4:44 p.m.
Here is the updated patch, with usage notes added. Let me know if this is
the acceptable format.
From 1c8a61d19baf046d32e1216f731958ddb96b89d6 Mon Sep 17 00:00:00 2001
From: Dave Heller <hellerda(a)us.ibm.com>
Date: Thu, 22 Mar 2012 17:17:04 -0400
Subject: [PATCH] Updates to indication_tester.py
---
.../libvirt-cim/lib/XenKvmLib/indication_tester.py | 901
+++++++++++++-------
1 files changed, 611 insertions(+), 290 deletions(-)
diff --git a/suites/libvirt-cim/lib/XenKvmLib/indication_tester.py
b/suites/libvirt-cim/lib/XenKvmLib/indication_tester.py
index f6cbcf0..5d708d9 100644
--- a/suites/libvirt-cim/lib/XenKvmLib/indication_tester.py
+++ b/suites/libvirt-cim/lib/XenKvmLib/indication_tester.py
@@ -1,279 +1,411 @@
#!/usr/bin/python
-# Copyright IBM Corp. 2007
+# Copyright IBM Corp. 2007-2012
#
# indication_tester.py - Tool for testing indication subscription and
# delivery against a CIMOM
# Author: Dan Smith <danms(a)us.ibm.com>
+# SSL support added by Dave Heller <hellerda(a)us.ibm.com>
+#
+# This file is both a module of the cimtest "libvirt-cim" suite and a
standalone
+# program for indication testing. The following notes describe the usage
of the
+# standalone program.
+#
+# USAGE:
+#
+# Use the -h or --help option to see the complete list of command line
options.
+#
+# Although the script supports http or https indications to the handler
+# Destination, it currently does not support https connections to the
CIMOM.
+# All communication to the CIMOM is over http, so the CIMOM must have a
http
+# port open for the script to work.
+#
+# Note there is some inconsistency between the --url option (CIMOM URL) and
the
+# --dest option (handler Destination URL). The --dest option is a true URL
in
+# which you may specify scheme (http or https), user and password, in
addition
+# to server and port. The --url option accepts only server and port. Use
the
+# --user and --pass options to specify CIMOM credentials.
+#
+# Use the --interop option to override the default interop namespace
+# (root/interop). You may specify the full namespace name (with '/') or an
+# abbreviated name (no '/'). In the latter case, the script will prepend
+# "root/" to the name. (Example: --interop PG_InterOp)
+#
+# Use the --ns option to override the indication namespace (which by
default is
+# the same as the interop namespace). Note this option currently does not
+# support abbreviations; you must specify the full namespace name.
+#
+# Use the --print-ind option to see responses from the CIMOM. Use the
--verbose
+# option to see additional debug info such as details of the CIMOM SSL
+# certificates when https indications are received.
+#
+# Use --certFile and --keyFile to specify the indications receiver's (i.e.
+# the script's) SSL certificate and key in PEM format. If --keyFile is not
+# provided, the --certFile must contain the key.
+#
+# Use --trustStore to specify CA certificate(s) to be used to verify the
CIMOM's
+# certificate, or use --noverify to skip this verification.
+#
+# Use --trigger to cause the CIMOM to send a test indication. Currently
this
+# feature only supports the SFCB Test_Indication provider. (Build SFCB
with
+# "configure --enable-tests" before running "make".) Otherwise, the
indication
+# must be triggered through some independent method.
+#
+# EXAMPLES:
+#
+# Start a listener for indication class "Test_Indication" using all default
+# values. The CIMOM and the listener are both running on localhost; the
interop
+# and indication namespaces are both: root/interop:
+#
+# $ indication_tester.py Test_Indication
+#
+# Start a listener for class "CIM_Alerts" in root/mynamespace using the
+# OpenPegasus CIMOM:
+#
+# $ indication_tester.py --interop PG_InterOp --ns root/mynamespace
CIM_Alerts
+#
+# Start a listener on the local host but register the subscription to a
CIMOM on
+# a remote host. Note the handler Destination must point to the local host
in a
+# manner that is resolvable to the CIMOM:
+#
+# $ indication_tester.py --url remotesys.mydomain.com:5988 --dest \
+# http://localsys.mydomain.com:8000 Test_Indication
+#
+# Start a listener to receive an indication via https, do not verify the
CIMOM
+# certificate:
+#
+# $ indication_tester.py --noverify --certFile mycert.pem --keyFile
mykey.pem \
+# Test_Indication
+#
+# Same as above but additionally verify the CIMOM cert against known CA
certs:
+#
+# $ indication_tester.py --trustStore CAcerts.pem --certFile mycert.pem
+# --keyFile mykey.pem Test_Indication
+#
+# Trigger an indication using the SFCB Test_Indication provider. Note this
is a
+# *separate invocation* of the script, independent of the listener
(presumably
+# already started per the examples above). In trigger mode, the script
sends
+# the appropriate method call to the CIMOM and exits. If successful, the
+# indication will be received at the listener:
+#
+# $ indication_tester.py --trigger
+#
+# Same as above but the CIMOM is running on a remote system:
+#
+# $ indication_tester.py --url remotesys:5988 --trigger
import sys
from optparse import OptionParser
-import BaseHTTPServer
+from urlparse import urlparse, urlunparse
+from xml.dom.minidom import parse, parseString
import httplib
import base64
-from xml.dom.minidom import parse, parseString
+import errno, os, re
+import socket
+from SocketServer import BaseServer
+from SimpleHTTPServer import SimpleHTTPRequestHandler
+from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer
+from OpenSSL import SSL
-def filter_xml(name, type, ns, sysname):
+def filter_xml(name, type, ns, sysname, interopNS):
return """
- <?xml version="1.0" encoding="utf-8"?>
- <CIM CIMVERSION="2.0" DTDVERSION="2.0">
- <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
- <SIMPLEREQ>
- <IMETHODCALL NAME="CreateInstance">
- <LOCALNAMESPACEPATH>
- <NAMESPACE NAME="root"/>
- <NAMESPACE NAME="PG_InterOp"/>
- </LOCALNAMESPACEPATH>
- <IPARAMVALUE NAME="NewInstance">
+ <?xml version="1.0" encoding="utf-8"?>
+ <CIM CIMVERSION="2.0" DTDVERSION="2.0">
+ <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
+ <SIMPLEREQ>
+ <IMETHODCALL NAME="CreateInstance">
+ <LOCALNAMESPACEPATH>
+ <NAMESPACE NAME="%s"/>
+ <NAMESPACE NAME="%s"/>
+ </LOCALNAMESPACEPATH>
+ <IPARAMVALUE NAME="NewInstance">
<INSTANCE CLASSNAME="CIM_IndicationFilter">
- <PROPERTY NAME="SystemCreationClassName"
TYPE="string">
- <VALUE>CIM_ComputerSystem</VALUE>
- </PROPERTY>
- <PROPERTY NAME="SystemName" TYPE="string">
- <VALUE>%s</VALUE>
- </PROPERTY>
- <PROPERTY NAME="CreationClassName"
TYPE="string">
- <VALUE>CIM_IndicationFilter</VALUE>
- </PROPERTY>
- <PROPERTY NAME="Name" TYPE="string">
- <VALUE>%sFilter</VALUE>
- </PROPERTY>
- <PROPERTY NAME="Query" TYPE="string">
- <VALUE> SELECT * FROM %s
- </VALUE>
- </PROPERTY>
- <PROPERTY NAME="QueryLanguage" TYPE="string">
- <VALUE>WQL</VALUE>
- </PROPERTY>
- <PROPERTY NAME="SourceNamespace" TYPE="string">
- <VALUE>%s</VALUE>
- </PROPERTY>
- </INSTANCE>
- </IPARAMVALUE>
- </IMETHODCALL>
- </SIMPLEREQ>
- </MESSAGE>
+ <PROPERTY NAME="SystemCreationClassName"
TYPE="string">
+ <VALUE>CIM_ComputerSystem</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="SystemName" TYPE="string">
+ <VALUE>%s</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="CreationClassName"
TYPE="string">
+ <VALUE>CIM_IndicationFilter</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="Name" TYPE="string">
+ <VALUE>%sFilter</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="Query" TYPE="string">
+ <VALUE> SELECT * FROM %s
+ </VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="QueryLanguage" TYPE="string">
+ <VALUE>WQL</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="SourceNamespace"
TYPE="string">
+ <VALUE>%s</VALUE>
+ </PROPERTY>
+ </INSTANCE>
+ </IPARAMVALUE>
+ </IMETHODCALL>
+ </SIMPLEREQ>
+ </MESSAGE>
</CIM>
- """ % (sysname, name, type, ns)
+ """ % (interopNS[0], interopNS[1], sysname, name, type, ns)
-def handler_xml(name, port, sysname):
+def handler_xml(name, destUrl, sysname, interopNS):
return """
- <?xml version="1.0" encoding="utf-8"?>
- <CIM CIMVERSION="2.0" DTDVERSION="2.0">
- <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
- <SIMPLEREQ>
- <IMETHODCALL NAME="CreateInstance">
- <LOCALNAMESPACEPATH>
- <NAMESPACE NAME="root"/>
- <NAMESPACE NAME="PG_InterOp"/>
- </LOCALNAMESPACEPATH>
- <IPARAMVALUE NAME="NewInstance">
- <INSTANCE CLASSNAME="CIM_IndicationHandlerCIMXML">
- <PROPERTY NAME="SystemCreationClassName"
TYPE="string">
- <VALUE>CIM_ComputerSystem</VALUE>
- </PROPERTY>
- <PROPERTY NAME="SystemName" TYPE="string">
- <VALUE>%s</VALUE>
- </PROPERTY>
- <PROPERTY NAME="CreationClassName"
TYPE="string">
- <VALUE>CIM_IndicationHandlerCIMXML</VALUE>
- </PROPERTY>
- <PROPERTY NAME="Name" TYPE="string">
- <VALUE>%sHandler</VALUE>
- </PROPERTY>
- <PROPERTY NAME="Destination" TYPE="string">
- <VALUE>http://localhost:%i</VALUE>
- </PROPERTY>
- </INSTANCE>
- </IPARAMVALUE>
- </IMETHODCALL>
- </SIMPLEREQ>
- </MESSAGE>
+ <?xml version="1.0" encoding="utf-8"?>
+ <CIM CIMVERSION="2.0" DTDVERSION="2.0">
+ <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
+ <SIMPLEREQ>
+ <IMETHODCALL NAME="CreateInstance">
+ <LOCALNAMESPACEPATH>
+ <NAMESPACE NAME="%s"/>
+ <NAMESPACE NAME="%s"/>
+ </LOCALNAMESPACEPATH>
+ <IPARAMVALUE NAME="NewInstance">
+ <INSTANCE CLASSNAME="CIM_IndicationHandlerCIMXML">
+ <PROPERTY NAME="SystemCreationClassName"
TYPE="string">
+ <VALUE>CIM_ComputerSystem</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="SystemName" TYPE="string">
+ <VALUE>%s</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="CreationClassName"
TYPE="string">
+ <VALUE>CIM_IndicationHandlerCIMXML</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="Name" TYPE="string">
+ <VALUE>%sHandler</VALUE>
+ </PROPERTY>
+ <PROPERTY NAME="Destination" TYPE="string">
+ <VALUE>%s</VALUE>
+ </PROPERTY>
+ </INSTANCE>
+ </IPARAMVALUE>
+ </IMETHODCALL>
+ </SIMPLEREQ>
+ </MESSAGE>
</CIM>
- """ % (sysname, name, port)
+ """ % (interopNS[0], interopNS[1], sysname, name, destUrl)
-def subscription_xml(name, sysname):
+def subscription_xml(name, sysname, interopNS):
return """
- <?xml version="1.0" encoding="utf-8"?>
- <CIM CIMVERSION="2.0" DTDVERSION="2.0">
- <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
- <SIMPLEREQ>
- <IMETHODCALL NAME="CreateInstance">
- <LOCALNAMESPACEPATH>
- <NAMESPACE NAME="root"/>
- <NAMESPACE NAME="PG_InterOp"/>
- </LOCALNAMESPACEPATH>
- <IPARAMVALUE NAME="NewInstance">
- <INSTANCE CLASSNAME="CIM_IndicationSubscription">
- <PROPERTY.REFERENCE NAME="Filter"
- REFERENCECLASS="CIM_IndicationFilter">
- <VALUE.REFERENCE>
- <INSTANCENAME CLASSNAME="CIM_IndicationFilter">
- <KEYBINDING NAME="SystemCreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_ComputerSystem
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="SystemName">
- <KEYVALUE VALUETYPE="string">
- %s
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="CreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_IndicationFilter
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="Name">
- <KEYVALUE VALUETYPE="string">
- %sFilter
- </KEYVALUE>
- </KEYBINDING>
- </INSTANCENAME>
- </VALUE.REFERENCE>
- </PROPERTY.REFERENCE>
- <PROPERTY.REFERENCE NAME="Handler"
- REFERENCECLASS="CIM_IndicationHandler">
- <VALUE.REFERENCE>
- <INSTANCENAME
CLASSNAME="CIM_IndicationHandlerCIMXML">
- <KEYBINDING NAME="SystemCreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_ComputerSystem
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="SystemName">
- <KEYVALUE VALUETYPE="string">
+ <?xml version="1.0" encoding="utf-8"?>
+ <CIM CIMVERSION="2.0" DTDVERSION="2.0">
+ <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
+ <SIMPLEREQ>
+ <IMETHODCALL NAME="CreateInstance">
+ <LOCALNAMESPACEPATH>
+ <NAMESPACE NAME="%s"/>
+ <NAMESPACE NAME="%s"/>
+ </LOCALNAMESPACEPATH>
+ <IPARAMVALUE NAME="NewInstance">
+ <INSTANCE CLASSNAME="CIM_IndicationSubscription">
+ <PROPERTY.REFERENCE NAME="Filter"
+ REFERENCECLASS="CIM_IndicationFilter">
+ <VALUE.REFERENCE>
+ <INSTANCENAME CLASSNAME="CIM_IndicationFilter">
+ <KEYBINDING NAME="SystemCreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_ComputerSystem
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="SystemName">
+ <KEYVALUE VALUETYPE="string">
+ %s
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="CreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_IndicationFilter
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="Name">
+ <KEYVALUE VALUETYPE="string">
+ %sFilter
+ </KEYVALUE>
+ </KEYBINDING>
+ </INSTANCENAME>
+ </VALUE.REFERENCE>
+ </PROPERTY.REFERENCE>
+ <PROPERTY.REFERENCE NAME="Handler"
+ REFERENCECLASS="CIM_IndicationHandler">
+ <VALUE.REFERENCE>
+ <INSTANCENAME
CLASSNAME="CIM_IndicationHandlerCIMXML">
+ <KEYBINDING NAME="SystemCreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_ComputerSystem
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="SystemName">
+ <KEYVALUE VALUETYPE="string">
%s
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="CreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_IndicationHandlerCIMXML
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="Name">
- <KEYVALUE VALUETYPE="string">
- %sHandler
- </KEYVALUE>
- </KEYBINDING>
- </INSTANCENAME>
- </VALUE.REFERENCE>
- </PROPERTY.REFERENCE>
- <PROPERTY NAME="SubscriptionState"
TYPE="uint16">
- <VALUE> 2 </VALUE>
- </PROPERTY>
- </INSTANCE>
- </IPARAMVALUE>
- </IMETHODCALL>
- </SIMPLEREQ>
- </MESSAGE>
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="CreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_IndicationHandlerCIMXML
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="Name">
+ <KEYVALUE VALUETYPE="string">
+ %sHandler
+ </KEYVALUE>
+ </KEYBINDING>
+ </INSTANCENAME>
+ </VALUE.REFERENCE>
+ </PROPERTY.REFERENCE>
+ <PROPERTY NAME="SubscriptionState"
TYPE="uint16">
+ <VALUE> 2 </VALUE>
+ </PROPERTY>
+ </INSTANCE>
+ </IPARAMVALUE>
+ </IMETHODCALL>
+ </SIMPLEREQ>
+ </MESSAGE>
</CIM>
- """ % (sysname, name, sysname, name)
+ """ % (interopNS[0], interopNS[1], sysname, name, sysname, name)
-def delete_inst_xml(name, type, sysname, inst_name):
+def delete_inst_xml(name, type, sysname, inst_name, interopNS):
return """
- <?xml version="1.0" encoding="utf-8"?>
- <CIM CIMVERSION="2.0" DTDVERSION="2.0">
- <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
- <SIMPLEREQ>
- <IMETHODCALL NAME="DeleteInstance">
- <LOCALNAMESPACEPATH>
- <NAMESPACE NAME="root"/>
- <NAMESPACE NAME="PG_InterOp"/>
- </LOCALNAMESPACEPATH>
- <IPARAMVALUE NAME="InstanceName">
- <INSTANCENAME CLASSNAME="CIM_Indication%s">
- <KEYBINDING NAME="SystemCreationClassName">
- <KEYVALUE>CIM_ComputerSystem</KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="SystemName">
- <KEYVALUE>%s</KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="CreationClassName">
- <KEYVALUE>CIM_Indication%s</KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="Name">
- <KEYVALUE>%s</KEYVALUE>
- </KEYBINDING>
- </INSTANCENAME>
- </IPARAMVALUE>
- </IMETHODCALL>
- </SIMPLEREQ>
- </MESSAGE>
+ <?xml version="1.0" encoding="utf-8"?>
+ <CIM CIMVERSION="2.0" DTDVERSION="2.0">
+ <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
+ <SIMPLEREQ>
+ <IMETHODCALL NAME="DeleteInstance">
+ <LOCALNAMESPACEPATH>
+ <NAMESPACE NAME="%s"/>
+ <NAMESPACE NAME="%s"/>
+ </LOCALNAMESPACEPATH>
+ <IPARAMVALUE NAME="InstanceName">
+ <INSTANCENAME CLASSNAME="CIM_Indication%s">
+ <KEYBINDING NAME="SystemCreationClassName">
+ <KEYVALUE>CIM_ComputerSystem</KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="SystemName">
+ <KEYVALUE>%s</KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="CreationClassName">
+ <KEYVALUE>CIM_Indication%s</KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="Name">
+ <KEYVALUE>%s</KEYVALUE>
+ </KEYBINDING>
+ </INSTANCENAME>
+ </IPARAMVALUE>
+ </IMETHODCALL>
+ </SIMPLEREQ>
+ </MESSAGE>
</CIM>;
- """ % (type, sysname, type, inst_name);
+ """ % (interopNS[0], interopNS[1], type, sysname, type, inst_name);
-def delete_sub_xml(name, sysname):
+def delete_sub_xml(name, sysname, interopNS):
return """
- <?xml version="1.0" encoding="utf-8"?>
- <CIM CIMVERSION="2.0" DTDVERSION="2.0">
- <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
- <SIMPLEREQ>
- <IMETHODCALL NAME="DeleteInstance">
- <LOCALNAMESPACEPATH>
- <NAMESPACE NAME="root"/>
- <NAMESPACE NAME="PG_InterOp"/>
- </LOCALNAMESPACEPATH>
- <IPARAMVALUE NAME="InstanceName">
- <INSTANCENAME CLASSNAME="CIM_IndicationSubscription">
- <KEYBINDING NAME="Filter">
- <VALUE.REFERENCE>
- <INSTANCENAME CLASSNAME="CIM_IndicationFilter">
- <KEYBINDING NAME="SystemCreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_ComputerSystem
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="SystemName">
- <KEYVALUE VALUETYPE="string">
+ <?xml version="1.0" encoding="utf-8"?>
+ <CIM CIMVERSION="2.0" DTDVERSION="2.0">
+ <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
+ <SIMPLEREQ>
+ <IMETHODCALL NAME="DeleteInstance">
+ <LOCALNAMESPACEPATH>
+ <NAMESPACE NAME="%s"/>
+ <NAMESPACE NAME="%s"/>
+ </LOCALNAMESPACEPATH>
+ <IPARAMVALUE NAME="InstanceName">
+ <INSTANCENAME CLASSNAME="CIM_IndicationSubscription">
+ <KEYBINDING NAME="Filter">
+ <VALUE.REFERENCE>
+ <INSTANCENAME CLASSNAME="CIM_IndicationFilter">
+ <KEYBINDING NAME="SystemCreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_ComputerSystem
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="SystemName">
+ <KEYVALUE VALUETYPE="string">
%s
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="CreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_IndicationFilter
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="Name">
- <KEYVALUE VALUETYPE="string">
- %sFilter
- </KEYVALUE>
- </KEYBINDING>
- </INSTANCENAME>
- </VALUE.REFERENCE>
- </KEYBINDING>
- <KEYBINDING NAME="Handler">
- <VALUE.REFERENCE>
- <INSTANCENAME
CLASSNAME="CIM_IndicationHandlerCIMXML">
- <KEYBINDING NAME="SystemCreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_ComputerSystem
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="SystemName">
- <KEYVALUE VALUETYPE="string">
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="CreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_IndicationFilter
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="Name">
+ <KEYVALUE VALUETYPE="string">
+ %sFilter
+ </KEYVALUE>
+ </KEYBINDING>
+ </INSTANCENAME>
+ </VALUE.REFERENCE>
+ </KEYBINDING>
+ <KEYBINDING NAME="Handler">
+ <VALUE.REFERENCE>
+ <INSTANCENAME
CLASSNAME="CIM_IndicationHandlerCIMXML">
+ <KEYBINDING NAME="SystemCreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_ComputerSystem
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="SystemName">
+ <KEYVALUE VALUETYPE="string">
%s
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="CreationClassName">
- <KEYVALUE VALUETYPE="string">
- CIM_IndicationHandlerCIMXML
- </KEYVALUE>
- </KEYBINDING>
- <KEYBINDING NAME="Name">
- <KEYVALUE VALUETYPE="string">
- %sHandler
- </KEYVALUE>
- </KEYBINDING>
- </INSTANCENAME>
- </VALUE.REFERENCE>
- </KEYBINDING>
- </INSTANCENAME>
- </IPARAMVALUE>
- </IMETHODCALL>
- </SIMPLEREQ>
- </MESSAGE>
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="CreationClassName">
+ <KEYVALUE VALUETYPE="string">
+ CIM_IndicationHandlerCIMXML
+ </KEYVALUE>
+ </KEYBINDING>
+ <KEYBINDING NAME="Name">
+ <KEYVALUE VALUETYPE="string">
+ %sHandler
+ </KEYVALUE>
+ </KEYBINDING>
+ </INSTANCENAME>
+ </VALUE.REFERENCE>
+ </KEYBINDING>
+ </INSTANCENAME>
+ </IPARAMVALUE>
+ </IMETHODCALL>
+ </SIMPLEREQ>
+ </MESSAGE>
</CIM>;
- """ % (sysname, name, sysname, name)
+ """ % (interopNS[0], interopNS[1], sysname, name, sysname, name)
+
+def trigger_xml(type, interopNS):
+ return """
+ <?xml version="1.0" encoding="utf-8"?>
+ <CIM CIMVERSION="2.0" DTDVERSION="2.0">
+ <MESSAGE ID="4711" PROTOCOLVERSION="1.0">
+ <SIMPLEREQ>
+ <METHODCALL NAME="SendTestIndication">
+ <LOCALCLASSPATH>
+ <LOCALNAMESPACEPATH>
+ <NAMESPACE NAME="%s"/>
+ <NAMESPACE NAME="%s"/>
+ </LOCALNAMESPACEPATH>
+ <CLASSNAME NAME="%s"/>
+ </LOCALCLASSPATH>
+ </METHODCALL>
+ </SIMPLEREQ>
+ </MESSAGE>
+ </CIM>
+ """ % (interopNS[0], interopNS[1], type)
+ # FIXME: this should really use indication NS, not interop NS.
+
+def update_url_port(parsedUrl, port):
+ # Must manually reconstruct netloc to update the port value.
+ if isinstance(parsedUrl.username, basestring):
+ if isinstance(parsedUrl.password, basestring):
+ netloc = "%s:%s@%s:%s" % (parsedUrl.username, parsedUrl.password,
+ parsedUrl.hostname, port)
+ else:
+ netloc = "%s@%s:%s" % (parsedUrl.username,
+ parsedUrl.hostname, port)
+ else:
+ netloc = "%s:%s" % (parsedUrl.hostname, port)
+
+ # Reassemble url with the updated netloc. return a string.
+ return urlunparse((parsedUrl.scheme, netloc,
+ parsedUrl.path, parsedUrl.params,
+ parsedUrl.query, parsedUrl.fragment))
class CIMIndication:
def __init__(self, xmldata):
@@ -286,50 +418,135 @@ class CIMIndication:
def __str__(self):
return self.name
-class CIMSocketHandler(BaseHTTPServer.BaseHTTPRequestHandler):
+def socket_handler_wrapper(*parms):
+ try:
+ CIMSocketHandler(*parms)
+ except Exception as e:
+ print "SSL error: %s" % str(e)
+
+class CIMSocketHandler(SimpleHTTPRequestHandler):
+ def setup(self):
+ self.connection = self.request
+ self.rfile = socket._fileobject(self.request, "rb", self.rbufsize)
+ self.wfile = socket._fileobject(self.request, "wb", self.wbufsize)
+
def do_POST(self):
length = self.headers.getheader('content-length')
data = self.rfile.read(int(length))
indication = CIMIndication(data)
- print "Got indication: %s" % indication
+ print "Got indication: %s from %s" % (indication,
self.client_address)
if self.server.print_ind:
- print "%s\n\n" % data
+ print "%s\n" % data
self.server.indications.append(indication)
+ # Silence the unwanted log output from send_response()
+ realStderr = sys.stderr
+ sys.stderr = open(os.devnull,'a')
+ self.send_response(200)
+ sys.stderr = realStderr
+
+class SecureHTTPServer(HTTPServer):
+ def __init__(self, server_address, HandlerClass):
+ BaseServer.__init__(self, server_address, HandlerClass)
+
+ def verify_cb(conn, cert, errnum, depth, ok):
+ if options.verbose:
+ print('Verify peer certificate chain: level %d:' % depth)
+ print('subject=%s' % cert.get_subject())
+ print('issuer =%s' % cert.get_issuer())
+ return ok
+
+ ctx = SSL.Context(SSL.SSLv23_METHOD)
+ #ctx.use_certificate_file(options.certFile)
+ ctx.use_certificate_chain_file(options.certFile)
+ ctx.use_privatekey_file(options.keyFile)
+ if options.noverify:
+ ctx.set_verify(SSL.VERIFY_NONE, verify_cb)
+ else:
+ #ctx.set_verify(SSL.VERIFY_PEER, verify_cb)
+ ctx.set_verify(SSL.VERIFY_PEER|SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_cb)
+ ctx.load_verify_locations(options.trustStore)
+
+ self.socket = SSL.Connection(ctx,
socket.socket(self.address_family,
+ self.socket_type))
+ self.server_bind()
+ self.server_activate()
+
+# The param defaults allow new options from main() w/o losing compat w/
cimtest.
class CIMIndicationSubscription:
- def __init__(self, name, typ, ns, print_ind, sysname, port=0):
+ def __init__(self, name, typ, ns, print_ind, sysname, port=0,
+ interopNS=('root','PG_InterOp'),
destUrl="http://localhost:8000",
+ triggermode=False):
self.name = name
self.type = typ
self.ns = ns
self.sysname = sysname
+ self.interopNS = interopNS
+ self.print_ind = print_ind
+
+ # We do not want to open a listener socket in trigger mode.
+ if triggermode:
+ self.trigger_xml = trigger_xml(typ, interopNS)
+ return
+
+ parsedUrl = urlparse(destUrl)
+
+ # Increment the listener port by the offset value.
+ if isinstance(parsedUrl.port, int):
+ listenerPort = parsedUrl.port + port
+ else:
+ listenerPort = 8000 + port
+
+ destUrl = update_url_port(parsedUrl, listenerPort)
+
+ try:
+ if parsedUrl.scheme == "http":
+ self.server = HTTPServer((parsedUrl.hostname,
+ listenerPort),
+ CIMSocketHandler)
+ elif parsedUrl.scheme == "https":
+ self.server = SecureHTTPServer((parsedUrl.hostname,
+ listenerPort),
+ socket_handler_wrapper)
+ except IOError as e:
+ print "Error creating listener socket: %s" % str(e)
+ exit(e.errno)
- self.port = 8000 + port
- self.server = BaseHTTPServer.HTTPServer(('', self.port),
- CIMSocketHandler)
self.server.print_ind = print_ind
self.server.indications = []
- self.filter_xml = filter_xml(name, typ, ns, sysname)
- self.handler_xml = handler_xml(name, self.port, sysname)
- self.subscription_xml = subscription_xml(name, sysname)
+ self.filter_xml = filter_xml(name, typ, ns, sysname, interopNS)
+ self.handler_xml = handler_xml(name, destUrl, sysname, interopNS)
+ self.subscription_xml = subscription_xml(name, sysname, interopNS)
def __do_cimpost(self, conn, body, method, auth_hdr=None):
headers = {"CIMOperation" : "MethodCall",
"CIMMethod" : method,
- "CIMObject" : "root/PG_Interop",
+ #"CIMObject" : "root/PG_Interop",
+ "CIMObject" : "%s/%s" % self.interopNS,
"Content-Type" : 'application/xml;
charset="utf-8"'}
-
+
if auth_hdr:
headers["Authorization"] = "Basic %s" % auth_hdr
- conn.request("POST", "/cimom", body, headers)
- resp = conn.getresponse()
- if not resp.getheader("content-length"):
- raise Exception("Request Failed: %d %s" %
- (resp.status, resp.reason))
+ try:
+ conn.request("POST", "/cimom", body, headers)
+ resp = conn.getresponse()
+ if not resp.getheader("content-length"):
+ raise Exception("Request Failed: %d %s" %
+ (resp.status, resp.reason))
+ except IOError as e:
+ print "Error connecting to CIMOM: %s" % str(e)
+ exit(e.errno)
- resp.read()
+ if self.print_ind:
+ print "=== Reply from CIMOM ==="
+ #print resp.msg
+ print resp.read()
+ else:
+ resp.read()
def subscribe(self, url, cred=None):
self.conn = httplib.HTTPConnection(url)
@@ -346,33 +563,52 @@ class CIMIndicationSubscription:
self.__do_cimpost(self.conn, self.subscription_xml,
"CreateInstance", auth_hdr)
- def unsubscribe(self, cred=None):
+ # Note, param order is different here to maintain compat with cimtest.
+ # Better way would be to update cimtest 'indications.py' module.
+ def unsubscribe(self, cred=None, url=None):
+ # Without this, can get BadStatusLine exception in SFCB in some
cases.
+ if url:
+ self.conn = httplib.HTTPConnection(url)
+
if cred:
(u, p) = cred
auth_hdr = base64.b64encode("%s:%s" % (u, p))
else:
auth_hdr = None
- xml = delete_sub_xml(self.name, self.sysname)
+ xml = delete_sub_xml(self.name, self.sysname, self.interopNS)
self.__do_cimpost(self.conn, xml,
"DeleteInstance", auth_hdr)
xml = delete_inst_xml(self.name, "HandlerCIMXML", self.sysname,
- "%sHandler" % self.name)
+ "%sHandler" % self.name, self.interopNS)
self.__do_cimpost(self.conn, xml,
"DeleteInstance", auth_hdr)
xml = delete_inst_xml(self.name, "Filter", self.sysname,
- "%sFilter" % self.name)
+ "%sFilter" % self.name, self.interopNS)
self.__do_cimpost(self.conn, xml,
"DeleteInstance", auth_hdr)
-def dump_xml(name, typ, ns, sysname):
- filter_str = filter_xml(name, typ, ns, sysname)
- handler_str = handler_xml(name, 8000, sysname)
- subscript_str = subscription_xml(name, sysname)
- del_filter_str = delete_inst_xml(name, "Filter", sysname,
"%sFilter" %
name)
+ def trigger(self, url, cred=None):
+ self.conn = httplib.HTTPConnection(url)
+ if cred:
+ (u, p) = cred
+ auth_hdr = base64.b64encode("%s:%s" % (u, p))
+ else:
+ auth_hdr = None
+
+ self.__do_cimpost(self.conn, self.trigger_xml,
+ "SendTestIndication", auth_hdr)
+
+def dump_xml(name, typ, ns, sysname, interopNS, destUrl):
+ filter_str = filter_xml(name, typ, ns, sysname, interopNS)
+ handler_str = handler_xml(name, destUrl, sysname, interopNS)
+ subscript_str = subscription_xml(name, sysname, interopNS)
+ del_filter_str = delete_inst_xml(name, "Filter", sysname,
"%sFilter" %
name,
+ interopNS)
del_handler_str = delete_inst_xml(name, "HandlerCIMXML", sysname,
- "%sHandler" % name)
- del_subscript_str = delete_sub_xml(name, sysname)
+ "%sHandler" % name, interopNS)
+ del_subscript_str = delete_sub_xml(name, sysname, interopNS)
+ trigger_str = trigger_xml(typ, interopNS)
print "CreateFilter:\n%s\n" % filter_str
print "DeleteFilter:\n%s\n" % del_filter_str
@@ -380,15 +616,20 @@ def dump_xml(name, typ, ns, sysname):
print "DeleteHandler:\n%s\n" % del_handler_str
print "CreateSubscription:\n%s\n" % subscript_str
print "DeleteSubscription:\n%s\n" % del_subscript_str
-
+ print "Indication trigger:\n%s\n" % trigger_str
+
def main():
usage = "usage: %prog [options] provider\nex: %prog
CIM_InstModification"
parser = OptionParser(usage)
-
+
+ # FIXME: SecureHTTPServer still relies on this, need a better way.
+ global options
+
parser.add_option("-u", "--url", dest="url",
default="localhost:5988",
help="URL of CIMOM to connect to (host:port)")
- parser.add_option("-N", "--ns", dest="ns",
default="root/virt",
- help="Namespace (default is root/virt)")
+ parser.add_option("-N", "--ns", dest="ns",
+ help="Namespace in which the register the indication
\
+ (default is the same value as the interop
namespace)")
parser.add_option("-n", "--name", dest="name",
default="Test",
help="Name for filter, handler, subscription \
(default: Test)")
@@ -398,43 +639,123 @@ def main():
parser.add_option("-p", "--print-ind",
dest="print_ind", default=False,
action="store_true",
help="Print received indications to stdout.")
+ parser.add_option("-v", "--verbose", dest="verbose",
default=False,
+ action="store_true",
+ help="Print additional debug info.")
parser.add_option("-U", "--user", dest="username",
default=None,
- help="HTTP Auth username")
+ help="HTTP Auth username (CIMOM)")
parser.add_option("-P", "--pass", dest="password",
default=None,
- help="HTTP Auth password")
+ help="HTTP Auth password (CIMOM)")
parser.add_option("--port", dest="port", default=0, type=int,
help="Port increment value (server default: 8000)")
+ parser.add_option("--dest", dest="destUrl",
default="localhost:8000",
+ help="URL of destination handler \
+ (default: http://localhost:8000)")
+ parser.add_option("--certFile", dest="certFile", default=None,
+ help="File containing the local certificate to use")
+ parser.add_option("--keyFile", dest="keyFile", default=None,
+ help="File containing private key for local cert \
+ (if none provided, assume key is in the certFile)")
+ parser.add_option("--trustStore", dest="trustStore",
default=None,
+ help="File containing trusted certificates for \
+ remote endpoint verification")
+ parser.add_option("--noverify", dest="noverify", default=False,
+ action="store_true",
+ help="Skip verification of remote endpoint
certificate \
+ for incoming https indications")
+ parser.add_option("-i", "--interop", dest="interop",
+ default="root/interop",
+ help="Interop namespace name (default:
root/interop)")
+ parser.add_option("-t", "--trigger", dest="trigger",
default=False,
+ action="store_true",
+ help="Trigger mode: send a request to CIMOM to
trigger \
+ an indication via a method call ")
(options, args) = parser.parse_args()
- if len(args) == 0:
+ if not options.trigger and len(args)==0:
print "Fatal: no indication type provided."
sys.exit(1)
-
+
if options.username:
auth = (options.username, options.password)
else:
auth = None
-
+
if ":" in options.url:
(sysname, port) = options.url.split(":")
else:
sysname = options.url
-
+
+ if "/" in options.interop:
+ options.interopNS = tuple(options.interop.split("/"))
+ else:
+ options.interopNS = ("root", options.interop)
+
+ # If no value provided for indication NS, default is same as interopNS.
+ if not options.ns:
+ options.ns = "%s/%s" % options.interopNS
+
+ if options.verbose:
+ print "Interop namespace = %s/%s" % options.interopNS
+ print "Indication namespace = %s" % options.ns
+
+ # If url does not begin with http or https, assume http.
+ parsedUrl = urlparse(options.destUrl)
+ if not re.search(parsedUrl.scheme, "https"):
+ destUrl = "http://" + options.destUrl
+ else:
+ destUrl = options.destUrl
+
+ if parsedUrl.scheme == "https":
+ if not options.trustStore and not options.noverify:
+ print "Error: must provide --trustStore or --noverify with
https."
+ sys.exit(1)
+ elif options.trustStore and options.noverify:
+ print "Error: options --trustStore and --noverify are
exclusive."
+ sys.exit(1)
+ if not options.certFile:
+ print "Error: no certificate file provided."
+ sys.exit(1)
+ elif not options.keyFile:
+ print "No keyFile provided; assuming private key \
+ contained in certFile."
+ options.keyFile = options.certFile
+
if options.dump:
- dump_xml(options.name, args[0], options.ns, sysname)
+ if isinstance(parsedUrl.port, int):
+ listenerPort = parsedUrl.port + options.port
+ else:
+ listenerPort = 8000 + options.port
+
+ destUrl = update_url_port(parsedUrl, listenerPort)
+ dump_xml(options.name, args[0], options.ns, sysname,
options.interopNS,
+ destUrl)
+ sys.exit(0)
+
+ # Trigger mode: currently only supports SFCB Test_Indication provider.
+ if options.trigger:
+ classname = "Test_Indication"
+ sub = CIMIndicationSubscription(options.name, classname,
options.ns,
+ options.print_ind, sysname,
options.port,
+ options.interopNS, destUrl, True)
+ print "Triggering indication for %s" % classname
+ sub.trigger(options.url, auth)
sys.exit(0)
sub = CIMIndicationSubscription(options.name, args[0], options.ns,
- options.print_ind, sysname,
options.port)
+ options.print_ind, sysname,
options.port,
+ options.interopNS, destUrl)
+
+ print "Creating subscription for %s" % args[0]
sub.subscribe(options.url, auth)
print "Watching for %s" % args[0]
try:
sub.server.serve_forever()
- except KeyboardInterrupt,e:
- sub.unsubscribe(auth)
+ except KeyboardInterrupt as e:
print "Cancelling subscription for %s" % args[0]
+ sub.unsubscribe(auth, options.url)
if __name__=="__main__":
sys.exit(main())
--
1.7.1
-----Original Message-----
From: libvirt-cim-bounces(a)redhat.com [mailto:libvirt-cim-
bounces(a)redhat.com] On Behalf Of Sharad Mishra
Sent: Tuesday, March 20, 2012 1:37 PM
To: List for discussion and development of libvirt CIM
Subject: Re: [Libvirt-cim] cimtest - add SSL support to
indication_tester.py
On Mon, 2012-03-19 at 19:41 -0400, Dave Heller wrote:
> Hi Sharad,
>
> Actually, I did modify the script in a way that it is still compatible
with
> cimtest (based on tests using ComputerSystemIndication
In that case, I am going to apply your patch and test as update to
existing indication script.
> 01_created_indication). But if you think it makes sense to fork it to a
> standalone script (and rename it), that is fine too.
>
> The usage of the script as I intend is interactive from the command
line. I
> can add some documentation with example commands. Is there a standard
place
> this should go, or should I add a README?
You can add it to the script header itself.
Do you want to send another patch with usage added and "orig" removed
from the file name?
Regards,
Sharad Mishra
>
> Thanks,
> Dave
>
> > -----Original Message-----
> > From: libvirt-cim-bounces(a)redhat.com [mailto:libvirt-cim-
> > bounces(a)redhat.com] On Behalf Of Sharad Mishra
> > Sent: Monday, March 19, 2012 5:40 PM
> > To: List for discussion and development of libvirt CIM
> > Subject: Re: [Libvirt-cim] cimtest - add SSL support to
> > indication_tester.py
> >
> > Dave,
> >
> > I assume that this patch is not going to be applied to the existing
> > indication_tester.py in cimtest. In that case, we can add this
modified
> > indication_tester.py as a new file at the same location as current
> > indication_tester.py. We do need to give this script a new name. This
> > script is currently not used/invoked by any existing cimtests. Do you
> > want to write tests to use this script?
> >
> > Regards
> > Sharad Mishra
> >
> > On Mon, 2012-03-19 at 13:21 -0400, Dave Heller wrote:
> > > In the XenKvmLib directory in cimtest, there is a
"indication_tester.py"
> > > module that is both a command-line program and a component of
cimtest.
> > Here
> > > is a proposed patch that adds new functionality to the cmdline
interface
> > > while preserving compatibility with cimtest.
> > >
> > > The most significant new feature is support for SSL indications.
There
> > is
> > > also a new --trigger mode to generate a test indication using the
SFCB
> > > Test_Indication provider. This allows the script to act as a
completely
> > > stand-alone test tool (for SFCB) without the user having to rely on
the
> > > "xmltest" files and wbemcat.
> > >
> > > Below is a complete list of the new features. I am looking for
feedback
> > and
> > > potentially, the correct process to check into "cimtest".
> > >
> > > Best regards,
> > > Dave Heller
> > >
> > > New features:
> > >
> > > - Supports https indications. Adds new options --certFile and --
keyFile
> > to
> > > specify server certificate and private key for the SSL enabled
> > indication
> > > listener.
> > > - Supports verification of indication sender (i.e. CIMOM) SSL
> > certificate.
> > > New option --trustStore is used to specify the CA certificate file;
> > > alternately the --noverify option may be used to disable peer
> > certificate
> > > checking.
> > > - Adds new option --dest to specify handler destination. This same
URL
> > is
> > > used to register the subscription (at the CIMOM) and start the
> > indication
> > > listener (locally). Via --dest one can specify scheme (http or
https),
> > IP or
> > > hostname, listener port, and optionally userid:password, all in a
single
> > > parameter.
> > > - New option --interop can be used to override the default interop
> > namespace
> > > (i.e root/interop vs. root/PG_InterOp) allowing easy support for
both
> > > openpegasus and sfcb.
> > > - Modifies the default value of existing --ns option (indication
> > namespace);
> > > if not specified the indication namespace will default to the same
value
> > as
> > > the interop namespace.
> > > - New option --verbose can be used to display debugging info, such
as
> > > details (subject, issuer) of the indication sender cert (when peer
> > > verification enabled).
> > > - Improved error handling (i.e. catch exceptions) for the following
> > > operations: starting listener locally, receiving incoming
indications,
> > POST
> > > operations (i.e. subscribe, unsubscribe) to CIMOM.
> > > - New option --trigger can be used to send a request to CIMOM to
trigger
> > an
> > > indication via the SFCB Test_Indication provider.
> > >
> > > Limitations:
> > >
> > > - Not tested on IPv6.
> > > - The --trigger option currently only supports the sfcb
Test_Indication
> > > provider. (It could be made more general by allowing the XML send
to
> > > support an arbitrary namespace, classname and method call. Open to
> > > suggestions here.)
> > >
> > >