7j4AAx9oTSLJOyTzJc4ZAw5L/x
+KnXesrYfkjonYcxTBDMr7VrLqSPR8frIetF3SK3ppysChppGA82tig==
+-----END RSA PRIVATE KEY-----

Added: trunk/etc/certificate/x509up_swift
===================================================================
--- trunk/etc/certificate/x509up_swift	                        (rev 0)
+++ trunk/etc/certificate/x509up_swift	2010-09-05 02:38:34 UTC (rev 3602)
@@ -0,0 +1,38 @@
+-----BEGIN CERTIFICATE-----
+MIICITCCAYqgAwIBAgIEc5HGqjANBgkqhkiG9w0BAQQFADBbMQ0wCwYDVQQKEwRH
+cmlkMRMwEQYDVQQLEwpHbG9idXNUZXN0MR4wHAYDVQQLExVzaW1wbGVDQS1zd2lm
+dC1sYXB0b3AxFTATBgNVBAMTDFN3aWZ0IExhcHRvcDAeFw0xMDA4MzEyMDM5NDVa
+Fw0xMDA5MTAyMDQ0NDVaMHAxDTALBgNVBAoTBEdyaWQxEzARBgNVBAsTCkdsb2J1
+c1Rlc3QxHjAcBgNVBAsTFXNpbXBsZUNBLXN3aWZ0LWxhcHRvcDEVMBMGA1UEAxMM
+U3dpZnQgTGFwdG9wMRMwEQYDVQQDEwoxOTM4OTMzNDE4MFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAOAcIkT0dPXb40p+z7NI4gPOEKx4wAFpuFe4vz6qPvtXlv0rdLLb
+8uiHycAg3mf6tIAFRA8MA5WAmafoNG4oNnsCAwEAAaMhMB8wHQYIKwYBBQUHAQ4B
+Af8EDjAMMAoGCCsGAQUFBxUBMA0GCSqGSIb3DQEBBAUAA4GBAFHJrxlgNwg+W7tA
+Lqp/eG1FK7AJJDNMY6uuPN7G8YuTAL0nPZPuRjRJQEJK1ntXosU2oCn/SXjxr4km
+IGnKiWtvQWFyqzLLsitvcaynD4mBGjAk/GDa9+B+c+Kpy1R+E+z680OXXZlS9rID
+vqj20EfRfRvm/QB62dubanJElCOG
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAOAcIkT0dPXb40p+z7NI4gPOEKx4wAFpuFe4vz6qPvtXlv0rdLLb
+8uiHycAg3mf6tIAFRA8MA5WAmafoNG4oNnsCAwEAAQJBAIVe+N4EhV6Tn66DzWOq
+6ibNiYq6ybmNixFZdyb59kVo+2alRnqHVL+GQX1eNSqWRRXbr7Yhs9VMbAWVuM4G
+rIECIQD+tDASzbqqEUHAGorOuo7lQtit7a3mY0PTzIxHqSMCIQIhAOFAFxZVkY5R
+vzK5r7jYwkGoXle1ypZKiOdlzcBLkV0bAiAyaSFWp2c5f77esaIldmEP2SIfknon
+rh/fjI17JWurYQIgQwnhFSuYa4QW5JDxJJGWlxX2JiKbzckXH89jwhR7ifsCIBAd
+DtI2chvsfpQdhXtPBVNUN4NQzmSS+5FqbZpsTDxQ
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICRTCCAa6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQ0wCwYDVQQKEwRHcmlk
+MRMwEQYDVQQLEwpHbG9idXNUZXN0MR4wHAYDVQQLExVzaW1wbGVDQS1zd2lmdC1s
+YXB0b3AxGTAXBgNVBAMTEEdsb2J1cyBTaW1wbGUgQ0EwHhcNMTAwODMxMjAwNzUy
+WhcNMTEwODMxMjAwNzUyWjBbMQ0wCwYDVQQKEwRHcmlkMRMwEQYDVQQLEwpHbG9i
+dXNUZXN0MR4wHAYDVQQLExVzaW1wbGVDQS1zd2lmdC1sYXB0b3AxFTATBgNVBAMT
+DFN3aWZ0IExhcHRvcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwZoVCKVH
+8QUEzCalqVgkQGcEJ0UFLoQ0FpYatQoGFaH95MDvqtWKbz+6ZKuc3eeecyNa82TL
+0xSo1D5laP91YMekavIkCYFnWYxxZBIovhTmAP566lakZZGvMVzxNCoiDGNXH7z4
+hbUIXEFwbNJ71FV9s/ggxJFXF/Vc/oegvKECAwEAAaMVMBMwEQYJYIZIAYb4QgEB
+BAQDAgTwMA0GCSqGSIb3DQEBBQUAA4GBAE4jzYyBGyyyOkG6eu6Dp2okrih0JftY
+jo587fBDqBHEHAb34RvwzyRkLJOr2qOTpAEGtjPslt2S8xzDZ5hW8uraDTxsuIPa
+O0Z0ZFal5mVexJxbevzzG0YTK7x2MsGACJDxwoeVXKY32q7SOGw1177ikv4WqaAv
+s0n0jYIAFgP7
+-----END CERTIFICATE-----




More information about the Swift-commit mailing list