From ca9f8d50a4be799d2ab3f858a4dc9761cc3402c4 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zden=C4=9Bk=20=C5=A0ustr?= <sustr4@cesnet.cz>
Date: Fri, 31 Aug 2012 18:41:35 +0000
Subject: [PATCH] Reflect practical experience - partial support for krb5 mech
 - support for generating proxies form host certificates

---
 org.glite.lb.nagios/src/LB-probe | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/org.glite.lb.nagios/src/LB-probe b/org.glite.lb.nagios/src/LB-probe
index 5bd11a6..92189f7 100755
--- a/org.glite.lb.nagios/src/LB-probe
+++ b/org.glite.lb.nagios/src/LB-probe
@@ -249,7 +249,27 @@ fi
 
 vprintf 1 "\n[LB Probe] Testing credentials"
 
-timeleft=`grid-proxy-info | grep -E "^timeleft" | sed "s/timeleft\s*:\s//"`
+if [ "$GLITE_GSS_MECH" == "krb5" ]; then
+	klist | grep krbtgt > /dev/null
+	if [ $? -ne 0 ]; then
+		timeleft=""
+	else
+		klist | grep krbtgt | grep Expired > /dev/null
+		if [ $? -ne 0 ]; then
+			timeleft="1"
+		else
+			timeleft="0:00:00"
+		fi
+	fi
+else
+	timeleft=`grid-proxy-info | grep -E "^timeleft" | sed "s/timeleft\s*:\s//"` 2>/dev/null
+	if [ "$timeleft" = "" ]; then
+		vprintf 1 "\n[LB Probe] No proxy, trying to regenerate from host creds"
+		grid-proxy-init -cert $GLITE_HOST_CERT -key $GLITE_HOST_KEY 2>&1 > /dev/null
+		timeleft=`grid-proxy-info | grep -E "^timeleft" | sed "s/timeleft\s*:\s//"`
+		HOSTCREDS=1
+	fi
+fi
 
 if [ "$timeleft" = "" ]; then
         vprintf 1 "\n[LB Probe] Test failed -- No credentials\n\n"
@@ -400,6 +420,10 @@ else
 			try_purge ${joblist}
 
 		fi
+
+		if [ $HOSTCREDS -eq 1 ]; then
+			grid-proxy-destroy
+		fi
 	fi
 fi
 
-- 
1.8.2.3