Kiu/xenadmin
1
0
Fork 0
mirror of https://github.com/xcp-ng/xenadmin.git synced 2024-12-03 16:41:04 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

CP-36124: Check and enable TLS verification on first connection. Also, PascalCased some methods.

Browse Source 
Signed-off-by: Konstantina Chremmou <konstantina.chremmou@citrix.com>
This commit is contained in:
Konstantina Chremmou 2021-04-13 13:36:30 +01:00
parent a3b4ad0de6
commit f4e17109c8
9 changed files with 454 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
XenAdmin/Commands/EnableTlsVerificationCommand.cs Normal file
View File

@ -0,0 +1,144 @@
/* Copyright (c) Citrix Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms,
* with or without modification, are permitted provided
* that the following conditions are met:
*
* * Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the
* following disclaimer in the documentation and/or other
* materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
using System.Linq;
using System.Windows.Forms;
using XenAdmin.Actions;
using XenAdmin.Core;
using XenAdmin.Dialogs;
using XenAPI;
namespace XenAdmin.Commands
{
class EnableTlsVerificationCommand : Command
{
private readonly bool _confirm = true;
public EnableTlsVerificationCommand()
{
}
public EnableTlsVerificationCommand(IMainWindow window, Pool pool, bool confirm = true)
: base(window, pool)
{
_confirm = confirm;
}
protected override void ExecuteCore(SelectedItemCollection selection)
{
var connection = selection.GetConnectionOfFirstItem();
if (connection != null && !connection.Session.IsLocalSuperuser && !Registry.DontSudo &&
connection.Session.Roles.All(r => r.name_label != Role.MR_ROLE_POOL_ADMIN))
{
var currentRoles = connection.Session.Roles;
currentRoles.Sort();
var msg = string.Format(Messages.ENABLE_TLS_VERIFICATION_RBAC_RESTRICTION, currentRoles[0].FriendlyName(),
Role.FriendlyName(Role.MR_ROLE_POOL_ADMIN));
using (var dlg = new ErrorDialog(msg))
dlg.ShowDialog(Parent);
return;
}
var pool = Helpers.GetPoolOfOne(connection);
if (_confirm)
{
var msg = $"{Messages.MESSAGEBOX_ENABLE_TLS_VERIFICATION_WARNING}\n\n{Messages.CONFIRM_CONTINUE}";
using (var dlg = new WarningDialog(msg,
new ThreeButtonDialog.TBDButton(Messages.MESSAGEBOX_ENABLE_TLS_VERIFICATION_BUTTON,
DialogResult.Yes, ThreeButtonDialog.ButtonType.ACCEPT, true),
ThreeButtonDialog.ButtonNo))
if (dlg.ShowDialog(Parent) != DialogResult.Yes)
return;
}
new DelegatedAsyncAction(connection,
string.Format(Messages.ACTION_ENABLING_TLS_VERIFICATION_ON, Helpers.GetName(pool)),
Messages.ACTION_ENABLING_TLS_VERIFICATION, Messages.COMPLETED,
Pool.enable_tls_verification, "pool.enable_tls_verification").RunAsync();
}
protected override bool CanExecuteCore(SelectedItemCollection selection)
{
if (selection == null || selection.Count != 1 ||
selection.Any(i => !(i.XenObject is Host) && !(i.XenObject is Pool)))
return false;
var conn = selection.GetConnectionOfAllItems();
if (conn == null || !Helpers.PostStockholm(conn) || conn.Cache.Hosts.Any(Host.RestrictCertificateVerification))
return false;
var pool = Helpers.GetPoolOfOne(conn);
return pool != null &&
!pool.tls_verification_enabled &&
!pool.ha_enabled &&
!pool.current_operations.Values.Contains(pool_allowed_operations.ha_enable) &&
!pool.current_operations.Values.Contains(pool_allowed_operations.ha_disable) &&
!pool.current_operations.Values.Contains(pool_allowed_operations.cluster_create) &&
!pool.current_operations.Values.Contains(pool_allowed_operations.designate_new_master);
}
protected override string GetCantExecuteReasonCore(IXenObject item)
{
var pool = item == null ? null : Helpers.GetPoolOfOne(item.Connection);
if (pool != null)
{
if (pool.ha_enabled)
return Messages.ENABLE_TLS_VERIFICATION_HA_ENABLED;
if (pool.current_operations.Values.Contains(pool_allowed_operations.ha_enable))
return Messages.ENABLE_TLS_VERIFICATION_HA_ENABLING;
if (pool.current_operations.Values.Contains(pool_allowed_operations.ha_disable))
return Messages.ENABLE_TLS_VERIFICATION_HA_DISABLING;
if (pool.current_operations.Values.Contains(pool_allowed_operations.cluster_create))
return Messages.ENABLE_TLS_VERIFICATION_CLUSTERING;
if (pool.current_operations.Values.Contains(pool_allowed_operations.designate_new_master))
return Messages.ENABLE_TLS_VERIFICATION_NEW_MASTER;
}
return base.GetCantExecuteReasonCore(item);
}
public override string MenuText => Messages.ENABLE_TLS_VERIFICATION_MENU;
}
}

9
XenAdmin/MainWindow.Designer.cs generated
View File

@ -279,6 +279,7 @@ namespace XenAdmin
this.toolStripMenuItemRotateSecret = new XenAdmin.Commands.CommandToolStripMenuItem();
this.toolStripMenuItemHaConfigure = new XenAdmin.Commands.CommandToolStripMenuItem();
this.toolStripMenuItemHaDisable = new XenAdmin.Commands.CommandToolStripMenuItem();
this.toolStripMenuItemEnableTls = new XenAdmin.Commands.CommandToolStripMenuItem();
((System.ComponentModel.ISupportInitialize)(this.splitContainer1)).BeginInit();
this.splitContainer1.Panel1.SuspendLayout();
this.splitContainer1.Panel2.SuspendLayout();
@ -924,6 +925,7 @@ namespace XenAdmin
this.toolStripSeparator9,
this.changePoolPasswordToolStripMenuItem,
this.toolStripMenuItemRotateSecret,
this.toolStripMenuItemEnableTls,
this.toolStripMenuItem1,
this.deleteToolStripMenuItem,
this.toolStripSeparator26,
@ -1965,6 +1967,12 @@ namespace XenAdmin
this.toolStripMenuItemHaDisable.Command = new XenAdmin.Commands.HADisableCommand();
resources.ApplyResources(this.toolStripMenuItemHaDisable, "toolStripMenuItemHaDisable");
//
// toolStripMenuItemEnableTls
//
this.toolStripMenuItemEnableTls.Name = "toolStripMenuItemEnableTls";
this.toolStripMenuItemEnableTls.Command = new XenAdmin.Commands.EnableTlsVerificationCommand();
resources.ApplyResources(this.toolStripMenuItemEnableTls, "toolStripMenuItemEnableTls");
//
// MainWindow
//
resources.ApplyResources(this, "$this");
@ -2243,6 +2251,7 @@ namespace XenAdmin
private XenAdmin.Commands.CommandToolStripMenuItem toolStripMenuItemRotateSecret;
private XenAdmin.Commands.CommandToolStripMenuItem toolStripMenuItemHaConfigure;
private XenAdmin.Commands.CommandToolStripMenuItem toolStripMenuItemHaDisable;
private XenAdmin.Commands.CommandToolStripMenuItem toolStripMenuItemEnableTls;
}
}

33
XenAdmin/MainWindow.cs
View File

@ -869,7 +869,7 @@ namespace XenAdmin
RequestRefreshTreeView();
}
void connection_CachePopulated(IXenConnection connection)
private void connection_CachePopulated(IXenConnection connection)
{
Host master = Helpers.GetMaster(connection);
if (master == null)
@ -992,6 +992,33 @@ namespace XenAdmin
HealthCheck.SendMetadataToHealthCheck();
RequestRefreshTreeView();
CheckTlsVerification(connection);
}
private void CheckTlsVerification(IXenConnection connection)
{
//Use BeginInvoke so the UI is not blocked in a connection-in-progress state
Program.BeginInvoke(Program.MainWindow, () =>
{
var pool = Helpers.GetPoolOfOne(connection);
var cmd = new EnableTlsVerificationCommand(Program.MainWindow, pool, false);
if (cmd.CanExecute())
{
var msg = string.Format("{0}\n\n{1}",
string.Format(Messages.MESSAGEBOX_ENABLE_TLS_VERIFICATION_BLURB, Helpers.GetName(connection)),
Messages.MESSAGEBOX_ENABLE_TLS_VERIFICATION_WARNING);
using (var dlg = new WarningDialog(msg,
new ThreeButtonDialog.TBDButton(Messages.MESSAGEBOX_ENABLE_TLS_VERIFICATION_BUTTON,
DialogResult.Yes, ThreeButtonDialog.ButtonType.ACCEPT, true),
ThreeButtonDialog.ButtonNo))
if (dlg.ShowDialog(this) == DialogResult.Yes)
cmd.Execute();
}
});
}
private void CheckHealthCheckEnrollment(object connection)
@ -1681,6 +1708,10 @@ namespace XenAdmin
toolStripMenuItemRotateSecret.Available = SelectionManager.Selection.Any(s =>
s.Connection != null && Helpers.StockholmOrGreater(s.Connection) &&
!s.Connection.Cache.Hosts.Any(Host.RestrictPoolSecretRotation));
toolStripMenuItemEnableTls.Available = SelectionManager.Selection.Any(s =>
s.Connection != null && Helpers.PostStockholm(s.Connection) &&
!s.Connection.Cache.Hosts.Any(Host.RestrictCertificateVerification) &&
s.Connection.Cache.Pools.Any(p => !p.tls_verification_enabled));
}
private void xenSourceOnTheWebToolStripMenuItem_Click(object sender, EventArgs e)

22
XenAdmin/MainWindow.resx
View File

@ -1981,13 +1981,13 @@
<value>274, 6</value>
</data>
<data name="toolStripMenuItemHaConfigure.Size" type="System.Drawing.Size, System.Drawing">
<value>180, 22</value>
<value>156, 22</value>
</data>
<data name="toolStripMenuItemHaConfigure.Text" xml:space="preserve">
<value>&amp;Configure HA...</value>
</data>
<data name="toolStripMenuItemHaDisable.Size" type="System.Drawing.Size, System.Drawing">
<value>180, 22</value>
<value>156, 22</value>
</data>
<data name="toolStripMenuItemHaDisable.Text" xml:space="preserve">
<value>&amp;Disable HA</value>
@ -2058,6 +2058,12 @@
<data name="toolStripMenuItemRotateSecret.Text" xml:space="preserve">
<value>Rotate &amp;Pool Secret</value>
</data>
<data name="toolStripMenuItemEnableTls.Size" type="System.Drawing.Size, System.Drawing">
<value>277, 22</value>
</data>
<data name="toolStripMenuItemEnableTls.Text" xml:space="preserve">
<value>Enable Certificate Veri&amp;fication</value>
</data>
<data name="toolStripMenuItem1.Size" type="System.Drawing.Size, System.Drawing">
<value>274, 6</value>
</data>
@ -4033,18 +4039,24 @@
<value>toolStripMenuItemRotateSecret</value>
</data>
<data name="&gt;&gt;toolStripMenuItemRotateSecret.Type" xml:space="preserve">
<value>XenAdmin.Commands.CommandToolStripMenuItem, XenCenterMain, Version=0.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
<value>XenAdmin.Commands.CommandToolStripMenuItem, XenCenterMain, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</value>
</data>
<data name="&gt;&gt;toolStripMenuItemHaConfigure.Name" xml:space="preserve">
<value>toolStripMenuItemHaConfigure</value>
</data>
<data name="&gt;&gt;toolStripMenuItemHaConfigure.Type" xml:space="preserve">
<value>System.Windows.Forms.ToolStripMenuItem, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
<value>XenAdmin.Commands.CommandToolStripMenuItem, XenCenterMain, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</value>
</data>
<data name="&gt;&gt;toolStripMenuItemHaDisable.Name" xml:space="preserve">
<value>toolStripMenuItemHaDisable</value>
</data>
<data name="&gt;&gt;toolStripMenuItemHaDisable.Type" xml:space="preserve">
<value>XenAdmin.Commands.CommandToolStripMenuItem, XenCenterMain, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null</value>
</data>
<data name="&gt;&gt;toolStripMenuItemEnableTls.Name" xml:space="preserve">
<value>toolStripMenuItemEnableTls</value>
</data>
<data name="&gt;&gt;toolStripMenuItemEnableTls.Type" xml:space="preserve">
<value>System.Windows.Forms.ToolStripMenuItem, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</data>
<data name="&gt;&gt;$this.Name" xml:space="preserve">
@ -4053,4 +4065,4 @@
<data name="&gt;&gt;$this.Type" xml:space="preserve">
<value>System.Windows.Forms.Form, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</data>
</root>
</root>

131
XenAdmin/TabPages/GeneralTabPage.cs
View File

@ -414,32 +414,32 @@ namespace XenAdmin.TabPages
if (xenObject is Host && (xenObject.Connection == null || !xenObject.Connection.IsConnected))
{
generateDisconnectedHostBox();
GenerateDisconnectedHostBox();
}
else if (xenObject is DockerContainer)
{
generateDockerContainerGeneralBox();
GenerateDockerContainerGeneralBox();
}
else
{
generateGeneralBox();
GenerateGeneralBox();
GenerateCertificateBox();
generateCustomFieldsBox();
generateInterfaceBox();
generateMemoryBox();
generateVersionBox();
generateLicenseBox();
generateCPUBox();
generateHostPatchesBox();
generateBootBox();
generateHABox();
generateStatusBox();
generateMultipathBox();
generatePoolPatchesBox();
generateMultipathBootBox();
generateVCPUsBox();
generateDockerInfoBox();
generateReadCachingBox();
GenerateCustomFieldsBox();
GenerateInterfaceBox();
GenerateMemoryBox();
GenerateVersionBox();
GenerateLicenseBox();
GenerateCPUBox();
GenerateHostPatchesBox();
GenerateBootBox();
GenerateHABox();
GenerateStatusBox();
GenerateMultipathBox();
GeneratePoolPatchesBox();
GenerateMultipathBootBox();
GenerateVCPUsBox();
GenerateDockerInfoBox();
GenerateReadCachingBox();
}
// hide all the sections which haven't been populated, those that have make sure are visible
@ -461,7 +461,7 @@ namespace XenAdmin.TabPages
UpdateButtons();
}
private void generateInterfaceBox()
private void GenerateInterfaceBox()
{
Host Host = xenObject as Host;
Pool Pool = xenObject as Pool;
@ -529,7 +529,7 @@ namespace XenAdmin.TabPages
}
}
private void generateCustomFieldsBox()
private void GenerateCustomFieldsBox()
{
List<CustomField> customFields = CustomFieldsManager.CustomFieldValues(xenObject);
if (customFields.Count <= 0)
@ -556,7 +556,7 @@ namespace XenAdmin.TabPages
}
}
private void generatePoolPatchesBox()
private void GeneratePoolPatchesBox()
{
Pool pool = xenObject as Pool;
if (pool == null)
@ -593,7 +593,7 @@ namespace XenAdmin.TabPages
}
}
private void generateHostPatchesBox()
private void GenerateHostPatchesBox()
{
Host host = xenObject as Host;
if (host == null)
@ -647,7 +647,7 @@ namespace XenAdmin.TabPages
}
}
private void generateHABox()
private void GenerateHABox()
{
VM vm = xenObject as VM;
if (vm == null)
@ -663,7 +663,7 @@ namespace XenAdmin.TabPages
new PropertiesToolStripMenuItem(new VmEditHaCommand(Program.MainWindow, xenObject)));
}
private void generateStatusBox()
private void GenerateStatusBox()
{
SR sr = xenObject as SR;
if (sr == null)
@ -734,7 +734,7 @@ namespace XenAdmin.TabPages
}
}
private void generateMultipathBox()
private void GenerateMultipathBox()
{
SR sr = xenObject as SR;
if (sr == null)
@ -863,7 +863,7 @@ namespace XenAdmin.TabPages
s.AddEntry(title, row);
}
private void generateMultipathBootBox()
private void GenerateMultipathBootBox()
{
Host host = xenObject as Host;
if (host == null)
@ -882,7 +882,7 @@ namespace XenAdmin.TabPages
s.AddEntry(Messages.STATUS, text);
}
private void generateBootBox()
private void GenerateBootBox()
{
VM vm = xenObject as VM;
if (vm == null)
@ -904,7 +904,7 @@ namespace XenAdmin.TabPages
}
}
private void generateLicenseBox()
private void GenerateLicenseBox()
{
Host host = xenObject as Host;
if (host == null)
@ -1000,7 +1000,7 @@ namespace XenAdmin.TabPages
}
}
private void generateVersionBox()
private void GenerateVersionBox()
{
Host host = xenObject as Host;
@ -1025,7 +1025,7 @@ namespace XenAdmin.TabPages
pdSectionVersion.AddEntry("DBV", host.software_version["dbv"]);
}
private void generateCPUBox()
private void GenerateCPUBox()
{
Host host = xenObject as Host;
if (host == null)
@ -1053,7 +1053,7 @@ namespace XenAdmin.TabPages
}
}
private void generateVCPUsBox()
private void GenerateVCPUsBox()
{
VM vm = xenObject as VM;
if (vm == null)
@ -1067,7 +1067,7 @@ namespace XenAdmin.TabPages
s.AddEntry(FriendlyName("VM.Topology"), vm.Topology());
}
private void generateDisconnectedHostBox()
private void GenerateDisconnectedHostBox()
{
IXenConnection conn = xenObject.Connection;
@ -1103,7 +1103,7 @@ namespace XenAdmin.TabPages
}
}
private void generateGeneralBox()
private void GenerateGeneralBox()
{
PDSection s = pdSectionGeneral;
@ -1122,7 +1122,9 @@ namespace XenAdmin.TabPages
if (xenObject is Host host)
{
if (Helpers.GetPool(xenObject.Connection) != null)
var isStandAloneHost = Helpers.GetPool(xenObject.Connection) == null;
if (!isStandAloneHost)
s.AddEntry(Messages.POOL_MASTER, host.IsMaster() ? Messages.YES : Messages.NO);
if (!host.IsLive())
@ -1131,12 +1133,9 @@ namespace XenAdmin.TabPages
}
else if (!host.enabled)
{
var item = new ToolStripMenuItem(Messages.EXIT_MAINTENANCE_MODE);
item.Click += delegate
{
new HostMaintenanceModeCommand(Program.MainWindow, host,
HostMaintenanceModeCommandParameter.Exit).Execute();
};
var item = new CommandToolStripMenuItem(new HostMaintenanceModeCommand(
Program.MainWindow, host, HostMaintenanceModeCommandParameter.Exit));
s.AddEntry(FriendlyName("host.enabled"),
host.MaintenanceMode() ? Messages.HOST_IN_MAINTENANCE_MODE : Messages.DISABLED,
new[] { item },
@ -1144,15 +1143,25 @@ namespace XenAdmin.TabPages
}
else
{
var item = new ToolStripMenuItem(Messages.ENTER_MAINTENANCE_MODE);
item.Click += delegate
{
new HostMaintenanceModeCommand(Program.MainWindow, host,
HostMaintenanceModeCommandParameter.Enter).Execute();
};
var item = new CommandToolStripMenuItem(new HostMaintenanceModeCommand(
Program.MainWindow, host, HostMaintenanceModeCommandParameter.Enter));
s.AddEntry(FriendlyName("host.enabled"), Messages.YES, item);
}
if (isStandAloneHost && Helpers.PostStockholm(host))
{
var pool = Helpers.GetPoolOfOne(xenObject.Connection);
if (pool != null && pool.tls_verification_enabled)
s.AddEntry(Messages.CERTIFICATE_VERIFICATION_KEY, Messages.ENABLED);
else
s.AddEntry(Messages.CERTIFICATE_VERIFICATION_KEY,
Messages.DISABLED,
new[] {new CommandToolStripMenuItem(new EnableTlsVerificationCommand(Program.MainWindow, pool))},
Color.Red);
}
s.AddEntry(FriendlyName("host.iscsi_iqn"), host.GetIscsiIqn(),
new PropertiesToolStripMenuItem(new IqnPropertiesCommand(Program.MainWindow, xenObject)));
@ -1232,8 +1241,7 @@ namespace XenAdmin.TabPages
}
}
SR sr = xenObject as SR;
if (sr != null)
if (xenObject is SR sr)
{
s.AddEntry(Messages.TYPE, sr.FriendlyTypeName());
@ -1265,8 +1273,7 @@ namespace XenAdmin.TabPages
}
}
Pool p = xenObject as Pool;
if (p != null)
if (xenObject is Pool p)
{
var additionalString = PoolAdditionalLicenseString();
s.AddEntry(Messages.POOL_LICENSE,
@ -1275,6 +1282,17 @@ namespace XenAdmin.TabPages
: Helpers.GetFriendlyLicenseName(p));
s.AddEntry(Messages.NUMBER_OF_SOCKETS, p.CpuSockets().ToString());
if (Helpers.PostStockholm(p.Connection))
{
if (p.tls_verification_enabled)
s.AddEntry(Messages.CERTIFICATE_VERIFICATION_KEY, Messages.ENABLED);
else
s.AddEntry(Messages.CERTIFICATE_VERIFICATION_KEY,
Messages.DISABLED,
new[] {new CommandToolStripMenuItem(new EnableTlsVerificationCommand(Program.MainWindow, p))},
Color.Red);
}
var master = p.Connection.Resolve(p.master);
if (master != null)
{
@ -1303,8 +1321,7 @@ namespace XenAdmin.TabPages
}
}
VDI vdi = xenObject as VDI;
if (vdi != null)
if (xenObject is VDI vdi)
{
s.AddEntry(Messages.SIZE, vdi.SizeText(),
new PropertiesToolStripMenuItem(new VdiEditSizeLocationCommand(Program.MainWindow, xenObject)));
@ -1498,7 +1515,7 @@ namespace XenAdmin.TabPages
}
}
private void generateDockerContainerGeneralBox()
private void GenerateDockerContainerGeneralBox()
{
var dockerContainer = xenObject as DockerContainer;
if (dockerContainer != null)
@ -1527,7 +1544,7 @@ namespace XenAdmin.TabPages
}
}
private void generateReadCachingBox()
private void GenerateReadCachingBox()
{
VM vm = xenObject as VM;
if (vm == null || !vm.IsRunning())
@ -1614,7 +1631,7 @@ namespace XenAdmin.TabPages
);
}
private void generateMemoryBox()
private void GenerateMemoryBox()
{
Host host = xenObject as Host;
if (host == null)
@ -1634,7 +1651,7 @@ namespace XenAdmin.TabPages
s.AddEntry(key, string.IsNullOrEmpty(value) ? Messages.NONE : value);
}
private void generateDockerInfoBox()
private void GenerateDockerInfoBox()
{
VM vm = xenObject as VM;
if (vm == null)

1
XenAdmin/XenAdmin.csproj
View File

@ -116,6 +116,7 @@
<SubType>Component</SubType>
</Compile>
<Compile Include="Commands\CrossPoolCopyVMCommand.cs" />
<Compile Include="Commands\EnableTlsVerificationCommand.cs" />
<Compile Include="Commands\RotatePoolSecretCommand.cs" />
<Compile Include="Commands\InstallCertificateCommand.cs" />
<Compile Include="Commands\LaunchConversionManagerCommand.cs" />

128
XenModel/Messages.Designer.cs generated
View File

@ -1095,6 +1095,24 @@ namespace XenAdmin {
}
}
/// <summary>
/// Looks up a localized string similar to Enabling certificate verification....
/// </summary>
public static string ACTION_ENABLING_TLS_VERIFICATION {
get {
return ResourceManager.GetString("ACTION_ENABLING_TLS_VERIFICATION", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Enabling certificate verification on {0}....
/// </summary>
public static string ACTION_ENABLING_TLS_VERIFICATION_ON {
get {
return ResourceManager.GetString("ACTION_ENABLING_TLS_VERIFICATION_ON", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Export failed due to a block checksum mismatch. Please retry the export..
/// </summary>
@ -7116,6 +7134,15 @@ namespace XenAdmin {
}
}
/// <summary>
/// Looks up a localized string similar to Certificate Verification.
/// </summary>
public static string CERTIFICATE_VERIFICATION_KEY {
get {
return ResourceManager.GetString("CERTIFICATE_VERIFICATION_KEY", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Ability to download updates.
/// </summary>
@ -7822,6 +7849,15 @@ namespace XenAdmin {
}
}
/// <summary>
/// Looks up a localized string similar to Do you want to continue?.
/// </summary>
public static string CONFIRM_CONTINUE {
get {
return ResourceManager.GetString("CONFIRM_CONTINUE", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Are you sure you want to delete the selected {0}?.
/// </summary>
@ -14908,6 +14944,71 @@ namespace XenAdmin {
}
}
/// <summary>
/// Looks up a localized string similar to You cannot enable certificate verification while the pool is in the process of creating a cluster..
/// </summary>
public static string ENABLE_TLS_VERIFICATION_CLUSTERING {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_CLUSTERING", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to You cannot enable certificate verification while HA is being disabled on the pool..
/// </summary>
public static string ENABLE_TLS_VERIFICATION_HA_DISABLING {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_HA_DISABLING", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to You cannot enable certificate verification when HA is on..
/// </summary>
public static string ENABLE_TLS_VERIFICATION_HA_ENABLED {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_HA_ENABLED", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to You cannot enable certificate verification while HA is being enabled on the pool..
/// </summary>
public static string ENABLE_TLS_VERIFICATION_HA_ENABLING {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_HA_ENABLING", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Enable Certificate Veri&amp;fication.
/// </summary>
public static string ENABLE_TLS_VERIFICATION_MENU {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_MENU", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to You cannot enable certificate verification while a new master is being nominated in the pool..
/// </summary>
public static string ENABLE_TLS_VERIFICATION_NEW_MASTER {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_NEW_MASTER", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to A {0} user does not have sufficient permissions to enable certificate verification. Please login using an account with one of the following roles:
///
///{1}.
/// </summary>
public static string ENABLE_TLS_VERIFICATION_RBAC_RESTRICTION {
get {
return ResourceManager.GetString("ENABLE_TLS_VERIFICATION_RBAC_RESTRICTION", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Res&amp;ume.
/// </summary>
@ -24067,6 +24168,33 @@ namespace XenAdmin {
}
}
/// <summary>
/// Looks up a localized string similar to Certificate verification is not enabled on &apos;{0}&apos;. Would you like to enable it now?.
/// </summary>
public static string MESSAGEBOX_ENABLE_TLS_VERIFICATION_BLURB {
get {
return ResourceManager.GetString("MESSAGEBOX_ENABLE_TLS_VERIFICATION_BLURB", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to &amp;Yes, Enable certificate verification.
/// </summary>
public static string MESSAGEBOX_ENABLE_TLS_VERIFICATION_BUTTON {
get {
return ResourceManager.GetString("MESSAGEBOX_ENABLE_TLS_VERIFICATION_BUTTON", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Before enabling certificate verification ensure that there are no operations running in the pool, otherwise they will be interrupted..
/// </summary>
public static string MESSAGEBOX_ENABLE_TLS_VERIFICATION_WARNING {
get {
return ResourceManager.GetString("MESSAGEBOX_ENABLE_TLS_VERIFICATION_WARNING", resourceCulture);
}
}
/// <summary>
/// Looks up a localized string similar to Unable to connect to server &apos;{0}&apos;.
///{1}

44
XenModel/Messages.resx
View File

@ -462,6 +462,12 @@
<data name="ACTION_ENABLING_PVS_READ_CACHING" xml:space="preserve">
<value>Enabling PVS-Accelerator for selected VMs</value>
</data>
<data name="ACTION_ENABLING_TLS_VERIFICATION" xml:space="preserve">
<value>Enabling certificate verification...</value>
</data>
<data name="ACTION_ENABLING_TLS_VERIFICATION_ON" xml:space="preserve">
<value>Enabling certificate verification on {0}...</value>
</data>
<data name="ACTION_EXPORT_DESCRIPTION_BLOCK_CHECKSUM_FAILED" xml:space="preserve">
<value>Export failed due to a block checksum mismatch. Please retry the export.</value>
</data>
@ -2577,6 +2583,9 @@ This will cancel compilation of the status report.</value>
<data name="CERTIFICATE_VALIDITY_PERIOD_VALUE" xml:space="preserve">
<value>Valid from {0} to {1}</value>
</data>
<data name="CERTIFICATE_VERIFICATION_KEY" xml:space="preserve">
<value>Certificate Verification</value>
</data>
<data name="CFU_STATUS_CHECK_DESCRIPTION" xml:space="preserve">
<value>Ability to download updates</value>
</data>
@ -2833,6 +2842,9 @@ Do you want to continue?</value>
Do you want to continue?</value>
</data>
<data name="CONFIRM_CONTINUE" xml:space="preserve">
<value>Do you want to continue?</value>
</data>
<data name="CONFIRM_DELETE" xml:space="preserve">
<value>Are you sure you want to delete the selected {0}?</value>
</data>
@ -5254,6 +5266,29 @@ Would you like to eject these ISOs before continuing?</value>
<data name="ENABLE_PVS_READ_CACHING_RUBRIC_SINGLE" xml:space="preserve">
<value>Choose the PVS site from which the selected VM is streamed.</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_CLUSTERING" xml:space="preserve">
<value>You cannot enable certificate verification while the pool is in the process of creating a cluster.</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_HA_DISABLING" xml:space="preserve">
<value>You cannot enable certificate verification while HA is being disabled on the pool.</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_HA_ENABLED" xml:space="preserve">
<value>You cannot enable certificate verification when HA is on.</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_HA_ENABLING" xml:space="preserve">
<value>You cannot enable certificate verification while HA is being enabled on the pool.</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_MENU" xml:space="preserve">
<value>Enable Certificate Veri&amp;fication</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_NEW_MASTER" xml:space="preserve">
<value>You cannot enable certificate verification while a new master is being nominated in the pool.</value>
</data>
<data name="ENABLE_TLS_VERIFICATION_RBAC_RESTRICTION" xml:space="preserve">
<value>A {0} user does not have sufficient permissions to enable certificate verification. Please login using an account with one of the following roles:
{1}</value>
</data>
<data name="ENABLE_WLB_ELLIPSIS" xml:space="preserve">
<value>Res&amp;ume</value>
</data>
@ -8349,6 +8384,15 @@ Are you sure you want to detach this storage repository?</value>
<data name="MESSAGEBOX_DETACH_VD_TITLE_MUTLIPLE" xml:space="preserve">
<value>Detach Multiple Virtual Disks</value>
</data>
<data name="MESSAGEBOX_ENABLE_TLS_VERIFICATION_BLURB" xml:space="preserve">
<value>Certificate verification is not enabled on '{0}'. Would you like to enable it now?</value>
</data>
<data name="MESSAGEBOX_ENABLE_TLS_VERIFICATION_WARNING" xml:space="preserve">
<value>Before enabling certificate verification ensure that there are no operations running in the pool, otherwise they will be interrupted.</value>
</data>
<data name="MESSAGEBOX_ENABLE_TLS_VERIFICATION_BUTTON" xml:space="preserve">
<value>&amp;Yes, Enable certificate verification</value>
</data>
<data name="MESSAGEBOX_ERRORTEXT" xml:space="preserve">
<value>Unable to connect to server '{0}'.
{1}

5
XenModel/XenAPI-Extensions/Host.cs
View File

@ -312,6 +312,11 @@ namespace XenAPI
return BoolKeyPreferTrue(h.license_params, "restrict_pool_secret_rotation");
}
public static bool RestrictCertificateVerification(Host h)
{
return BoolKeyPreferTrue(h.license_params, "restrict_certificate_verification");
}
public static bool RestrictAlerts(Host h)
{
return BoolKeyPreferTrue(h.license_params, "restrict_email_alerting");