From 00971feed32d22ae9bc63aea716ecf4e972aee32 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren.hansen@rackspace.com>
Date: Wed, 30 Jun 2010 16:46:26 +0200
Subject: Replace spaces in x509 cert subject with underscores. It ends up
 getting split(' ')'ed and passed to subprocess.Popen, so it needs to not have
 spaces in it, otherwise openssl gets very upset.

---
 nova/auth/users.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'nova')

diff --git a/nova/auth/users.py b/nova/auth/users.py
index 6997596aa..12c73ca27 100644
--- a/nova/auth/users.py
+++ b/nova/auth/users.py
@@ -481,7 +481,7 @@ class UserManager(object):
 
     def __cert_subject(self, uid):
         # FIXME(ja) - this should be pulled from a global configuration
-        return "/C=US/ST=California/L=Mountain View/O=Anso Labs/OU=Nova Dev/CN=%s-%s" % (uid, str(datetime.datetime.utcnow().isoformat()))
+        return "/C=US/ST=California/L=Mountain_View/O=Anso_Labs/OU=Nova_Dev/CN=%s-%s" % (uid, str(datetime.datetime.utcnow().isoformat()))
 
 
 class LDAPWrapper(object):
-- 
cgit 


From 7ce77bfffca575e0136807779d98140280c7fa90 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren.hansen@rackspace.com>
Date: Wed, 30 Jun 2010 16:46:47 +0200
Subject: Add _s instance attribute to Instance class. It's referenced in a
 bunch of places, but is never set. This is unlikely to be the right fix (why
 have two attributes pointing to the same object?), but it seems to make ends
 meet.

---
 nova/compute/node.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'nova')

diff --git a/nova/compute/node.py b/nova/compute/node.py
index c217056f5..b39a0fe9c 100644
--- a/nova/compute/node.py
+++ b/nova/compute/node.py
@@ -269,6 +269,7 @@ class Instance(object):
             data['project_id'] = data['owner_id']
         self.datamodel = data
 
+        self._s = data
         size = data.get('instance_type', FLAGS.default_instance_type)
         if size not in INSTANCE_TYPES:
             raise exception.Error('invalid instance type: %s' % size)
-- 
cgit 


From 3b916f690ce332ac15e1ec50d5e511ec6a9895ab Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren.hansen@rackspace.com>
Date: Wed, 30 Jun 2010 16:47:12 +0200
Subject: Make sure get_assigned_vlans and BaseNetwork.hosts always return a
 dict, even if the key is currently empty in the KVS.

---
 nova/compute/network.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'nova')

diff --git a/nova/compute/network.py b/nova/compute/network.py
index 911d0344a..94fa6c47a 100644
--- a/nova/compute/network.py
+++ b/nova/compute/network.py
@@ -133,7 +133,7 @@ class BaseNetwork(datastore.RedisModel):
 
     @property
     def hosts(self):
-        return datastore.Redis.instance().hgetall(self._hosts_key)
+        return datastore.Redis.instance().hgetall(self._hosts_key) or {}
 
     def _add_host(self, _user_id, _project_id, host, target):
         datastore.Redis.instance().hset(self._hosts_key, host, target)
@@ -392,7 +392,7 @@ def _rem_vlan(project_id):
 
 def get_assigned_vlans():
     """ Returns a dictionary, with keys of project_id and values of vlan_id """
-    return datastore.Redis.instance().hgetall(VLANS_KEY)
+    return datastore.Redis.instance().hgetall(VLANS_KEY) or {}
 
 def get_vlan_for_project(project_id):
     """
-- 
cgit 


From baea119aefe8e939eb5796b17fab29f5ae283449 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren.hansen@rackspace.com>
Date: Mon, 5 Jul 2010 12:46:26 +0200
Subject: Use rmdir instead of rm -rf to remove a tempdir.

---
 nova/compute/disk.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'nova')

diff --git a/nova/compute/disk.py b/nova/compute/disk.py
index e7090dad3..f4d75a781 100644
--- a/nova/compute/disk.py
+++ b/nova/compute/disk.py
@@ -126,8 +126,7 @@ def inject_key(key, image, partition=None, execute=None):
                 yield execute('sudo umount %s' % mapped_device)
         finally:
             # remove temporary directory
-            # TODO(termie): scary, is there any thing we can check here?
-            yield execute('rm -rf %s' % tmpdir)
+            yield execute('rmdir %s' % tmpdir)
             if not partition is None:
                 # remove partitions
                 yield execute('sudo kpartx -d %s' % device)
-- 
cgit 


From 6e77201cbab22d0c4b383b245d5957946a229e4c Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren.hansen@rackspace.com>
Date: Tue, 6 Jul 2010 17:35:33 +0200
Subject: If set, pass KernelId and RamdiskId from RunInstances call to the
 target compute node.

---
 nova/endpoint/cloud.py | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'nova')

diff --git a/nova/endpoint/cloud.py b/nova/endpoint/cloud.py
index 39b3fd628..7b2d23e37 100644
--- a/nova/endpoint/cloud.py
+++ b/nova/endpoint/cloud.py
@@ -498,6 +498,10 @@ class CloudController(object):
             inst = self.instdir.new()
             # TODO(ja): add ari, aki
             inst['image_id'] = kwargs['image_id']
+            if 'kernel_id' in kwargs:
+                inst['kernel_id'] = kwargs['kernel_id']
+            if 'ramdisk_id' in kwargs:
+                inst['ramdisk_id'] = kwargs['ramdisk_id']
             inst['user_data'] = kwargs.get('user_data', '')
             inst['instance_type'] = kwargs.get('instance_type', 'm1.small')
             inst['reservation_id'] = reservation_id
-- 
cgit 


From dfdb094956acce5f0d459203a9f95067f989d68d Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren.hansen@rackspace.com>
Date: Mon, 12 Jul 2010 16:28:19 -0500
Subject: Avoid using s-expr, pkcs1-conv, and lsh-export-key.

Instead we now use M2Crypto and struct.pack to construct it on our own.

This removes a dependency on nettle-bin and lsh-utils (which were never
specified in debian/control).
---
 nova/crypto.py | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

(limited to 'nova')

diff --git a/nova/crypto.py b/nova/crypto.py
index 80b4ef9de..4f97bb824 100644
--- a/nova/crypto.py
+++ b/nova/crypto.py
@@ -23,10 +23,12 @@ Wrappers around standard crypto, including root and intermediate CAs,
 SSH keypairs and x509 certificates.
 """
 
+import base64
 import hashlib
 import logging
 import os
 import shutil
+import struct
 import tempfile
 import time
 import utils
@@ -86,14 +88,17 @@ def generate_key_pair(bits=1024):
 
 
 def ssl_pub_to_ssh_pub(ssl_public_key, name='root', suffix='nova'):
-    """requires lsh-utils"""
-    convert="sed -e'1d' -e'$d' |  pkcs1-conv --public-key-info --base-64 |" \
-    + " sexp-conv |  sed -e'1s/(rsa-pkcs1/(rsa-pkcs1-sha1/' |  sexp-conv -s" \
-    + " transport | lsh-export-key --openssh"
-    (out, err) = utils.execute(convert, ssl_public_key)
-    if err:
-        raise exception.Error("Failed to generate key: %s", err)
-    return '%s %s@%s\n' %(out.strip(), name, suffix)
+    rsa_key = M2Crypto.RSA.load_pub_key_bio(M2Crypto.BIO.MemoryBuffer(ssl_public_key))
+    e, n = rsa_key.pub()
+
+    key_type = 'ssh-rsa'
+
+    key_data = struct.pack('>I', len(key_type))
+    key_data += key_type
+    key_data += '%s%s' % (e,n)
+
+    b64_blob = base64.b64encode(key_data)
+    return '%s %s %s@%s\n' %(key_type, b64_blob, name, suffix)
 
 
 def generate_x509_cert(subject="/C=US/ST=California/L=The Mission/O=CloudFed/OU=NOVA/CN=foo", bits=1024):
-- 
cgit