-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CP-25017: Ask xapi whether to use TLS or NOTLS. (#23)
* Remove the command-line "--no-tls" option. * Instead we make an inquiry over a XenAPI session to find out about network purposes. Signed-off-by: Thomas Sanders <[email protected]>
- Loading branch information
Showing
8 changed files
with
157 additions
and
56 deletions.
There are no files selected for viewing
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,28 @@ | ||
(library | ||
((name consts) | ||
(modules consts) | ||
) | ||
) | ||
|
||
(library | ||
((name local_xapi_session) | ||
(modules local_xapi_session) | ||
(libraries | ||
(consts | ||
lwt | ||
lwt.unix | ||
xen-api-client.lwt | ||
) | ||
) | ||
) | ||
) | ||
|
||
(library | ||
((name vbd_store) | ||
(libraries | ||
(lwt | ||
lwt.unix) | ||
) | ||
(modules vbd_store) | ||
) | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
(* | ||
* Copyright (C) Citrix Inc | ||
* | ||
* This program is free software; you can redistribute it and/or modify | ||
* it under the terms of the GNU Lesser General Public License as published | ||
* by the Free Software Foundation; version 2.1 only. with the special | ||
* exception on linking described in file LICENSE. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Lesser General Public License for more details. | ||
*) | ||
|
||
open Lwt.Infix | ||
|
||
module Xen_api = Xen_api_lwt_unix | ||
|
||
let wait_for_xapi_and_login () = | ||
let rpc = Xen_api.make Consts.xapi_unix_domain_socket_uri in | ||
let rec loop () = | ||
Lwt.catch | ||
(fun () -> Xen_api.Session.login_with_password ~rpc ~uname:"" ~pwd:"" ~version:"1.0" ~originator:"xapi-nbd") | ||
(fun e -> | ||
Lwt_log.warning_f "Failed to log in via xapi's Unix domain socket: %s; retrying in %f seconds" (Printexc.to_string e) Consts.wait_for_xapi_retry_delay_seconds >>= fun () -> | ||
Lwt_unix.sleep Consts.wait_for_xapi_retry_delay_seconds >>= fun () -> | ||
loop () | ||
) | ||
in | ||
|
||
let timeout () = | ||
let timeout_s = Consts.wait_for_xapi_timeout_seconds in | ||
Lwt_unix.sleep timeout_s >>= fun () -> | ||
let msg = Printf.sprintf "Failed to log in via xapi's Unix domain socket in %f seconds" timeout_s in | ||
Lwt_log.fatal msg >>= fun () -> | ||
Lwt.fail_with msg | ||
in | ||
|
||
Lwt_log.notice_f "Will try to log in via xapi's Unix domain socket for %f seconds" Consts.wait_for_xapi_timeout_seconds >>= fun () -> | ||
Lwt.pick [loop (); timeout ()] >|= fun session_id -> | ||
(rpc, session_id) | ||
|
||
let with_session f = | ||
wait_for_xapi_and_login () >>= fun (rpc, session_id) -> | ||
Lwt.finalize | ||
(fun () -> f rpc session_id) | ||
(fun () -> Xen_api.Session.logout ~rpc ~session_id) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
(* | ||
* Copyright (C) Citrix Inc | ||
* | ||
* This program is free software; you can redistribute it and/or modify | ||
* it under the terms of the GNU Lesser General Public License as published | ||
* by the Free Software Foundation; version 2.1 only. with the special | ||
* exception on linking described in file LICENSE. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Lesser General Public License for more details. | ||
*) | ||
|
||
(** [with_session f] logs in as the local superuser via xapi's local Unix | ||
domain socket, and takes care to close the session when [f] finishes. It | ||
keeps retrying the login requests up to | ||
{!Consts.wait_for_xapi_timeout_seconds} seconds. If it does not manage to | ||
log in before this timeout, it fails with an exception. It waits for | ||
{!Consts.wait_for_xapi_retry_delay_seconds} seconds between subsequent | ||
login attempts. *) | ||
val with_session : | ||
((Rpc.call -> Rpc.response Lwt.t) -> [`session] API.Ref.t -> 'a Lwt.t) -> | ||
'a Lwt.t |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,6 +5,8 @@ | |
(public_name xapi-nbd) | ||
(libraries | ||
(cmdliner | ||
consts | ||
local_xapi_session | ||
lwt | ||
lwt.unix | ||
mirage-block-unix | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters