[lxc-devel] [lxd/master] Bugfixes

stgraber on Github lxc-bot at linuxcontainers.org
Tue Jun 28 15:00:55 UTC 2016 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160628/fd761307/attachment.bin>
-------------- next part --------------
From a733a77580f9c3e677c85dc51f05c8e5af1b5a80 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 28 Jun 2016 10:59:26 -0400
Subject: [PATCH 1/2] Use the daemon provided fingerprint on image copy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fallback on client provided fingerprint if no daemon provided
fingerprint can be found in operation metadata.

Closes #2162

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 client.go | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/client.go b/client.go
index 1950fe3..3567127 100644
--- a/client.go
+++ b/client.go
@@ -710,6 +710,8 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
 		go dest.Monitor([]string{"operation"}, handler)
 	}
 
+	fingerprint := info.Fingerprint
+
 	for _, addr := range addresses {
 		sourceUrl := "https://" + addr
 
@@ -723,11 +725,18 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
 
 		operation = resp.Operation
 
-		err = dest.WaitForSuccess(resp.Operation)
+		op, err := dest.WaitForSuccessOp(resp.Operation)
 		if err != nil {
 			return err
 		}
 
+		if op.Metadata != nil {
+			value, err := op.Metadata.GetString("fingerprint")
+			if err == nil {
+				fingerprint = value
+			}
+		}
+
 		break
 	}
 
@@ -739,7 +748,7 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
 	if copy_aliases {
 		for _, alias := range info.Aliases {
 			dest.DeleteAlias(alias.Name)
-			err = dest.PostAlias(alias.Name, alias.Description, info.Fingerprint)
+			err = dest.PostAlias(alias.Name, alias.Description, fingerprint)
 			if err != nil {
 				return fmt.Errorf("Error adding alias %s: %s", alias.Name, err)
 			}
@@ -749,7 +758,7 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
 	/* add new aliases */
 	for _, alias := range aliases {
 		dest.DeleteAlias(alias)
-		err = dest.PostAlias(alias, alias, info.Fingerprint)
+		err = dest.PostAlias(alias, alias, fingerprint)
 		if err != nil {
 			return fmt.Errorf("Error adding alias %s: %s\n", alias, err)
 		}
@@ -1864,6 +1873,19 @@ func (c *Client) WaitForSuccess(waitURL string) error {
 	return fmt.Errorf(op.Err)
 }
 
+func (c *Client) WaitForSuccessOp(waitURL string) (*shared.Operation, error) {
+	op, err := c.WaitFor(waitURL)
+	if err != nil {
+		return nil, err
+	}
+
+	if op.StatusCode == shared.Success {
+		return op, nil
+	}
+
+	return op, fmt.Errorf(op.Err)
+}
+
 func (c *Client) RestoreSnapshot(container string, snapshotName string, stateful bool) (*Response, error) {
 	if c.Remote.Public {
 		return nil, fmt.Errorf("This function isn't supported by public remotes.")

From fcd0f83452184ef0a3edf9752b110ae137c5dd27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 27 Jun 2016 19:16:38 -0400
Subject: [PATCH 2/2] doc: Fix certificates json examples
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 doc/rest-api.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/rest-api.md b/doc/rest-api.md
index 3db16a2..4c1b10c 100644
--- a/doc/rest-api.md
+++ b/doc/rest-api.md
@@ -310,7 +310,7 @@ Input:
     {
         "type": "client",                       # Certificate type (keyring), currently only client
         "certificate": "PEM certificate",       # If provided, a valid x509 certificate. If not, the client certificate of the connection will be used
-        "name": "foo"                           # An optional name for the certificate. If nothing is provided, the host in the TLS header for the request is used.
+        "name": "foo",                          # An optional name for the certificate. If nothing is provided, the host in the TLS header for the request is used.
         "password": "server-trust-password"     # The trust password for that server (only required if untrusted)
     }
 
@@ -325,7 +325,8 @@ Output:
 
     {
         "type": "client",
-        "certificate": "PEM certificate"
+        "certificate": "PEM certificate",
+        "name": "foo",
         "fingerprint": "SHA256 Hash of the raw certificate"
     }

More information about the lxc-devel mailing list