Implementation of TLS-protected SPICE connections
Added support for TLS-protected SPICE connections: client/gnt_cluster.py, cli.py: * added three new parameters to renew-crypto (--new-spice-certificate, --spice-certificate, --spice-ca-certificate) and their validation. utils/x509.py: * changed GenerateSelfSignedSslCert so that now also returns the generated key and certificate; * added missing return value in the docstring of GenerateSelfSignedX509Cert. lib/bootstrap.py: * changed the signatures of the relevant functions and implemented certificates generation/writing. tools/cfupgrade: * changed GenerateClusterCrypto invocation to reflect the new signature; * added SPICE certificate names. lib/errors.py: * added the X509CertError class. lib/hypervisor/hv_kvm.py: * silenced pylint warning R0915 Signed-off-by:Andrea Spadaccini <spadaccio@google.com> Reviewed-by:
Michael Hanselmann <hansmi@google.com>
Showing
- lib/bootstrap.py 43 additions, 3 deletionslib/bootstrap.py
- lib/cli.py 18 additions, 0 deletionslib/cli.py
- lib/client/gnt_cluster.py 78 additions, 24 deletionslib/client/gnt_cluster.py
- lib/errors.py 8 additions, 0 deletionslib/errors.py
- lib/hypervisor/hv_kvm.py 1 addition, 1 deletionlib/hypervisor/hv_kvm.py
- lib/utils/x509.py 5 additions, 0 deletionslib/utils/x509.py
- tools/cfgupgrade 9 additions, 5 deletionstools/cfgupgrade
Loading
Please register or sign in to comment