|
|
e4ffb1 |
commit 1dc12749623e3e3a06c3265260f5f049cdf6632b
|
|
|
e4ffb1 |
Author: Marek 'marx' Grac <mgrac@redhat.com>
|
|
|
e4ffb1 |
Date: Wed Jun 17 19:42:32 2015 +0200
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
fence_rhevm: Add support for cookies based authentication
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
The first command is authenticated as usually but rest can be used without additional authentication.
|
|
|
e4ffb1 |
This is useful only for reboot or obtaining status of several nodes at once.
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
Resolves: rhbz#1145769
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
diff --git a/fence/agents/rhevm/fence_rhevm.py b/fence/agents/rhevm/fence_rhevm.py
|
|
|
e4ffb1 |
index 444fb56..bb34054 100644
|
|
|
e4ffb1 |
--- a/fence/agents/rhevm/fence_rhevm.py
|
|
|
e4ffb1 |
+++ b/fence/agents/rhevm/fence_rhevm.py
|
|
|
e4ffb1 |
@@ -87,9 +87,16 @@ def send_command(opt, command, method="GET"):
|
|
|
e4ffb1 |
conn = pycurl.Curl()
|
|
|
e4ffb1 |
web_buffer = StringIO.StringIO()
|
|
|
e4ffb1 |
conn.setopt(pycurl.URL, url)
|
|
|
e4ffb1 |
- conn.setopt(pycurl.HTTPHEADER, ["Content-type: application/xml", "Accept: application/xml"])
|
|
|
e4ffb1 |
- conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC)
|
|
|
e4ffb1 |
- conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"])
|
|
|
e4ffb1 |
+ conn.setopt(pycurl.HTTPHEADER, ["Content-type: application/xml", "Accept: application/xml", "Prefer: persistent-auth"])
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ if opt.has_key("cookie"):
|
|
|
e4ffb1 |
+ conn.setopt(pycurl.COOKIE, opt["cookie"])
|
|
|
e4ffb1 |
+ else:
|
|
|
e4ffb1 |
+ conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC)
|
|
|
e4ffb1 |
+ conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"])
|
|
|
e4ffb1 |
+ if opt.has_key("--use-cookies"):
|
|
|
e4ffb1 |
+ conn.setopt(pycurl.COOKIEFILE, "")
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"]))
|
|
|
e4ffb1 |
if opt.has_key("--ssl") or opt.has_key("--ssl-secure"):
|
|
|
e4ffb1 |
conn.setopt(pycurl.SSL_VERIFYPEER, 1)
|
|
|
e4ffb1 |
@@ -104,6 +111,15 @@ def send_command(opt, command, method="GET"):
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write)
|
|
|
e4ffb1 |
conn.perform()
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ if not opt.has_key("cookie") and opt.has_key("--use-cookies"):
|
|
|
e4ffb1 |
+ cookie = ""
|
|
|
e4ffb1 |
+ for c in conn.getinfo(pycurl.INFO_COOKIELIST):
|
|
|
e4ffb1 |
+ tokens = c.split("\t",7)
|
|
|
e4ffb1 |
+ cookie = cookie + tokens[5] + "=" + tokens[6] + ";"
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ opt["cookie"] = cookie
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
result = web_buffer.getvalue()
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
logging.debug("%s\n", command)
|
|
|
e4ffb1 |
@@ -111,10 +127,20 @@ def send_command(opt, command, method="GET"):
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
return result
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
+def define_new_opts():
|
|
|
e4ffb1 |
+ all_opt["use_cookies"] = {
|
|
|
e4ffb1 |
+ "getopt" : "s",
|
|
|
e4ffb1 |
+ "longopt" : "use-cookies",
|
|
|
e4ffb1 |
+ "help" : "--use-cookies Reuse cookies for authentication",
|
|
|
e4ffb1 |
+ "required" : "0",
|
|
|
e4ffb1 |
+ "shortdesc" : "Reuse cookies for authentication",
|
|
|
e4ffb1 |
+ "order" : 1}
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
def main():
|
|
|
e4ffb1 |
- device_opt = ["ipaddr", "login", "passwd", "ssl", "notls", "web", "port"]
|
|
|
e4ffb1 |
+ device_opt = ["ipaddr", "login", "passwd", "ssl", "notls", "web", "port", "use_cookies" ]
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
atexit.register(atexit_handler)
|
|
|
e4ffb1 |
+ define_new_opts()
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
all_opt["power_wait"]["default"] = "1"
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml
|
|
|
e4ffb1 |
index 1eccd26..e0c9516 100644
|
|
|
e4ffb1 |
--- a/tests/data/metadata/fence_rhevm.xml
|
|
|
e4ffb1 |
+++ b/tests/data/metadata/fence_rhevm.xml
|
|
|
e4ffb1 |
@@ -53,6 +53,11 @@
|
|
|
e4ffb1 |
<content type="boolean" />
|
|
|
e4ffb1 |
<shortdesc lang="en">SSL connection</shortdesc>
|
|
|
e4ffb1 |
</parameter>
|
|
|
e4ffb1 |
+ <parameter name="use_cookies" unique="0" required="0">
|
|
|
e4ffb1 |
+ <getopt mixed="--use-cookies" />
|
|
|
e4ffb1 |
+ <content type="boolean" />
|
|
|
e4ffb1 |
+ <shortdesc lang="en">Reuse cookies for authentication</shortdesc>
|
|
|
e4ffb1 |
+ </parameter>
|
|
|
e4ffb1 |
<parameter name="ssl_insecure" unique="0" required="0">
|
|
|
e4ffb1 |
<getopt mixed="--ssl-insecure" />
|
|
|
e4ffb1 |
<content type="boolean" />
|