Add thumbprint parameter to Connect.

Add thumbprint parameter to Connect method with default None. Allows thumbprint of connection target to be validated against certificate. SoapStubAdapter already provides a thumbprint parameter. When provided and thumbprint does not match the SoapStubAdapter raises and exception. When the thumbprint matches (or if no thumbprint is provided) then the connection succeeds. This change simply exposes the parameter through Connect and __Login methods.
This commit is contained in:
Tianhao He
2015-11-09 13:23:00 -08:00
parent b478073d11
commit 03349bada4

View File

@@ -177,7 +177,7 @@ class VimSessionOrientedStub(SessionOrientedStub):
def Connect(host='localhost', port=443, user='root', pwd='',
service="hostd", adapter="SOAP", namespace=None, path="/sdk",
version=None, keyFile=None, certFile=None,
version=None, keyFile=None, certFile=None, thumbprint=None,
sslContext=None):
"""
Connect to the specified server, login and return the service
@@ -212,6 +212,8 @@ def Connect(host='localhost', port=443, user='root', pwd='',
@type keyFile: string
@param certFile: ssl cert file path
@type certFile: string
@param thumbprint: host cert thumbprint
@type thumbprint: string
@param sslContext: SSL Context describing the various SSL options. It is only
supported in Python 2.7.9 or higher.
@type sslContext: SSL.Context
@@ -233,7 +235,7 @@ def Connect(host='localhost', port=443, user='root', pwd='',
elif not version:
version="vim.version.version6"
si, stub = __Login(host, port, user, pwd, service, adapter, version, path,
keyFile, certFile, sslContext)
keyFile, certFile, thumbprint, sslContext)
SetSi(si)
return si
@@ -268,7 +270,7 @@ def GetLocalTicket(si, user):
## connected service instance object.
def __Login(host, port, user, pwd, service, adapter, version, path,
keyFile, certFile, sslContext):
keyFile, certFile, thumbprint, sslContext):
"""
Private method that performs the actual Connect and returns a
connected service instance object.
@@ -293,6 +295,8 @@ def __Login(host, port, user, pwd, service, adapter, version, path,
@type keyFile: string
@param certFile: ssl cert file path
@type certFile: string
@param thumbprint: host cert thumbprint
@type thumbprint: string
@param sslContext: SSL Context describing the various SSL options. It is only
supported in Python 2.7.9 or higher.
@type sslContext: SSL.Context
@@ -304,7 +308,8 @@ def __Login(host, port, user, pwd, service, adapter, version, path,
# Create the SOAP stub adapter
stub = SoapStubAdapter(host, port, version=version, path=path,
certKeyFile=keyFile, certFile=certFile, sslContext=sslContext)
certKeyFile=keyFile, certFile=certFile,
thumbprint=thumbprint, sslContext=sslContext)
# Get Service instance
si = vim.ServiceInstance("ServiceInstance", stub)
@@ -558,7 +563,7 @@ def __FindSupportedVersion(protocol, server, port, path, preferredApiVersions, s
def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd='',
service="hostd", path="/sdk",
preferredApiVersions=None, sslContext=None):
preferredApiVersions=None, thumbprint=None, sslContext=None):
"""
Determine the most preferred API version supported by the specified server,
then connect to the specified server using that API version, login and return
@@ -591,6 +596,8 @@ def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd=
specified, the list of versions support by pyVmomi will
be used.
@type preferredApiVersions: string or string list
@param thumbprint: host cert thumbprint
@type thumbprint: string
@param sslContext: SSL Context describing the various SSL options. It is only
supported in Python 2.7.9 or higher.
@type sslContext: SSL.Context
@@ -618,6 +625,7 @@ def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd=
adapter='SOAP',
version=supportedVersion,
path=path,
thumbprint=thumbprint,
sslContext=sslContext)
def OpenUrlWithBasicAuth(url, user='root', pwd=''):