• Andrea Spadaccini's avatar
    Implementation of TLS-protected SPICE connections · b6267745
    Andrea Spadaccini authored
    
    
    Added support for TLS-protected SPICE connections:
    
    client/gnt_cluster.py, cli.py:
    * added three new parameters to renew-crypto (--new-spice-certificate,
      --spice-certificate, --spice-ca-certificate) and their validation.
    
    utils/x509.py:
    * changed GenerateSelfSignedSslCert so that now also returns the
      generated key and certificate;
    * added missing return value in the docstring of
      GenerateSelfSignedX509Cert.
    
    lib/bootstrap.py:
    * changed the signatures of the relevant functions and implemented
      certificates generation/writing.
    
    tools/cfupgrade:
    * changed GenerateClusterCrypto invocation to reflect the new signature;
    * added SPICE certificate names.
    
    lib/errors.py:
    * added the X509CertError class.
    
    lib/hypervisor/hv_kvm.py:
    * silenced pylint warning R0915
    Signed-off-by: default avatarAndrea Spadaccini <spadaccio@google.com>
    Reviewed-by: default avatarMichael Hanselmann <hansmi@google.com>
    b6267745
bootstrap.py 29.9 KB