[49/50] git commit: updated refs/heads/feature/systemvm-persistent-config to 921f6e2

Mon, 16 Feb 2015 08:49:01 -0800 

No hardcoded passwords.
  - If for some reason the cmdLine json doesn't contain the password key, which 
is almost impossible to happen,
    we generate a password based on other unique data per VPC


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/4a012dd3
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/4a012dd3
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/4a012dd3

Branch: refs/heads/feature/systemvm-persistent-config
Commit: 4a012dd3091a81c1272cafcb7118a84815d77805
Parents: a4eb234
Author: wilderrodrigues <[email protected]>
Authored: Tue Feb 10 19:30:45 2015 +0100
Committer: wilderrodrigues <[email protected]>
Committed: Tue Feb 10 19:30:45 2015 +0100

----------------------------------------------------------------------
 .../debian/config/opt/cloud/bin/cs/CsDatabag.py        | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4a012dd3/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py 
b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
index d58a642..b2e559d 100644
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
@@ -15,6 +15,7 @@
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
+import hashlib
 from merge import DataBag
 
 
@@ -131,4 +132,14 @@ class CsCmdLine(CsDataBag):
     def get_router_password(self):
         if "router_password" in self.idata():
             return self.idata()['router_password']
-        return "k3ep@liv3D"
+        
+        '''
+        Generate a password based on the router id just to avoid hard-coded 
passwd.
+        Remark: if for some reason 1 router gets configured, the other one 
will have a different password.
+        This is slightly difficult to happen, but if it does, destroy the 
router with the password generated with the
+        code below and restart the VPC with out the clean up option.
+        '''
+        passwd = "%s-%s" % (self.get_vpccidr, self.get_router_id())
+        md5 = hashlib.md5()
+        md5.update(passwd)
+        return md5.hexdigest()

Reply via email to