Merge branch 'release-2.1.3'

.travis.yml

@@ -0,0 +1,29 @@
+language: python
+python:
+  - "2.6"
+  - "2.7"
+  - "3.4"
+matrix:
+  allow_failures:
+    - python: "2.7"
+    - python: "3.4"
+  fast_finish: true
+
+# command to install dependencies, e.g. pip install -r requirements.txt --use-mirrors
+install:
+  - pip install stomp.py
+  - pip install python-daemon
+  - pip install python-ldap
+  - pip install dirq
+  - pip install unittest2
+
+before_script:
+  - export TMPDIR=$PWD/tmp
+  - mkdir $TMPDIR
+# command to run tests, e.g. python setup.py test
+script:
+  - export PYTHONPATH=$PYTHONPATH:`pwd -P`
+  - cd test
+  #- unit2 -b discover
+  # Don't run test_crypto until it's fixed
+  - unit2 -b test_brokers test_ssm

CHANGELOG

@@ -1,6 +1,15 @@
 Changelog for ssm
 =================
 
+ * Mon Jul 21 2014 Adrian Coveney <[email protected]> - 2.1.3-1
+ - (No changes from pre-release version.)
+
+ * Thu Jul 17 2014 Adrian Coveney <[email protected]> - 2.1.3-0.2.alpha1
+ - RPM now enforces the use of stomppy < 4.0.0 as versions greater than this are
+   currently incompatible with SSM.
+ - Changes made to disconnection method which should prevent threading
+   exceptions (mostly during shutdown).
+
  * Mon Jun 02 2014 Adrian Coveney <[email protected]> - 2.1.2-0
  - The output of brokers.py has been improved so that it can be used to query
    the BDII for valid brokers.

README → README.md

@@ -1,36 +1,36 @@
-Installing and running SSM2
-===========================
+# Secure Stomp Messenger
 
-Secure Stomp Messenger version 2 (SSM2) is designed to simply send messages
+[![Build Status](https://travis-ci.org/apel/ssm.svg?branch=dev)](https://travis-ci.org/apel/ssm)
+
+Secure Stomp Messenger (SSM) is designed to simply send messages
 using the STOMP protocol.  Messages are signed and may be encrypted
 during transit.  Persistent queues should be used to guarantee
 delivery.
 
 SSM is written in python.  Packages are available for SL5 and SL6.
 
-For more about SSM, see https://wiki.egi.eu/wiki/APEL/SSM
+For more about SSM, see the [EGI wiki](https://wiki.egi.eu/wiki/APEL/SSM).
+
 
-Installing the RPM
-------------------
+## Installing the RPM
 
-  Prerequisites
-  -------------
+### Prerequisites
 
 The EPEL repository must be enabled.  This can be done by installing
 the RPM for your version of SL, which is available on this page:
 http://fedoraproject.org/wiki/EPEL
 
 The python stomp library
- * yum install stomppy
+* `yum install stomppy`
 
 The python daemon library
- * yum install python-daemon
+* `yum install python-daemon`
 
 The python ldap library
- * yum install python-ldap
+* `yum install python-ldap`
 
 The python dirq library
- * yum install python-dirq
+* `yum install python-dirq`
 
 You need a certificate and key in PEM format accessible to the SSM.
 There are a number of ways to do this.  One is to make a copy of the
@@ -44,25 +44,24 @@ You need certificates against which you're going to verify any certs
 you use or receive in the directory /etc/grid-security/certificates (or other
 configured location).  The best way to do this for EGI is to install the
 ca-policy-egi-core package:
- * cd /etc/yum.repos.d/
- * wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo
- * yum install ca-policy-egi-core
+* `cd /etc/yum.repos.d/`
+* `wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo`
+* `yum install ca-policy-egi-core`
 
 If you want to check CRLs when verifying certificates, you need
 fetch_crl installed:
- * yum install fetch-crl
- * service fetch-crl-cron start
- * chkconfig fetch-crl-cron on
+* `yum install fetch-crl`
+* `service fetch-crl-cron start`
+* `chkconfig fetch-crl-cron on`
+
 fetch-crl must have run once for the certificates to be verified
 successfully.
 
-  Installation
-  ------------
+### Installation
 
- * rpm -i apelssm-<version>.noarch.rpm
+* `rpm -i apelssm-<version>.noarch.rpm`
 
-  What the RPM does
-  -----------------
+### What the RPM does
 
 The RPM carries out a number of steps to run the SSM in a specific way.
 
@@ -74,38 +73,36 @@ The RPM carries out a number of steps to run the SSM in a specific way.
 6. It creates the pidfile directory /var/run/apel/
 7. It installs a service script in /etc/init.d/
 
-Configuring the SSM
--------------------
+
+## Configuring the SSM
 
 Create the apel user:
- * useradd -r apel
+* `useradd -r apel`
 
 Ensure that the apel user running the SSM has access to the following:
- * the host certificate and key, or a copy
- * chown apel:apel /var/spool/apel/ 
- * chown apel:apel /var/log/apel/
- * chown apel:apel /var/run/apel
+* the host certificate and key, or a copy
+* `chown apel:apel /var/spool/apel/`
+* `chown apel:apel /var/log/apel/`
+* `chown apel:apel /var/run/apel`
 
 The configuration files are in /etc/apel/.  The default
 configuration will send messages to the test apel server.
 
-Adding Files
-------------
+
+## Adding Files
 
 There are two ways to add files to be sent:
 
-  Manual
-  ------
+### Manual
 
-All file and directory names must use hex characters: [0-9a-f].
+All file and directory names must use hex characters: `[0-9a-f]`.
 
  * Create a directory within /var/spool/apel/outgoing with a name
-   of EIGHT hex characters e.g. 12345678
+   of EIGHT hex characters e.g. `12345678`
  * Put files in this directory with names of FOURTEEN hex 
-   e.g. 1234567890abcd
+   e.g. `1234567890abcd`
 
-  Programmatic
-  ------------
+### Programmatic
 
 Use the python or perl dirq libraries:
  * python: http://pypi.python.org/pypi/dirq
@@ -114,45 +111,40 @@ Use the python or perl dirq libraries:
 Create a QueueSimple object with path /var/spool/apel/outgoing/ and 
 add your messages.
 
-Running the SSM
----------------
 
-  Sender
-  ------
+## Running the SSM
+
+###  Sender
 
  * Run 'ssmsend'
  * SSM will pick up any messages and send them to the configured
    queue on the configured broker
 
-  Receiver (service)
-  ------------------
+### Receiver (service)
 
- * Run 'service apelssm start'
+ * Run `service apelssm start`
  * If this fails, check /var/log/apel/ssmreceive.log for details
- * To stop, run 'service apelssm stop'
+ * To stop, run `service apelssm stop`
 
-  Receiver (manual)
-  -----------------
+### Receiver (manual)
 
  * Run 'ssmreceive'
  * SSM will receive any messages on the specified queue and
    write them to the filesystem
- * To stop, run 'kill `cat /var/run/apel/ssm.pid`'
+ * To stop, run ```'kill `cat /var/run/apel/ssm.pid`'```
 
-Removing the RPM
-----------------
+## Removing the RPM
 
- * rpm -e apelssm
+* `rpm -e apelssm`
 
-Cleaning the system
--------------------
+## Cleaning the system
 
- * yum remove stomppy
- * yum remove python-daemon
- * yum remove python-ldap
+* `yum remove stomppy`
+* `yum remove python-daemon`
+* `yum remove python-ldap`
 
- * rm -rf /var/spool/apel
- * rm -rf /var/log/apel
- * rm -rf /var/run/apel
+* `rm -rf /var/spool/apel`
+* `rm -rf /var/log/apel`
+* `rm -rf /var/run/apel`
 
- * revert any changes to or copies of the host certificate and key
+* revert any changes to or copies of the host certificate and key

apel-ssm.spec

@@ -4,18 +4,19 @@
 %endif
 
 Name:           apel-ssm
-Version:        2.1.2
-Release:        0%{?dist}
+Version:        2.1.3
+Release:        1%{?dist}
 Summary:        Secure stomp messenger
 
 Group:          Development/Languages
 License:        ASL 2.0
 URL:            https://wiki.egi.eu/wiki/APEL/SSM
-Source0:        %{name}-%{version}.tar.gz
+# Value between %{version} and extension must match "Release" without %{dist}
+Source0:        %{name}-%{version}-1.tar.gz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArch:      noarch
 
-Requires:       stomppy, python-daemon, python-dirq, python-ldap
+Requires:       stomppy < 4.0.0, python-daemon, python-dirq, python-ldap
 Requires(pre):  shadow-utils
 
 %define ssmconf %_sysconfdir/apel
@@ -29,7 +30,8 @@ can act as either a sender or receiver.
 The SSM is written in python.
 
 %prep
-%setup -q -n %{name}-%{version}
+# Value after %{version} must match "Release" without %{dist}
+%setup -q -n %{name}-%{version}-1
 
 %build
 
@@ -57,7 +59,7 @@ cp -rp conf/dns %{buildroot}%{ssmconf}
 cp -rp ssm %{buildroot}%{python_sitelib}
 cp -rp conf/ssm.logrotate %{buildroot}%_sysconfdir/logrotate.d/%{name}
 # Readme
-cp -rp README %{buildroot}%_defaultdocdir/%{name}
+cp -rp README.md %{buildroot}%_defaultdocdir/%{name}
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -91,6 +93,15 @@ rm -rf $RPM_BUILD_ROOT
 %doc %_defaultdocdir/%{name}
 
 %changelog
+ * Mon Jul 21 2014 Adrian Coveney <[email protected]> - 2.1.3-1
+ - (No changes from pre-release version.)
+
+ * Thu Jul 17 2014 Adrian Coveney <[email protected]> - 2.1.3-0.2.alpha1
+ - RPM now enforces the use of stomppy < 4.0.0 as versions greater than this are
+   currently incompatible with SSM.
+ - Changes made to disconnection method which should prevent threading
+   exceptions (mostly during shutdown).
+
  * Mon Jun 02 2014 Adrian Coveney <[email protected]> - 2.1.2-0
  - The output of brokers.py has been improved so that it can be used to query
    the BDII for valid brokers.

ssm/ssm2.py

@@ -408,7 +408,7 @@ def close_connection(self):
         if it is not ended.
         '''
         try:
-            self._conn.disconnect()
+            self._conn.stop()  # Same as diconnect() but waits for thread exit
         except (stomp.exception.NotConnectedException, socket.error):
             self._conn = None
         except AttributeError:

test/test_crypto.py

@@ -242,8 +242,8 @@ def test_verify_cert(self):
         I can't check the CRLs of a self-signed certificate easily.
         '''
         if not verify_cert(TEST_CERT, self.ca_dir, False):
-            self.fail('The self signed certificate should validate against \
-            itself in a CA directory.')
+            self.fail('The self signed certificate should validate against'
+                      'itself in a CA directory.')
 
         if verify_cert(TEST_CERT, '/tmp', False):
             self.fail("The verify method isn't checking the CA dir correctly.")