def write_stored_checksum(target): """Write a checksum to disk for a file in _base.""" if not read_stored_checksum(target): img_file = open(target, 'r') checksum = utils.hash_file(img_file) img_file.close() virtutils.write_stored_info(target, field='sha1', value=checksum)
def inner_verify_checksum(): (stored_checksum, stored_timestamp) = read_stored_checksum(base_file, timestamped=True) if stored_checksum: # NOTE(mikal): Checksums are timestamped. If we have recently # checksummed (possibly on another compute node if we are using # shared storage), then we don't need to checksum again. if (stored_timestamp and time.time() - stored_timestamp < CONF.checksum_interval_seconds): return True # NOTE(mikal): If there is no timestamp, then the checksum was # performed by a previous version of the code. if not stored_timestamp: virtutils.write_stored_info(base_file, field='sha1', value=stored_checksum) with open(base_file, 'r') as f: current_checksum = utils.hash_file(f) if current_checksum != stored_checksum: LOG.error( _('image %(id)s at (%(base_file)s): image ' 'verification failed'), { 'id': img_id, 'base_file': base_file }) return False else: return True else: LOG.info( _('image %(id)s at (%(base_file)s): image ' 'verification skipped, no hash stored'), { 'id': img_id, 'base_file': base_file }) # NOTE(mikal): If the checksum file is missing, then we should # create one. We don't create checksums when we download images # from glance because that would delay VM startup. if CONF.checksum_base_images and create_if_missing: LOG.info(_('%(id)s (%(base_file)s): generating checksum'), { 'id': img_id, 'base_file': base_file }) write_stored_checksum(base_file) return None
def inner_verify_checksum(): (stored_checksum, stored_timestamp) = read_stored_checksum(base_file, timestamped=True) if stored_checksum: # NOTE(mikal): Checksums are timestamped. If we have recently # checksummed (possibly on another compute node if we are using # shared storage), then we don't need to checksum again. if stored_timestamp and time.time() - stored_timestamp < CONF.checksum_interval_seconds: return True # NOTE(mikal): If there is no timestamp, then the checksum was # performed by a previous version of the code. if not stored_timestamp: virtutils.write_stored_info(base_file, field="sha1", value=stored_checksum) with open(base_file, "r") as f: current_checksum = utils.hash_file(f) if current_checksum != stored_checksum: LOG.error( _("image %(id)s at (%(base_file)s): image " "verification failed"), {"id": img_id, "base_file": base_file}, ) return False else: return True else: LOG.info( _("image %(id)s at (%(base_file)s): image " "verification skipped, no hash stored"), {"id": img_id, "base_file": base_file}, ) # NOTE(mikal): If the checksum file is missing, then we should # create one. We don't create checksums when we download images # from glance because that would delay VM startup. if CONF.checksum_base_images and create_if_missing: LOG.info(_("%(id)s (%(base_file)s): generating checksum"), {"id": img_id, "base_file": base_file}) write_stored_checksum(base_file) return None
def write_stored_checksum(target): """Write a checksum to disk for a file in _base.""" with open(target, 'r') as img_file: checksum = utils.hash_file(img_file) virtutils.write_stored_info(target, field='sha1', value=checksum)
def write_stored_checksum(target): """Write a checksum to disk for a file in _base.""" with open(target, "r") as img_file: checksum = utils.hash_file(img_file) virtutils.write_stored_info(target, field="sha1", value=checksum)