Re: [PATCH] virtinst adding in disk signature support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



new patch, should have everything corrected below
- md5 option in image.rng
- broke up long lines
- new image.xml example w/ md5
- using builtin python sha/md5 support


Cole Robinson wrote:
Joey Boggs wrote:
Just to make sure, if I move that logic for "either sha1/md5 and not None" into ImageParser right when I pull in the checksum data that would that be sufficient?


Right, that should work.

- Cole

_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools

diff -r 58a909b4f71c doc/image.rng
--- a/doc/image.rng	Mon Sep 22 11:32:11 2008 -0400
+++ b/doc/image.rng	Wed Sep 24 16:34:10 2008 -0400
@@ -197,6 +197,15 @@
             </choice>
           </attribute>
         </optional>
+        <optional>
+          <element name="checksum">
+            <attribute name="type">
+              <value>sha1</value>
+              <value>md5</value>
+            </attribute>
+            <text/>
+          </element>
+        </optional>
       </element>
     </oneOrMore>
   </define>
diff -r 58a909b4f71c virt-image
--- a/virt-image	Mon Sep 22 11:32:11 2008 -0400
+++ b/virt-image	Wed Sep 24 16:34:10 2008 -0400
@@ -97,6 +97,8 @@
                       help=_("Number of vcpus to configure for your guest"))
     parser.add_option("", "--check-cpu", action="store_true", dest="check_cpu",
                       help=_("Check that vcpus do not exceed physical CPUs and warn if they do."))
+    parser.add_option("", "--checksum-ignore", action="store_true", dest="checksum_ignore",
+                      help=_("Ignore unmatching checksum values for disk signatures."))
 
     # network options
     parser.add_option("-m", "--mac", type="string",
@@ -188,6 +190,10 @@
     # now let's get some of the common questions out of the way
     get_name(options.name, image.name, guest)
     get_memory(options.memory, image.domain.memory, guest)
+
+    if not options.checksum_ignore:
+        cli.check_disk_signature(image,guest)
+
     cli.get_uuid(options.uuid, guest)
     get_vcpus(options.vcpus, image.domain.vcpu, options.check_cpu,
               guest, conn)
diff -r 58a909b4f71c virtinst/ImageParser.py
--- a/virtinst/ImageParser.py	Mon Sep 22 11:32:11 2008 -0400
+++ b/virtinst/ImageParser.py	Wed Sep 24 16:34:10 2008 -0400
@@ -23,6 +23,7 @@
 import libxml2
 import CapabilitiesParser
 from virtinst import _virtinst as _
+from virtinst.cli import fail
 
 class ParserException(Exception):
     def __init__(self, msg):
@@ -213,7 +214,12 @@
         self.format = xpathString(node, "@format", Disk.FORMAT_RAW)
         self.size = xpathString(node, "@size")
         self.use = xpathString(node, "@use", Disk.USE_SYSTEM)
-
+        self.checksum = xpathString(node, "checksum") 
+        self.checksumtype = xpathString(node, "checksum/@type")
+        if self.checksumtype is None or self.checksumtype == "sha1" or self.checksumtype == "md5":
+            pass
+        else:
+            fail(_("Invalid Checksum Type for %s. \n\nTo override the signature check add the --checksum-ignore option" % self.file))
         formats = [Disk.FORMAT_RAW, Disk.FORMAT_QCOW, Disk.FORMAT_QCOW2, Disk.FORMAT_VMDK, Disk.FORMAT_ISO]
         validate (formats.count(self.format) > 0,
                   _("The format for disk %s must be one of %s") %
diff -r 58a909b4f71c virtinst/cli.py
--- a/virtinst/cli.py	Mon Sep 22 11:32:11 2008 -0400
+++ b/virtinst/cli.py	Wed Sep 24 16:34:10 2008 -0400
@@ -30,6 +30,8 @@
 from virtinst import Guest, CapabilitiesParser, VirtualNetworkInterface, \
                      VirtualGraphics, VirtualAudio
 from virtinst import _virtinst as _
+import sha
+import md5
 
 MIN_RAM = 64
 force = False
@@ -352,6 +354,35 @@
     if sound:
         guest.sound_devs.append(VirtualAudio(model="es1370"))
 
+def check_disk_signature(image,guest):
+    i = 0
+    disks = {}
+    for k in image.storage.keys():
+        disks[i] = image.storage[k]
+
+        if disks[i].checksumtype == "sha1":
+            print _("\nChecking disk signature for: %s...") % disks[i].file
+            file=open(disks[i].file,'r').read()
+            checksum=sha.new(file).hexdigest()
+
+        elif disks[i].checksumtype == "md5":
+            print _("\nChecking disk signature for: %s...") % disks[i].file
+            file=open(disks[i].file,'r').read()
+            checksum=md5.new(file).hexdigest()
+        else:
+            if disks[i].checksumtype is None: 
+                return
+
+        if checksum != disks[i].checksum:
+            fail(_("Disk signature for %s does not match \n Expected: %s \n Received: %s"
+                   " \n\n To override the signature check add the --checksum-ignore option"
+                   % (disks[i].file,disks[i].checksum,checksum)))
+        else:
+            print "Disk Signature Verified"
+        i = i + 1    
+
+    return
+
 ### Option parsing
 def check_before_store(option, opt_str, value, parser):
     if len(value) == 0:
<image>
  <name>test-appliance</name>
  <label>A simple test appliance</label>
  <domain>
    <boot type='xen'>
      <guest>
        <arch>i686</arch>
        <features><pae/></features>
      </guest>
      <os>
        <kernel>vmlinuz-2.6.18-8.el5xen</kernel>
        <cmdline>ro root=/dev/xvda2 selinux=0 3</cmdline>
      </os>
      <drive disk="root.raw" target="xvda"/>
      <drive disk="data.raw" target="xvdb"/>
      <drive disk="scratch.raw" target="xvdc"/>
    </boot>
    <boot type="hvm">
      <guest>
        <arch>i686</arch>
        <features><pae/></features>
      </guest>
      <os>
        <loader dev="hd"/>
      </os>
      <drive disk="root.raw" target="hda"/>
      <drive disk="data.raw" target="hdb"/>
      <drive disk="scratch.raw" target="hdd"/>
    </boot>
    <devices>
      <vcpu>7</vcpu>
      <memory>262144</memory>
      <interface/>
      <graphics/>
    </devices>
  </domain>
  <storage>
    <disk file="root.raw" format="raw" size="4096" use="system">
      <checksum type="sha1">0a86ef9d2e3bbc87a809a7f7e1d6d105b2f0089c</checksum>
    </disk>
    <disk file="data.raw" format="raw" size='2048' use="user">
      <checksum type="md5">84724eae0e611fedfc01955194c082719d1d593e</checksum>
    </disk>
    <disk file="scratch.raw" format="raw" size='100' use='scratch'/>
  </storage>
</image>
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools

[Index of Archives]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux