shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-22 18:50:08 +03:00
Code Releases Wiki Activity

F #3859: Encrypt message in send_to_monitor (#4865)

Browse Source
This commit is contained in:
Pavel Czerný 2020-06-02 16:21:40 +02:00 committed by GitHub
parent c4dc6343eb
commit a190d2d14c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 33 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/mad/sh/scripts_common.sh
View File

@ -1072,19 +1072,45 @@ function send_to_monitor {
mon_config=$(augtool -L -l $mon_conf ls /files/$mon_conf/NETWORK)
mon_address=$(echo "$mon_config" | grep MONITOR_ADDRESS | awk '{print $3}')
mon_port=$(echo "$mon_config" | grep PORT | awk '{print $3}')
mon_key=$(echo "$mon_config" | grep PUBKEY | awk '{print $3}')
mon_key=$(echo "$mon_config" | grep PUBKEY | awk '{print $3}' | \
sed 's/^"\(.*\)"$/\1/')
if [[ $mon_address == *"auto"* ]]; then
mon_address="127.0.0.1"
fi
# Encrypt message
if [ -n "$mon_key" -a -r "$mon_key" ]; then
# Read block size from public key
block_size=$(openssl rsa -RSAPublicKey_in -in "$mon_key" -text -noout \
| grep "Public-Key" | tr -dc '0-9')
block_size=$(( block_size / 8 ))
# Convert public key to format known to openssl
pub_key=$(mktemp)
openssl rsa -RSAPublicKey_in -in "$mon_key" -pubout -out "$pub_key"
\2>/dev/null
# Encrypt payload per block_size to temporary file
tmp_file=$(mktemp)
for line in $(echo "$msg_payload" | fold -w$block_size); do
echo $line | openssl rsautl -encrypt -pubin -inkey "$pub_key" \
>>$tmp_file
done
payload_b64="$(cat "$tmp_file" | \
ruby -e "require 'zlib'; puts Zlib::Deflate.deflate(STDIN.read)" \
| base64 -w 0)"
rm "$tmp_file"
rm "$pub_key"
else
payload_b64="$(echo $msg_payload | \
ruby -e "require 'zlib'; puts Zlib::Deflate.deflate(STDIN.read)" \
| base64 -w 0)"
fi
# Send message
# todo if mon_key is not empty do message encryption
payload_b64="$(echo $msg_payload | \
ruby -e "require 'zlib'; puts Zlib::Deflate.deflate(STDIN.read)" | \
base64 -w 0)"
echo "$msg_type $msg_result $msg_oid $payload_b64" |
nc -u -w1 $mon_address $mon_port
}