Commit 29d6d41f authored by Alejandro Alvarez Ayllon's avatar Alejandro Alvarez Ayllon
Browse files

FTS-274: Add --capath to the CLI

parent 377c9058
% FTS-REST-CLI(1) fts-rest-ban
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-ban
......@@ -33,6 +33,9 @@ Ban and unban storage elements and users
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-delegate
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-delegate
......@@ -33,6 +33,9 @@ This command can be used to (re)delegate your credentials to the FTS3 server
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-delete-submit
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-delete-submit
......@@ -34,6 +34,9 @@ This command can be used to submit a deletion job to FTS3. It supports simple an
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-snapshot
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-snapshot
......@@ -35,6 +35,9 @@ It allows to filter by VO, source SE and destination SE
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-transfer-cancel
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-transfer-cancel
......@@ -37,6 +37,9 @@ You can additionally cancel only a subset appending a comma-separated list of fi
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-transfer-list
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-transfer-list
......@@ -33,6 +33,9 @@ This command can be used to list the running jobs, allowing to filter by user dn
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-transfer-status
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-transfer-status
......@@ -33,6 +33,9 @@ This command can be used to check the current status of a given job
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
% FTS-REST-CLI(1) fts-rest-transfer-submit
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-transfer-submit
......@@ -65,6 +65,9 @@ format is as follows:
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......@@ -131,6 +134,15 @@ format is as follows:
--cloud-credentials
: Use cloud credentials for the job (i. E. Dropbox).
--nostreams
: Number of streams
--ipv4
: Force ipv4
--ipv6
: Force ipv6
# EXAMPLE
```
$ fts-rest-transfer-submit -s https://fts3-devel.cern.ch:8446 gsiftp://source.host/file gsiftp://destination.host/file
......
% FTS-REST-CLI(1) fts-rest-whoami
% fts-devel@cern.ch
% June 17, 2015
% July 21, 2015
# NAME
fts-rest-whoami
......@@ -35,6 +35,9 @@ who are we for the server.
--cert
: The user certificate.
--capath
: Use the specified directory to verify the peer
--insecure
: Do not validate the server certificate
......
......@@ -99,6 +99,8 @@ class Base(object):
help='the user certificate private key.', default=opt_ukey)
self.opt_parser.add_option('--cert', dest='ucert',
help='the user certificate.', default=opt_ucert)
self.opt_parser.add_option('--capath', dest='capath', default='/etc/grid-security/certificates',
help='use the specified directory to verify the peer')
self.opt_parser.add_option('--insecure', dest='verify', default=True, action='store_false',
help='do not validate the server certificate')
self.opt_parser.add_option('--access-token', dest='access_token',
......@@ -130,5 +132,5 @@ class Base(object):
def _create_context(self):
return Context(
self.options.endpoint, ukey=self.options.ukey, ucert=self.options.ucert, verify=self.options.verify,
access_token=self.options.access_token
access_token=self.options.access_token, capath=self.options.capath
)
......@@ -135,7 +135,7 @@ class Context(object):
raise BadEndpoint("%s (%s)" % (self.endpoint, str(e))), None, sys.exc_info()[2]
return endpoint_info
def __init__(self, endpoint, ucert=None, ukey=None, verify=True, access_token=None, no_creds=False):
def __init__(self, endpoint, ucert=None, ukey=None, verify=True, access_token=None, no_creds=False, capath=None):
self.passwd = None
self._set_endpoint(endpoint)
......@@ -149,7 +149,7 @@ class Context(object):
else:
self._set_x509(ucert, ukey)
self._requester = RequestFactory(
self.ucert, self.ukey, passwd=self.passwd, verify=verify, access_token=self.access_token
self.ucert, self.ukey, passwd=self.passwd, verify=verify, access_token=self.access_token, capath=capath
)
self.endpoint_info = self._validate_endpoint()
# Log obtained information
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment