From ab4f57212683baec45d5b682bdd3952ff58249ed Mon Sep 17 00:00:00 2001 From: Matthew Edmonds Date: Tue, 11 Nov 2014 16:03:23 -0500 Subject: [PATCH] Fix Brocade FC SAN lookup MITM vulnerability Modify the Brocade FC SAN lookup service implementation to use the same SSH key config properties used elsewhere rather than relying on arguments which are non-standard and never passed by the base lookup service. Change-Id: I0cb5141368bc9a62a4e0374026d66fc2725cfe24 Closes-Bug: 1391311 --- .../test_brcd_fc_san_lookup_service.py | 16 +++++++------- .../brocade/brcd_fc_san_lookup_service.py | 21 +++++++++++-------- 2 files changed, 20 insertions(+), 17 deletions(-) diff --git a/cinder/tests/zonemanager/test_brcd_fc_san_lookup_service.py b/cinder/tests/zonemanager/test_brcd_fc_san_lookup_service.py index e138d452a..43aa1e12e 100644 --- a/cinder/tests/zonemanager/test_brcd_fc_san_lookup_service.py +++ b/cinder/tests/zonemanager/test_brcd_fc_san_lookup_service.py @@ -42,6 +42,8 @@ _device_map_to_verify = { 'initiator_port_wwn_list': ['10008c7cff523b01'], 'target_port_wwn_list': ['20240002ac000a50']}} +CONF = cfg.CONF + class TestBrcdFCSanLookupService(brcd_lookup.BrcdFCSanLookupService, test.TestCase): @@ -77,16 +79,14 @@ class TestBrcdFCSanLookupService(brcd_lookup.BrcdFCSanLookupService, @mock.patch.object(paramiko.hostkeys.HostKeys, 'load') def test_create_ssh_client(self, load_mock): - mock_args = {} - mock_args['known_hosts_file'] = 'dummy_host_key_file' - mock_args['missing_key_policy'] = paramiko.RejectPolicy() - ssh_client = self.create_ssh_client(**mock_args) + CONF.ssh_hosts_key_file = 'dummy_host_key_file' + CONF.strict_ssh_host_key_policy = True + ssh_client = self.create_ssh_client() self.assertEqual(ssh_client._host_keys_filename, 'dummy_host_key_file') self.assertTrue(isinstance(ssh_client._policy, paramiko.RejectPolicy)) - mock_args = {} - ssh_client = self.create_ssh_client(**mock_args) - self.assertIsNone(ssh_client._host_keys_filename) - self.assertTrue(isinstance(ssh_client._policy, paramiko.WarningPolicy)) + CONF.strict_ssh_host_key_policy = False + ssh_client = self.create_ssh_client() + self.assertTrue(isinstance(ssh_client._policy, paramiko.AutoAddPolicy)) @mock.patch.object(brcd_lookup.BrcdFCSanLookupService, 'get_nameserver_info') diff --git a/cinder/zonemanager/drivers/brocade/brcd_fc_san_lookup_service.py b/cinder/zonemanager/drivers/brocade/brcd_fc_san_lookup_service.py index b715e5337..8c64cb178 100644 --- a/cinder/zonemanager/drivers/brocade/brcd_fc_san_lookup_service.py +++ b/cinder/zonemanager/drivers/brocade/brcd_fc_san_lookup_service.py @@ -17,6 +17,7 @@ # +from oslo.config import cfg import paramiko from cinder import exception @@ -30,6 +31,8 @@ from cinder.zonemanager.fc_san_lookup_service import FCSanLookupService LOG = logging.getLogger(__name__) +CONF = cfg.CONF + class BrcdFCSanLookupService(FCSanLookupService): """The SAN lookup service that talks to Brocade switches. @@ -46,7 +49,7 @@ class BrcdFCSanLookupService(FCSanLookupService): super(BrcdFCSanLookupService, self).__init__(**kwargs) self.configuration = kwargs.get('configuration', None) self.create_configuration() - self.client = self.create_ssh_client(**kwargs) + self.client = self.create_ssh_client() def create_configuration(self): """Configuration specific to SAN context values.""" @@ -61,16 +64,16 @@ class BrcdFCSanLookupService(FCSanLookupService): self.fabric_configs = fabric_opts.load_fabric_configurations( fabric_names) - def create_ssh_client(self, **kwargs): + def create_ssh_client(self): ssh_client = paramiko.SSHClient() - known_hosts_file = kwargs.get('known_hosts_file', None) - if known_hosts_file is None: - ssh_client.load_system_host_keys() + known_hosts_file = CONF.ssh_hosts_key_file + if not known_hosts_file: + raise exception.ParameterNotFound(param='ssh_hosts_key_file') + ssh_client.load_host_keys(known_hosts_file) + if CONF.strict_ssh_host_key_policy: + missing_key_policy = paramiko.RejectPolicy() else: - ssh_client.load_host_keys(known_hosts_file) - missing_key_policy = kwargs.get('missing_key_policy', None) - if missing_key_policy is None: - missing_key_policy = paramiko.WarningPolicy() + missing_key_policy = paramiko.AutoAddPolicy() ssh_client.set_missing_host_key_policy(missing_key_policy) return ssh_client -- 2.45.2