Blob Blame History Raw
commit 1dc12749623e3e3a06c3265260f5f049cdf6632b
Author: Marek 'marx' Grac <mgrac@redhat.com>
Date:   Wed Jun 17 19:42:32 2015 +0200

    fence_rhevm: Add support for cookies based authentication
    
    The first command is authenticated as usually but rest can be used without additional authentication.
    This is useful only for reboot or obtaining status of several nodes at once.
    
    Resolves: rhbz#1145769

diff --git a/fence/agents/rhevm/fence_rhevm.py b/fence/agents/rhevm/fence_rhevm.py
index 444fb56..bb34054 100644
--- a/fence/agents/rhevm/fence_rhevm.py
+++ b/fence/agents/rhevm/fence_rhevm.py
@@ -87,9 +87,16 @@ def send_command(opt, command, method="GET"):
 	conn = pycurl.Curl()
 	web_buffer = StringIO.StringIO()
 	conn.setopt(pycurl.URL, url)
-	conn.setopt(pycurl.HTTPHEADER, ["Content-type: application/xml", "Accept: application/xml"])
-	conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC)
-	conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"])
+	conn.setopt(pycurl.HTTPHEADER, ["Content-type: application/xml", "Accept: application/xml", "Prefer: persistent-auth"])
+
+	if opt.has_key("cookie"):
+		conn.setopt(pycurl.COOKIE, opt["cookie"])
+	else:
+		conn.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC)
+		conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"])
+		if opt.has_key("--use-cookies"):
+			conn.setopt(pycurl.COOKIEFILE, "")
+
 	conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"]))
 	if opt.has_key("--ssl") or opt.has_key("--ssl-secure"):
 		conn.setopt(pycurl.SSL_VERIFYPEER, 1)
@@ -104,6 +111,15 @@ def send_command(opt, command, method="GET"):
 
 	conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write)
 	conn.perform()
+
+	if not opt.has_key("cookie") and opt.has_key("--use-cookies"):
+		cookie = ""
+		for c in conn.getinfo(pycurl.INFO_COOKIELIST):
+			tokens = c.split("\t",7)
+			cookie = cookie + tokens[5] + "=" + tokens[6] + ";"
+
+		opt["cookie"] = cookie
+
 	result = web_buffer.getvalue()
 
 	logging.debug("%s\n", command)
@@ -111,10 +127,20 @@ def send_command(opt, command, method="GET"):
 
 	return result
 
+def define_new_opts():
+	all_opt["use_cookies"] = {
+		"getopt" : "s",
+		"longopt" : "use-cookies",
+		"help" : "--use-cookies                  Reuse cookies for authentication",
+		"required" : "0",
+		"shortdesc" : "Reuse cookies for authentication",
+		"order" : 1}
+
 def main():
-	device_opt = ["ipaddr", "login", "passwd", "ssl", "notls", "web", "port"]
+	device_opt = ["ipaddr", "login", "passwd", "ssl", "notls", "web", "port", "use_cookies" ]
 
 	atexit.register(atexit_handler)
+	define_new_opts()
 
 	all_opt["power_wait"]["default"] = "1"
 
diff --git a/tests/data/metadata/fence_rhevm.xml b/tests/data/metadata/fence_rhevm.xml
index 1eccd26..e0c9516 100644
--- a/tests/data/metadata/fence_rhevm.xml
+++ b/tests/data/metadata/fence_rhevm.xml
@@ -53,6 +53,11 @@
 		<content type="boolean"  />
 		<shortdesc lang="en">SSL connection</shortdesc>
 	</parameter>
+	<parameter name="use_cookies" unique="0" required="0">
+		<getopt mixed="--use-cookies" />
+		<content type="boolean"  />
+		<shortdesc lang="en">Reuse cookies for authentication</shortdesc>
+	</parameter>
 	<parameter name="ssl_insecure" unique="0" required="0">
 		<getopt mixed="--ssl-insecure" />
 		<content type="boolean"  />