From 41cc2bbb161a7ac06ba6069e030857146326c189 Mon Sep 17 00:00:00 2001
From: Daniel Molina <danmolin@fdi.ucm.es>
Date: Fri, 23 Sep 2011 01:14:53 +0200
Subject: [PATCH] feature #795: Fix bugs in X509CloudAuth
---
src/cloud/common/CloudAuth/BasicCloudAuth.rb | 4 +--
src/cloud/common/CloudAuth/EC2CloudAuth.rb | 4 +--
src/cloud/common/CloudAuth/X509CloudAuth.rb | 33 +++++++++++---------
3 files changed, 23 insertions(+), 18 deletions(-)
diff --git a/src/cloud/common/CloudAuth/BasicCloudAuth.rb b/src/cloud/common/CloudAuth/BasicCloudAuth.rb
index 63a60369d1..0bea9ecda1 100644
--- a/src/cloud/common/CloudAuth/BasicCloudAuth.rb
+++ b/src/cloud/common/CloudAuth/BasicCloudAuth.rb
@@ -12,7 +12,7 @@ module BasicCloudAuth
one_pass = get_password(username)
if one_pass && one_pass == password
@token = "#{username}:#{password}"
- @client = Client.new(@token, @xmlrpc, false)
+ @client = Client.new(@token, @conf[:one_xmlrpc], false)
return nil
else
return "Authentication failure"
@@ -21,4 +21,4 @@ module BasicCloudAuth
return "Basic auth not provided"
end
end
-end
\ No newline at end of file
+end
diff --git a/src/cloud/common/CloudAuth/EC2CloudAuth.rb b/src/cloud/common/CloudAuth/EC2CloudAuth.rb
index 2842d8c940..c47514ea16 100644
--- a/src/cloud/common/CloudAuth/EC2CloudAuth.rb
+++ b/src/cloud/common/CloudAuth/EC2CloudAuth.rb
@@ -21,7 +21,7 @@ module EC2CloudAuth
end
@token = "#{username}:#{one_pass}"
- @client = Client.new(@token, @xmlrpc, false)
+ @client = Client.new(@token, @conf[:one_xmlrpc], false)
return nil
end
@@ -73,4 +73,4 @@ module EC2CloudAuth
return b64hmac
end
end
-end
\ No newline at end of file
+end
diff --git a/src/cloud/common/CloudAuth/X509CloudAuth.rb b/src/cloud/common/CloudAuth/X509CloudAuth.rb
index 6488b7999e..835d65a565 100644
--- a/src/cloud/common/CloudAuth/X509CloudAuth.rb
+++ b/src/cloud/common/CloudAuth/X509CloudAuth.rb
@@ -1,14 +1,20 @@
module X509CloudAuth
- # TBD Adapt to the new CloudAuth system
-
# Gets the username associated with a password
# password:: _String_ the password
# [return] _Hash_ with the username
def get_username(password)
- @user_pool.info
- #STDERR.puts 'the password is ' + password
- #STDERR.puts @user_pool["User[PASSWORD=\"#{password}\"]"]
- username = @user_pool["User[PASSWORD=\"#{password}\"]/NAME"]
+ @oneadmin_client ||= OpenNebula::Client.new(nil, @conf[:one_xmlrpc])
+
+ if @user_pool.nil?
+ @user_pool ||= OpenNebula::UserPool.new(@oneadmin_client)
+
+ rc = @user_pool.info
+ if OpenNebula.is_error?(rc)
+ raise rc.message
+ end
+ end
+
+ username = @user_pool["USER[PASSWORD=\"#{password}\"]/NAME"]
return username if (username != nil)
# Check if the DN is part of a |-separted multi-DN password
@@ -28,7 +34,7 @@ module X509CloudAuth
if matched
password = matched.to_s
end
- puts("The password is " + password)
+
return @user_pool["USER[PASSWORD=\"#{password}\"]/NAME"]
end
@@ -43,7 +49,7 @@ module X509CloudAuth
while cert_line
begin
cert_array=cert_line.scan(/([^\s]*)\s/)
- cert_array = cert_array[2..-3]
+ cert_array = cert_array[2..-2]
cert_array.unshift('-----BEGIN CERTIFICATE-----')
cert_array.push('-----END CERTIFICATE-----')
cert_pem = cert_array.join("\n")
@@ -72,16 +78,15 @@ module X509CloudAuth
msg = ""
msg << failed
msg << "Username not found in certificate chain "
- msg << chain_dn
+ msg << chain_dn if chain_dn
raise msg
end
auth = ServerAuth.new
- login = auth.login_token(username, subjectname, 300)
+ @token = auth.login_token(username, subjectname, 300)
+ @client = Client.new(@token, @conf[:one_xmlrpc], false)
- STDERR.puts login
-
- return one_client_user("dummy", login)
+ return nil
end
-end
\ No newline at end of file
+end