def check_conn_hostname(conn, logger):
    """check connection's hostname
    """
    logger.info("Test connection's hostname")
    output = utils.get_local_hostname()
    conn_hostname = conn.getHostname()
    logger.info("The connection's hostname is %s" % conn_hostname)

    if not conn_hostname == output:
        logger.error("The connection's hostname(%s) wrong, should be %s" %
                     (conn_hostname, output))
        return False
    return True
예제 #2
0
def tls_setup(params):
    """ generate tls certificates and configure libvirt """
    logger = params['logger']
    target_machine = params['target_machine']
    username = params['username']
    password = params['password']
    listen_tls = params['listen_tls']
    auth_tls = params['auth_tls']

    pkipath = ""
    if params.has_key('pkipath'):
        pkipath = params['pkipath']
        if os.path.exists(pkipath):
            shutil.rmtree(pkipath)

        os.mkdir(pkipath)

    uri = "qemu://%s/system" % target_machine
    if pkipath:
        uri += "?pkipath=%s" % pkipath

    local_machine = utils.get_local_hostname()

    logger.info("the hostname of server is %s" % target_machine)
    logger.info("the hostname of local machine is %s" % local_machine)
    logger.info("the value of listen_tls is %s" % listen_tls)
    logger.info("the value of auth_tls is %s" % auth_tls)

    if not utils.do_ping(target_machine, 0):
        logger.error("failed to ping host %s" % target_machine)
        return 1

    if os.path.exists(TEMP_TLS_FOLDER):
        shutil.rmtree(TEMP_TLS_FOLDER)

    os.mkdir(TEMP_TLS_FOLDER)

    if iptables_stop(target_machine, username, password, logger):
        return 1

    if CA_setting_up(logger):
        return 1

    if tls_server_cert(target_machine, logger):
        return 1

    if tls_client_cert(local_machine, logger):
        return 1

    if deliver_cert(target_machine, username, password, pkipath, logger):
        return 1

    if auth_tls == 'sasl':
        if sasl_user_add(target_machine, username, password, logger):
            return 1

    if tls_libvirtd_set(target_machine, username, password, listen_tls,
                        auth_tls, logger):
        return 1

    if listen_tls == 'disable':
        if hypervisor_connecting_test(uri, auth_tls, username, password,
                                      logger, 'fail'):
            return 1
    elif listen_tls == 'enable':
        if hypervisor_connecting_test(uri, auth_tls, username, password,
                                      logger, 'success'):
            return 1

    return 0
예제 #3
0
def tls_setup(params):
    """ generate tls certificates and configure libvirt """
    logger = params["logger"]
    target_machine = params["target_machine"]
    username = params["username"]
    password = params["password"]
    listen_tls = params["listen_tls"]
    auth_tls = params["auth_tls"]

    pkipath = ""
    if params.has_key("pkipath"):
        pkipath = params["pkipath"]
        if os.path.exists(pkipath):
            shutil.rmtree(pkipath)

        os.mkdir(pkipath)

    uri = "qemu://%s/system" % target_machine
    if pkipath:
        uri += "?pkipath=%s" % pkipath

    local_machine = utils.get_local_hostname()

    logger.info("the hostname of server is %s" % target_machine)
    logger.info("the hostname of local machine is %s" % local_machine)
    logger.info("the value of listen_tls is %s" % listen_tls)
    logger.info("the value of auth_tls is %s" % auth_tls)

    if not utils.do_ping(target_machine, 0):
        logger.error("failed to ping host %s" % target_machine)
        return 1

    if os.path.exists(TEMP_TLS_FOLDER):
        shutil.rmtree(TEMP_TLS_FOLDER)

    os.mkdir(TEMP_TLS_FOLDER)

    if iptables_stop(target_machine, username, password, logger):
        return 1

    if CA_setting_up(logger):
        return 1

    if tls_server_cert(target_machine, logger):
        return 1

    if tls_client_cert(local_machine, logger):
        return 1

    if deliver_cert(target_machine, username, password, pkipath, logger):
        return 1

    if auth_tls == "sasl":
        if sasl_user_add(target_machine, username, password, logger):
            return 1

    if tls_libvirtd_set(target_machine, username, password, listen_tls, auth_tls, logger):
        return 1

    if listen_tls == "disable":
        if hypervisor_connecting_test(uri, auth_tls, username, password, logger, "fail"):
            return 1
    elif listen_tls == "enable":
        if hypervisor_connecting_test(uri, auth_tls, username, password, logger, "success"):
            return 1

    return 0
예제 #4
0
def tls_setup(params):
    """ generate tls certificates and configure libvirt """
    logger = params['logger']
    target_machine = params['target_machine']
    username = params['username']
    password = params['password']
    listen_tls = params['listen_tls']
    auth_tls = params['auth_tls']

    pkipath = ""
    if 'pkipath' in params:
        pkipath = params['pkipath']
        if os.path.exists(pkipath):
            shutil.rmtree(pkipath)

        os.mkdir(pkipath)

    uri = "qemu://%s/system" % target_machine
    if pkipath:
        uri += "?pkipath=%s" % pkipath

    local_machine = utils.get_local_hostname()

    logger.info("the hostname of server is %s" % target_machine)
    logger.info("the hostname of local machine is %s" % local_machine)
    logger.info("the value of listen_tls is %s" % listen_tls)
    logger.info("the value of auth_tls is %s" % auth_tls)

    if not utils.do_ping(target_machine, 0):
        logger.error("failed to ping host %s" % target_machine)
        return 1

    if os.path.exists(TEMP_TLS_FOLDER):
        shutil.rmtree(TEMP_TLS_FOLDER)

    os.mkdir(TEMP_TLS_FOLDER)

    if iptables_stop(target_machine, username, password, logger):
        return 1

    if CA_setting_up(logger):
        return 1

    if tls_server_cert(target_machine, logger):
        return 1

    if tls_client_cert(local_machine, logger):
        return 1

    if deliver_cert(target_machine, username,
                    password, pkipath, logger):
        return 1

    if auth_tls == 'sasl':
        if sasl_user_add(target_machine, username, password, logger):
            return 1

    if tls_libvirtd_set(target_machine, username, password,
                        listen_tls, auth_tls, logger):
        return 1

    if listen_tls == 'disable':
        if hypervisor_connecting_test(uri, auth_tls, username,
                                      password, logger, 'fail'):
            return 1
    elif listen_tls == 'enable':
        if hypervisor_connecting_test(uri, auth_tls, username,
                                      password, logger, 'success'):
            return 1

    return 0