2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-25 19:10:10 +00:00

Provide insecure warning

When certificate validation is not occuring in a secure fashion, make
it obvious to user through '(insecure)' flag.  Lay the groundwork for
future update to actually provide a secure attach strategy, once the
firmware is willing.
This commit is contained in:
Jarrod Johnson 2018-01-23 10:23:56 -05:00
parent 37f0345553
commit 56b6babed6
2 changed files with 9 additions and 2 deletions

View File

@ -76,6 +76,8 @@ def list_media(noderange, media):
printerror(res)
for node in res.get('databynode', []):
url = res['databynode'][node]['url']
if url and not res['databynode'][node].get('secure', False):
url += ' (insecure)'
name = res['databynode'][node]['name']
print('{0}: {1}'.format(node, url + '/' + name if url else name))
@ -149,7 +151,7 @@ def main():
'attach will instruct the BMC to connect a remote media to the '
'specified url.\n\ndetachall will remove *ALL* uploaded and '
'attached urls from the BMC\n\nlist shows currently mounted '
'media.\n')
'media.\n\nSee `man %prog` for more info.\n')
(options, args) = argparser.parse_args()
media = None
try:

View File

@ -10,7 +10,12 @@ nodemedia(8) -- Manage server remote media
**nodemedia** manages the remote media functionality of supported BMCs.
`list` shows all the current remote media the BMCs of the noderange are
providing to the host platform.
providing to the host platform. The string (insecure) is appended to URLs that
are mounted in an insecure fashion. http is insecure, and https is also
insecure when no meaningful certificate validation is performed. Currently
there is no action that can change this, and this is purely informational. A
future version of software may provide a means to increase security of attached
remote media.
`detachall` removes all the currently provided media to the host. This unlinks
remote media from urls and deletes uploaded media from the BMC.