rpms / fence-agents

Clone
Source Code
GIT

Blame SOURCES/bz2029791-1-fence_openstack-add-ssl-insecure.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   a6cf86f6a2b3092bbfb7c824fad790b399f21adf
  2.   SOURCES
  3.   bz2029791-1-fence_openstack-add-ssl-insecure.patch
Blob History Raw
a6cf86 
From f79436d3a5e4cf279be0974e9633ad8994a017f7 Mon Sep 17 00:00:00 2001
a6cf86 
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
a6cf86 
Date: Mon, 6 Dec 2021 12:59:31 +0100
a6cf86 
Subject: [PATCH] fence_openstack: add --ssl-insecure
a6cf86
a6cf86 
---
a6cf86 
 agents/openstack/fence_openstack.py     | 7 +++++--
a6cf86 
 tests/data/metadata/fence_openstack.xml | 5 +++++
a6cf86 
 2 files changed, 10 insertions(+), 2 deletions(-)
a6cf86
a6cf86 
diff --git a/agents/openstack/fence_openstack.py b/agents/openstack/fence_openstack.py
a6cf86 
index c480596c1..c2d9df160 100755
a6cf86 
--- a/agents/openstack/fence_openstack.py
a6cf86 
+++ b/agents/openstack/fence_openstack.py
a6cf86 
@@ -89,7 +89,7 @@ def set_power_status(conn, options):
a6cf86
a6cf86
a6cf86 
 def nova_login(username, password, projectname, auth_url, user_domain_name,
a6cf86 
-               project_domain_name, cacert, apitimeout):
a6cf86 
+               project_domain_name, ssl_insecure, cacert, apitimeout):
a6cf86 
     legacy_import = False
a6cf86
a6cf86 
     try:
a6cf86 
@@ -127,7 +127,7 @@ def nova_login(username, password, projectname, auth_url, user_domain_name,
a6cf86 
             cacert=cacert,
a6cf86 
         )
a6cf86
a6cf86 
-    session = ksc_session.Session(auth=auth, verify=cacert, timeout=apitimeout)
a6cf86 
+    session = ksc_session.Session(auth=auth, verify=False if ssl_insecure else cacert, timeout=apitimeout)
a6cf86 
     nova = client.Client("2", session=session, timeout=apitimeout)
a6cf86 
     apiversion = None
a6cf86 
     try:
a6cf86 
@@ -220,6 +220,7 @@ def main():
a6cf86 
         "port",
a6cf86 
         "no_port",
a6cf86 
         "uuid",
a6cf86 
+        "ssl_insecure",
a6cf86 
         "cacert",
a6cf86 
         "apitimeout",
a6cf86 
     ]
a6cf86 
@@ -268,6 +269,7 @@ def main():
a6cf86 
         fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
a6cf86 
     user_domain_name = options["--user-domain-name"]
a6cf86 
     project_domain_name = options["--project-domain-name"]
a6cf86 
+    ssl_insecure = "--ssl-insecure" in options
a6cf86 
     cacert = options["--cacert"]
a6cf86 
     apitimeout = options["--apitimeout"]
a6cf86 
     try:
a6cf86 
@@ -278,6 +280,7 @@ def main():
a6cf86 
             auth_url,
a6cf86 
             user_domain_name,
a6cf86 
             project_domain_name,
a6cf86 
+            ssl_insecure,
a6cf86 
             cacert,
a6cf86 
             apitimeout,
a6cf86 
         )
a6cf86 
diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml
a6cf86 
index 84503bbe0..926d18c3d 100644
a6cf86 
--- a/tests/data/metadata/fence_openstack.xml
a6cf86 
+++ b/tests/data/metadata/fence_openstack.xml
a6cf86 
@@ -43,6 +43,11 @@
a6cf86 
 		<content type="string"  />
a6cf86 
 		<shortdesc lang="en">UUID of the node to be fenced.</shortdesc>
a6cf86 
 	</parameter>
a6cf86 
+	<parameter name="ssl_insecure" unique="0" required="0">
a6cf86 
+		<getopt mixed="--ssl-insecure" />
a6cf86 
+		<content type="boolean"  />
a6cf86 
+		<shortdesc lang="en">Use SSL connection without verifying certificate</shortdesc>
a6cf86 
+	</parameter>
a6cf86 
 	<parameter name="username" unique="0" required="1" obsoletes="login">
a6cf86 
 		<getopt mixed="-l, --username=[name]" />
a6cf86 
 		<content type="string"  />

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation