openstack/deb-python-pyvmomi
Code Issues Proposed changes

Add thumbprint parameter to Connect.

Browse Source 
Add thumbprint parameter to Connect method with default None. Allows thumbprint of connection target to be validated against certificate. SoapStubAdapter already provides a thumbprint parameter. When provided and thumbprint does not match the SoapStubAdapter raises and exception. When the thumbprint matches (or if no thumbprint is provided) then the connection succeeds. This change simply exposes the parameter through Connect and __Login methods.
This commit is contained in:
Tianhao He
2015-11-09 13:23:00 -08:00
parent b478073d11
commit 03349bada4
1 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pyVim/connect.py
View File

@@ -177,7 +177,7 @@ class VimSessionOrientedStub(SessionOrientedStub):
def Connect(host='localhost', port=443, user='root', pwd='', def Connect(host='localhost', port=443, user='root', pwd='',
service="hostd", adapter="SOAP", namespace=None, path="/sdk", service="hostd", adapter="SOAP", namespace=None, path="/sdk",
version=None, keyFile=None, certFile=None, version=None, keyFile=None, certFile=None, thumbprint=None,
sslContext=None): sslContext=None):
""" """
Connect to the specified server, login and return the service Connect to the specified server, login and return the service
@@ -212,6 +212,8 @@ def Connect(host='localhost', port=443, user='root', pwd='',
@type keyFile: string @type keyFile: string
@param certFile: ssl cert file path @param certFile: ssl cert file path
@type certFile: string @type certFile: string
@param thumbprint: host cert thumbprint
@type thumbprint: string
@param sslContext: SSL Context describing the various SSL options. It is only @param sslContext: SSL Context describing the various SSL options. It is only
supported in Python 2.7.9 or higher. supported in Python 2.7.9 or higher.
@type sslContext: SSL.Context @type sslContext: SSL.Context
@@ -233,7 +235,7 @@ def Connect(host='localhost', port=443, user='root', pwd='',
elif not version: elif not version:
version="vim.version.version6" version="vim.version.version6"
si, stub = __Login(host, port, user, pwd, service, adapter, version, path, si, stub = __Login(host, port, user, pwd, service, adapter, version, path,
keyFile, certFile, sslContext) keyFile, certFile, thumbprint, sslContext)
SetSi(si) SetSi(si)
return si return si
@@ -268,7 +270,7 @@ def GetLocalTicket(si, user):
## connected service instance object. ## connected service instance object.
def __Login(host, port, user, pwd, service, adapter, version, path, def __Login(host, port, user, pwd, service, adapter, version, path,
keyFile, certFile, sslContext): keyFile, certFile, thumbprint, sslContext):
""" """
Private method that performs the actual Connect and returns a Private method that performs the actual Connect and returns a
connected service instance object. connected service instance object.
@@ -293,6 +295,8 @@ def __Login(host, port, user, pwd, service, adapter, version, path,
@type keyFile: string @type keyFile: string
@param certFile: ssl cert file path @param certFile: ssl cert file path
@type certFile: string @type certFile: string
@param thumbprint: host cert thumbprint
@type thumbprint: string
@param sslContext: SSL Context describing the various SSL options. It is only @param sslContext: SSL Context describing the various SSL options. It is only
supported in Python 2.7.9 or higher. supported in Python 2.7.9 or higher.
@type sslContext: SSL.Context @type sslContext: SSL.Context
@@ -304,7 +308,8 @@ def __Login(host, port, user, pwd, service, adapter, version, path,
# Create the SOAP stub adapter # Create the SOAP stub adapter
stub = SoapStubAdapter(host, port, version=version, path=path, stub = SoapStubAdapter(host, port, version=version, path=path,
certKeyFile=keyFile, certFile=certFile, sslContext=sslContext) certKeyFile=keyFile, certFile=certFile,
thumbprint=thumbprint, sslContext=sslContext)
# Get Service instance # Get Service instance
si = vim.ServiceInstance("ServiceInstance", stub) si = vim.ServiceInstance("ServiceInstance", stub)
@@ -558,7 +563,7 @@ def __FindSupportedVersion(protocol, server, port, path, preferredApiVersions, s
def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd='', def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd='',
service="hostd", path="/sdk", service="hostd", path="/sdk",
preferredApiVersions=None, sslContext=None): preferredApiVersions=None, thumbprint=None, sslContext=None):
""" """
Determine the most preferred API version supported by the specified server, Determine the most preferred API version supported by the specified server,
then connect to the specified server using that API version, login and return then connect to the specified server using that API version, login and return
@@ -591,6 +596,8 @@ def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd=
specified, the list of versions support by pyVmomi will specified, the list of versions support by pyVmomi will
be used. be used.
@type preferredApiVersions: string or string list @type preferredApiVersions: string or string list
@param thumbprint: host cert thumbprint
@type thumbprint: string
@param sslContext: SSL Context describing the various SSL options. It is only @param sslContext: SSL Context describing the various SSL options. It is only
supported in Python 2.7.9 or higher. supported in Python 2.7.9 or higher.
@type sslContext: SSL.Context @type sslContext: SSL.Context
@@ -618,6 +625,7 @@ def SmartConnect(protocol='https', host='localhost', port=443, user='root', pwd=
adapter='SOAP', adapter='SOAP',
version=supportedVersion, version=supportedVersion,
path=path, path=path,
thumbprint=thumbprint,
sslContext=sslContext) sslContext=sslContext)
def OpenUrlWithBasicAuth(url, user='root', pwd=''): def OpenUrlWithBasicAuth(url, user='root', pwd=''):