diff options
| author | Vishvananda Ishaya <vishvananda@gmail.com> | 2013-01-15 12:42:57 -0800 |
|---|---|---|
| committer | Vishvananda Ishaya <vishvananda@gmail.com> | 2013-01-16 09:54:46 -0800 |
| commit | 10cde710124c3cc18892c9f4edbedce979fbfcdc (patch) | |
| tree | 00b1c56b802b989ced7fdde049065f27baee936d | |
| parent | daa5db3f4e990185522f38d1011cfe37141298fe (diff) | |
| download | nova-10cde710124c3cc18892c9f4edbedce979fbfcdc.tar.gz nova-10cde710124c3cc18892c9f4edbedce979fbfcdc.tar.xz nova-10cde710124c3cc18892c9f4edbedce979fbfcdc.zip | |
Save password set through xen agent.
The get-password extension expects an encrypted b64 encoded password.
If we are setting the password via a guest agent and the user has
provided a public key, then we can go ahead and encrypt the password
and write it to metadata. If the guest agent is not working or not
installed, we leave the encrypted password to be set by posting to the
metadata server.
Related to blueprint get-password
Change-Id: I3ed26c7e1929f3c4c84f9bb87b0c620ab27223cb
| -rw-r--r-- | nova/virt/xenapi/agent.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/nova/virt/xenapi/agent.py b/nova/virt/xenapi/agent.py index 61cfa9631..ef08edbc1 100644 --- a/nova/virt/xenapi/agent.py +++ b/nova/virt/xenapi/agent.py @@ -21,6 +21,9 @@ import os import time import uuid +from nova.api.metadata import password +from nova import context +from nova import crypto from nova.openstack.common import cfg from nova.openstack.common import jsonutils from nova.openstack.common import log as logging @@ -207,6 +210,12 @@ class XenAPIBasedAgent(object): LOG.error(msg, instance=self.instance) raise Exception(msg) + sshkey = self.instance.get('key_data') + if sshkey: + enc = crypto.ssh_encrypt_text(sshkey, new_pass) + password.set_password(context.get_admin_context(), + self.instance['uuid'], base64.b64encode(enc)) + return resp['message'] def inject_file(self, path, contents): |