def _create_in_db(context, values):
kp = api_models.KeyPair()
kp.update(values)
try:
kp.save(context.session)
except db_exc.DBDuplicateEntry:
raise exception.KeyPairExists(key_name=values['name'])
return kp
def create(self):
if self.obj_attr_is_set('id'):
raise exception.ObjectActionError(action='create',
reason='already created')
# NOTE(danms): Check to see if it exists in the old DB before
# letting them create in the API DB, since we won't get protection
# from the UC.
try:
db.key_pair_get(self._context, self.user_id, self.name)
raise exception.KeyPairExists(key_name=self.name)
except exception.KeypairNotFound:
pass
self._create()
def create(self, req, body):
"""
Create or import keypair.
Sending name will generate a key and return private_key
and fingerprint.
You can send a public_key to add an existing ssh key
params: keypair object with:
name (required) - string
public_key (optional) - string
"""
context = req.environ['nova.context']
params = body['keypair']
name = params['name']
# NOTE(ja): generation is slow, so shortcut invalid name exception
try:
db.key_pair_get(context, context.user_id, name)
raise exception.KeyPairExists(key_name=name)
except exception.NotFound:
pass
keypair = {'user_id': context.user_id,
'name': name}
# import if public_key is sent
if 'public_key' in params:
tmpdir = tempfile.mkdtemp()
fn = os.path.join(tmpdir, 'import.pub')
with open(fn, 'w') as pub:
pub.write(params['public_key'])
fingerprint = crypto.generate_fingerprint(fn)
shutil.rmtree(tmpdir)
keypair['public_key'] = params['public_key']
keypair['fingerprint'] = fingerprint
else:
generated_key = self._gen_key()
keypair['private_key'] = generated_key['private_key']
keypair['public_key'] = generated_key['public_key']
keypair['fingerprint'] = generated_key['fingerprint']
db.key_pair_create(context, keypair)
return {'keypair': keypair}
def _gen_key(self, context, user_id, key_name):
"""Generate a key
This is a module level method because it is slow and we need to defer
it into a process pool."""
# NOTE(vish): generating key pair is slow so check for legal
# creation before creating key_pair
try:
db.key_pair_get(context, user_id, key_name)
raise exception.KeyPairExists(key_name=key_name)
except exception.NotFound:
pass
private_key, public_key, fingerprint = crypto.generate_key_pair()
key = {}
key['user_id'] = user_id
key['name'] = key_name
key['public_key'] = public_key
key['fingerprint'] = fingerprint
db.key_pair_create(context, key)
return {'private_key': private_key, 'fingerprint': fingerprint}
def db_key_pair_create_duplicate(context):
raise exception.KeyPairExists(key_name='create_duplicate')
def db_key_pair_create_duplicate(context, keypair):
raise exception.KeyPairExists(key_name=keypair.get('name', ''))
