new patch, should have everything corrected below
- md5 option in image.rng
- broke up long lines
- new image.xml example w/ md5
- using builtin python sha/md5 support
Cole Robinson wrote:
Joey Boggs wrote:
Just to make sure, if I move that logic for "either sha1/md5 and not
None" into ImageParser right when I pull in the checksum data that would
that be sufficient?
Right, that should work.
- Cole
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
diff -r 58a909b4f71c doc/image.rng
--- a/doc/image.rng Mon Sep 22 11:32:11 2008 -0400
+++ b/doc/image.rng Wed Sep 24 16:34:10 2008 -0400
@@ -197,6 +197,15 @@
</choice>
</attribute>
</optional>
+ <optional>
+ <element name="checksum">
+ <attribute name="type">
+ <value>sha1</value>
+ <value>md5</value>
+ </attribute>
+ <text/>
+ </element>
+ </optional>
</element>
</oneOrMore>
</define>
diff -r 58a909b4f71c virt-image
--- a/virt-image Mon Sep 22 11:32:11 2008 -0400
+++ b/virt-image Wed Sep 24 16:34:10 2008 -0400
@@ -97,6 +97,8 @@
help=_("Number of vcpus to configure for your guest"))
parser.add_option("", "--check-cpu", action="store_true", dest="check_cpu",
help=_("Check that vcpus do not exceed physical CPUs and warn if they do."))
+ parser.add_option("", "--checksum-ignore", action="store_true", dest="checksum_ignore",
+ help=_("Ignore unmatching checksum values for disk signatures."))
# network options
parser.add_option("-m", "--mac", type="string",
@@ -188,6 +190,10 @@
# now let's get some of the common questions out of the way
get_name(options.name, image.name, guest)
get_memory(options.memory, image.domain.memory, guest)
+
+ if not options.checksum_ignore:
+ cli.check_disk_signature(image,guest)
+
cli.get_uuid(options.uuid, guest)
get_vcpus(options.vcpus, image.domain.vcpu, options.check_cpu,
guest, conn)
diff -r 58a909b4f71c virtinst/ImageParser.py
--- a/virtinst/ImageParser.py Mon Sep 22 11:32:11 2008 -0400
+++ b/virtinst/ImageParser.py Wed Sep 24 16:34:10 2008 -0400
@@ -23,6 +23,7 @@
import libxml2
import CapabilitiesParser
from virtinst import _virtinst as _
+from virtinst.cli import fail
class ParserException(Exception):
def __init__(self, msg):
@@ -213,7 +214,12 @@
self.format = xpathString(node, "@format", Disk.FORMAT_RAW)
self.size = xpathString(node, "@size")
self.use = xpathString(node, "@use", Disk.USE_SYSTEM)
-
+ self.checksum = xpathString(node, "checksum")
+ self.checksumtype = xpathString(node, "checksum/@type")
+ if self.checksumtype is None or self.checksumtype == "sha1" or self.checksumtype == "md5":
+ pass
+ else:
+ fail(_("Invalid Checksum Type for %s. \n\nTo override the signature check add the --checksum-ignore option" % self.file))
formats = [Disk.FORMAT_RAW, Disk.FORMAT_QCOW, Disk.FORMAT_QCOW2, Disk.FORMAT_VMDK, Disk.FORMAT_ISO]
validate (formats.count(self.format) > 0,
_("The format for disk %s must be one of %s") %
diff -r 58a909b4f71c virtinst/cli.py
--- a/virtinst/cli.py Mon Sep 22 11:32:11 2008 -0400
+++ b/virtinst/cli.py Wed Sep 24 16:34:10 2008 -0400
@@ -30,6 +30,8 @@
from virtinst import Guest, CapabilitiesParser, VirtualNetworkInterface, \
VirtualGraphics, VirtualAudio
from virtinst import _virtinst as _
+import sha
+import md5
MIN_RAM = 64
force = False
@@ -352,6 +354,35 @@
if sound:
guest.sound_devs.append(VirtualAudio(model="es1370"))
+def check_disk_signature(image,guest):
+ i = 0
+ disks = {}
+ for k in image.storage.keys():
+ disks[i] = image.storage[k]
+
+ if disks[i].checksumtype == "sha1":
+ print _("\nChecking disk signature for: %s...") % disks[i].file
+ file=open(disks[i].file,'r').read()
+ checksum=sha.new(file).hexdigest()
+
+ elif disks[i].checksumtype == "md5":
+ print _("\nChecking disk signature for: %s...") % disks[i].file
+ file=open(disks[i].file,'r').read()
+ checksum=md5.new(file).hexdigest()
+ else:
+ if disks[i].checksumtype is None:
+ return
+
+ if checksum != disks[i].checksum:
+ fail(_("Disk signature for %s does not match \n Expected: %s \n Received: %s"
+ " \n\n To override the signature check add the --checksum-ignore option"
+ % (disks[i].file,disks[i].checksum,checksum)))
+ else:
+ print "Disk Signature Verified"
+ i = i + 1
+
+ return
+
### Option parsing
def check_before_store(option, opt_str, value, parser):
if len(value) == 0:
<image>
<name>test-appliance</name>
<label>A simple test appliance</label>
<domain>
<boot type='xen'>
<guest>
<arch>i686</arch>
<features><pae/></features>
</guest>
<os>
<kernel>vmlinuz-2.6.18-8.el5xen</kernel>
<cmdline>ro root=/dev/xvda2 selinux=0 3</cmdline>
</os>
<drive disk="root.raw" target="xvda"/>
<drive disk="data.raw" target="xvdb"/>
<drive disk="scratch.raw" target="xvdc"/>
</boot>
<boot type="hvm">
<guest>
<arch>i686</arch>
<features><pae/></features>
</guest>
<os>
<loader dev="hd"/>
</os>
<drive disk="root.raw" target="hda"/>
<drive disk="data.raw" target="hdb"/>
<drive disk="scratch.raw" target="hdd"/>
</boot>
<devices>
<vcpu>7</vcpu>
<memory>262144</memory>
<interface/>
<graphics/>
</devices>
</domain>
<storage>
<disk file="root.raw" format="raw" size="4096" use="system">
<checksum type="sha1">0a86ef9d2e3bbc87a809a7f7e1d6d105b2f0089c</checksum>
</disk>
<disk file="data.raw" format="raw" size='2048' use="user">
<checksum type="md5">84724eae0e611fedfc01955194c082719d1d593e</checksum>
</disk>
<disk file="scratch.raw" format="raw" size='100' use='scratch'/>
</storage>
</image>
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
