Repository: cloudstack-cloudmonkey Updated Branches: refs/heads/master beb369c59 -> ce308dccd
cloudmonkey: Add config 'verifysslcert' to enable/disable SSL cert checking This config is per server profile basis, default is true Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com> Project: http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/commit/ce308dcc Tree: http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/tree/ce308dcc Diff: http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/diff/ce308dcc Branch: refs/heads/master Commit: ce308dccd38b9f730a4343e0591253929827f506 Parents: beb369c Author: Rohit Yadav <rohit.ya...@shapeblue.com> Authored: Tue Nov 4 16:45:21 2014 +0530 Committer: Rohit Yadav <rohit.ya...@shapeblue.com> Committed: Tue Nov 4 16:47:55 2014 +0530 ---------------------------------------------------------------------- CHANGES | 1 + cloudmonkey/cloudmonkey.py | 6 ++++-- cloudmonkey/config.py | 3 ++- cloudmonkey/requester.py | 27 +++++++++++++++++---------- 4 files changed, 24 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/blob/ce308dcc/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index 77ff272..00c41f0 100644 --- a/CHANGES +++ b/CHANGES @@ -17,6 +17,7 @@ This release includes - Parameter completion options are cached to speed up rendering of options - CloudMonkey returns non-zero exit code when run on shell and a error is return from managment server, the error message is written to stderr +- Adds new config parameter 'verifysslcert' to enable/disable SSL cert checking Make sure you backup your config before you upgrade cloudmonkey from previous releases. With this release `cloudmonkey` will automatically fix your config file, add missing http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/blob/ce308dcc/cloudmonkey/cloudmonkey.py ---------------------------------------------------------------------- diff --git a/cloudmonkey/cloudmonkey.py b/cloudmonkey/cloudmonkey.py index f8d2e47..32f0d79 100644 --- a/cloudmonkey/cloudmonkey.py +++ b/cloudmonkey/cloudmonkey.py @@ -306,7 +306,8 @@ class CloudMonkeyShell(cmd.Cmd, object): response, error = monkeyrequest(command, args, isasync, self.asyncblock, logger, self.url, self.credentials, - self.timeout, self.expires) + self.timeout, self.expires, + self.verifysslcert == 'true') if error: self.monkeyprint(u"Error {0}".format(error)) self.error_on_last_command = True @@ -602,7 +603,8 @@ class CloudMonkeyShell(cmd.Cmd, object): elif option == "display": return [s for s in ["default", "table", "json"] if s.startswith(value)] - elif option in ["asyncblock", "color", "paramcompletion"]: + elif option in ["asyncblock", "color", "paramcompletion", + "verifysslcert"]: return [s for s in ["true", "false"] if s.startswith(value)] return [] http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/blob/ce308dcc/cloudmonkey/config.py ---------------------------------------------------------------------- diff --git a/cloudmonkey/config.py b/cloudmonkey/config.py index f0f1bf5..1cf9976 100644 --- a/cloudmonkey/config.py +++ b/cloudmonkey/config.py @@ -68,6 +68,7 @@ default_profile['username'] = 'admin' default_profile['password'] = 'password' default_profile['apikey'] = '' default_profile['secretkey'] = '' +default_profile['verifysslcert'] = 'true' def write_config(get_attr, config_file): @@ -188,7 +189,7 @@ def read_config(get_attr, set_attr, config_file): set_attr(key, config_fields[section][key]) else: set_attr(key, default_profile[key]) - missing_keys.append(key) + missing_keys.append("%s = %s" % (key, get_attr(key))) # Cosmetic fix for prompt if key == 'prompt': set_attr(key, get_attr('prompt').strip() + " ") http://git-wip-us.apache.org/repos/asf/cloudstack-cloudmonkey/blob/ce308dcc/cloudmonkey/requester.py ---------------------------------------------------------------------- diff --git a/cloudmonkey/requester.py b/cloudmonkey/requester.py index 363f1cd..3d8e35e 100644 --- a/cloudmonkey/requester.py +++ b/cloudmonkey/requester.py @@ -27,15 +27,20 @@ try: import time import urllib import urllib2 + from datetime import datetime, timedelta from urllib2 import HTTPError, URLError - except ImportError, e: print "Import error in %s : %s" % (__name__, e) import sys sys.exit() +# Disable HTTPS verification warnings. +from requests.packages import urllib3 +urllib3.disable_warnings() + + def logger_debug(logger, message): if logger is not None: logger.debug(message) @@ -92,7 +97,8 @@ def logout(url, session): session.get(url, params={'command': 'logout'}) -def make_request_with_password(command, args, logger, url, credentials): +def make_request_with_password(command, args, logger, url, credentials, + verifysslcert=False): error = None args = args.copy() username = credentials['username'] @@ -122,7 +128,7 @@ def make_request_with_password(command, args, logger, url, credentials): args['sessionkey'] = sessionkey # make the api call - resp = session.get(url, params=args) + resp = session.get(url, params=args, verify=verifysslcert) result = resp.text logger_debug(logger, "Response received: %s" % resp.text) @@ -143,7 +149,8 @@ def make_request_with_password(command, args, logger, url, credentials): return result, error -def make_request(command, args, logger, url, credentials, expires): +def make_request(command, args, logger, url, credentials, expires, + verifysslcert=False): result = None error = None @@ -174,8 +181,8 @@ def make_request(command, args, logger, url, credentials, expires): # finally use the username/password method if not credentials['apikey'] and not ("8096" in url): try: - return make_request_with_password(command, args, - logger, url, credentials) + return make_request_with_password(command, args, logger, url, + credentials, verifysslcert) except (requests.exceptions.ConnectionError, Exception), e: return None, e @@ -195,7 +202,7 @@ def make_request(command, args, logger, url, credentials, expires): args["signature"] = sign_request(args, credentials['secretkey']) try: - response = requests.get(url, params=args) + response = requests.get(url, params=args, verify=verifysslcert) logger_debug(logger, "Request sent: %s" % response.url) result = response.text @@ -220,13 +227,13 @@ def make_request(command, args, logger, url, credentials, expires): def monkeyrequest(command, args, isasync, asyncblock, logger, url, - credentials, timeout, expires): + credentials, timeout, expires, verifysslcert=False): response = None error = None logger_debug(logger, "======== START Request ========") logger_debug(logger, "Requesting command=%s, args=%s" % (command, args)) response, error = make_request(command, args, logger, url, - credentials, expires) + credentials, expires, verifysslcert) logger_debug(logger, "======== END Request ========\n") @@ -268,7 +275,7 @@ def monkeyrequest(command, args, isasync, asyncblock, logger, url, logger_debug(logger, "Job %s to timeout in %ds" % (jobid, timeout)) response, error = make_request(command, request, logger, url, - credentials, expires) + credentials, expires, verifysslcert) if error and not response: return response, error
