MT#16401 ngcp-ossbss-clients-perl: use NGCP_API_SSLVERIFY config

- add ngcp-api_ping script to check api status ngcp-panel scripts stop working in Jessie due new behaviour of the library related to openssl policies. We are creating self-signed certificates at dev enviroment, so we need a way to skip that new verification Change-Id: I7f7f323636c4c405e1b01590f0434e2dda1b0d25
10 years ago · 933c00a582
parent 244095467d
commit 933c00a582
8 changed files with 225 additions and 14 deletions
--- a/bin/ngcp-api_ping
+++ b/bin/ngcp-api_ping
@ -0,0 +1,169 @@
+#!/usr/bin/perl
+use strict;
+use warnings;
+use Config::Tiny;
+use English;
+use Getopt::Long;
+use JSON qw();
+use LWP::UserAgent;
+use Pod::Usage;
+use IO::Socket::SSL;
+
+my $config =  Config::Tiny->read('/etc/default/ngcp-api');
+my $opts = {
+    host => '127.0.0.1',
+    port => 1443,
+    auth_user => 'administrator',
+    auth_pwd => 'administrator',
+    verbose => 0,
+    admin => 0
+};
+
+if ($config) {
+    $opts->{host} = $config->{_}->{NGCP_API_IP};
+    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
+}
+
+GetOptions( $opts,
+    "help|h" => sub { pod2usage(-exitval =>0); },
+    "host=s",
+    "port=i",
+    "auth_user=s",
+    "auth_pwd=s",
+    "verbose",
+    "man" => sub { pod2usage(-exitval => 0, -verbose => 2); },
+) or pod2usage(2);
+
+sub main {
+    my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port};
+    my $ua = LWP::UserAgent->new();
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
+    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
+        $opts->{auth_user}, $opts->{auth_pwd});
+    # debug!!
+    if($opts->{verbose}) {
+        $ua->show_progress(1);
+        $ua->add_handler("request_send",  sub { shift->dump; return });
+        $ua->add_handler("response_done", sub { shift->dump; return });
+    }
+    my $url = $urlbase . '/api/domains/';
+    my $res = do_request($ua, $url);
+    if($res->is_success) {
+        print "API up\n";
+    } else {
+        die $res->as_string;
+    }
+    return;
+}
+
+sub do_request {
+    my $ua = shift;
+    my $url = shift;
+    my $req = HTTP::Request->new('GET', $url);
+    $req->header('Content-Type' => 'application/json');
+    $req->header('Prefer' => 'return=representation');
+
+    return $ua->request($req);
+}
+
+main();
+
+__END__
+=head1 NAME
+
+ngcp-api_ping - check NGCP API status
+
+=head1 SYNOPSIS
+
+ngcp-api_ping [options]
+
+=head1 OPTIONS
+
+=over 8
+
+=item B<-help>
+
+Print a brief help message and exits.
+
+=item B<-auth_user>
+
+Authentication username . Defaults to 'administrator'.
+
+=item B<-auth_pwd>
+
+Authentication password . Defaults to 'administrator'.
+
+=item B<-host>
+
+Host where the send queries. Defaults to '127.0.0.1'.
+
+=item B<-port>
+
+Port where the send queries. Defaults to 1443.
+
+=item B<-verbose>
+
+See debug information. Default false.
+
+=back
+
+=head1 DESCRIPTION
+
+B<This program> will check NGCP API.
+
+=head1 USAGE
+
+ngcp-api-check -host 1.2.3.4
+
+=head1 REQUIRED ARGUMENTS
+
+None
+
+=head1 EXIT STATUS
+
+Exit code 0 means that everything should have went fine otherwise error.
+
+=head1 DIAGNOSTICS
+
+=head1 CONFIGURATION
+
+/etc/default/ngcp-api for default values
+
+=head1 DEPENDENCIES
+
+ngcp-api_ping relies on a bunch of Perl modules, all of them specified as
+dependencies through the ngcp-ossbss-clients-perl Debian package.
+
+=head1 INCOMPATIBILITIES
+
+No known at this time.
+
+=head1 BUGS AND LIMITATIONS
+
+Please report problems you notice to the Sipwise
+Development Team <support@sipwise.com>.
+
+=head1 AUTHOR
+
+Victor Seva <vseva@sipwise.com>
+
+=head1 LICENSE
+
+Copyright (c) 2015 Sipwise GmbH, Austria.
+All rights reserved. You may not copy, distribute
+or modify without prior written permission from
+Sipwise GmbH, Austria.
+
+=head1 LICENSE AND COPYRIGHT
+
+Copyright (c) 2015 Sipwise GmbH, Austria.
+You should have received a copy of the licence terms together with the
+software.
+
+=cut
--- a/bin/ngcp-create_customer
+++ b/bin/ngcp-create_customer
@ -7,6 +7,7 @@ use Getopt::Long;
 use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -23,6 +24,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -47,8 +49,12 @@ sub main {
        status => 'active',
      };
    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!
--- a/bin/ngcp-create_domain
+++ b/bin/ngcp-create_domain
@ -7,6 +7,7 @@ use Getopt::Long;
 use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -23,6 +24,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -50,8 +52,12 @@ sub main {
        ($opts->{skip_sip} ? (_skip_sip_reload => 1) : ()),
    };
    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!
--- a/bin/ngcp-create_subscriber
+++ b/bin/ngcp-create_subscriber
@ -7,6 +7,7 @@ use Getopt::Long;
 use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -21,6 +22,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -56,8 +58,12 @@ sub main {
    my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port};

    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!
--- a/bin/ngcp-delete_domain
+++ b/bin/ngcp-delete_domain
@ -8,6 +8,7 @@ use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
 use URI;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -24,6 +25,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -46,8 +48,12 @@ sub main {
    my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port};

    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!
--- a/bin/ngcp-get_customer
+++ b/bin/ngcp-get_customer
@ -8,6 +8,7 @@ use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
 use Data::Dumper;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -22,6 +23,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -46,8 +48,12 @@ die pod2usage(-exitval => 1, -message => "Missing parameters") unless
 sub main {
    my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port};
    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!
--- a/bin/ngcp-terminate_customer
+++ b/bin/ngcp-terminate_customer
@ -7,6 +7,7 @@ use Getopt::Long;
 use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -21,6 +22,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -45,8 +47,12 @@ die pod2usage(-exitval => 1, -message => "Missing parameters") unless
 sub main {
    my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port};
    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!
--- a/bin/ngcp-terminate_subscriber
+++ b/bin/ngcp-terminate_subscriber
@ -7,6 +7,7 @@ use Getopt::Long;
 use JSON qw();
 use LWP::UserAgent;
 use Pod::Usage;
+use IO::Socket::SSL;

 my $config =  Config::Tiny->read('/etc/default/ngcp-api');
 my $opts = {
@ -21,6 +22,7 @@ my $opts = {
 if ($config) {
    $opts->{host} = $config->{_}->{NGCP_API_IP};
    $opts->{port} = $config->{_}->{NGCP_API_PORT};
+    $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes';
 }

 GetOptions( $opts,
@ -45,8 +47,12 @@ die pod2usage(-exitval => 1, -message => "Missing parameters") unless
 sub main {
    my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port};
    my $ua = LWP::UserAgent->new();
-    # set to 0 if using a self-signed certificate
-    $ua->ssl_opts(verify_hostname => 0);
+    if($opts->{sslverify} eq 'no') {
+        $ua->ssl_opts(
+            verify_hostname => 0,
+            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+        );
+    }
    $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http',
        $opts->{auth_user}, $opts->{auth_pwd});
    # debug!!