summaryrefslogtreecommitdiff
path: root/bz2029791-1-fence_openstack-add-ssl-insecure.patch
diff options
context:
space:
mode:
Diffstat (limited to 'bz2029791-1-fence_openstack-add-ssl-insecure.patch')
-rw-r--r--bz2029791-1-fence_openstack-add-ssl-insecure.patch72
1 files changed, 72 insertions, 0 deletions
diff --git a/bz2029791-1-fence_openstack-add-ssl-insecure.patch b/bz2029791-1-fence_openstack-add-ssl-insecure.patch
new file mode 100644
index 0000000..e616cc8
--- /dev/null
+++ b/bz2029791-1-fence_openstack-add-ssl-insecure.patch
@@ -0,0 +1,72 @@
+From f79436d3a5e4cf279be0974e9633ad8994a017f7 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Mon, 6 Dec 2021 12:59:31 +0100
+Subject: [PATCH] fence_openstack: add --ssl-insecure
+
+---
+ agents/openstack/fence_openstack.py | 7 +++++--
+ tests/data/metadata/fence_openstack.xml | 5 +++++
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/agents/openstack/fence_openstack.py b/agents/openstack/fence_openstack.py
+index c480596c1..c2d9df160 100755
+--- a/agents/openstack/fence_openstack.py
++++ b/agents/openstack/fence_openstack.py
+@@ -89,7 +89,7 @@ def set_power_status(conn, options):
+
+
+ def nova_login(username, password, projectname, auth_url, user_domain_name,
+- project_domain_name, cacert, apitimeout):
++ project_domain_name, ssl_insecure, cacert, apitimeout):
+ legacy_import = False
+
+ try:
+@@ -127,7 +127,7 @@ def nova_login(username, password, projectname, auth_url, user_domain_name,
+ cacert=cacert,
+ )
+
+- session = ksc_session.Session(auth=auth, verify=cacert, timeout=apitimeout)
++ session = ksc_session.Session(auth=auth, verify=False if ssl_insecure else cacert, timeout=apitimeout)
+ nova = client.Client("2", session=session, timeout=apitimeout)
+ apiversion = None
+ try:
+@@ -220,6 +220,7 @@ def main():
+ "port",
+ "no_port",
+ "uuid",
++ "ssl_insecure",
+ "cacert",
+ "apitimeout",
+ ]
+@@ -268,6 +269,7 @@ def main():
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
+ user_domain_name = options["--user-domain-name"]
+ project_domain_name = options["--project-domain-name"]
++ ssl_insecure = "--ssl-insecure" in options
+ cacert = options["--cacert"]
+ apitimeout = options["--apitimeout"]
+ try:
+@@ -278,6 +280,7 @@ def main():
+ auth_url,
+ user_domain_name,
+ project_domain_name,
++ ssl_insecure,
+ cacert,
+ apitimeout,
+ )
+diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml
+index 84503bbe0..926d18c3d 100644
+--- a/tests/data/metadata/fence_openstack.xml
++++ b/tests/data/metadata/fence_openstack.xml
+@@ -43,6 +43,11 @@
+ <content type="string" />
+ <shortdesc lang="en">UUID of the node to be fenced.</shortdesc>
+ </parameter>
++ <parameter name="ssl_insecure" unique="0" required="0">
++ <getopt mixed="--ssl-insecure" />
++ <content type="boolean" />
++ <shortdesc lang="en">Use SSL connection without verifying certificate</shortdesc>
++ </parameter>
+ <parameter name="username" unique="0" required="1" obsoletes="login">
+ <getopt mixed="-l, --username=[name]" />
+ <content type="string" />
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-18 00:46:37 +0000