From 933c00a582cb8630c9599b7aedd5f3b2b827cbd8 Mon Sep 17 00:00:00 2001 From: Victor Seva Date: Mon, 16 Nov 2015 15:04:24 +0100 Subject: [PATCH] MT#16401 ngcp-ossbss-clients-perl: use NGCP_API_SSLVERIFY config - add ngcp-api_ping script to check api status ngcp-panel scripts stop working in Jessie due new behaviour of the library related to openssl policies. We are creating self-signed certificates at dev enviroment, so we need a way to skip that new verification Change-Id: I7f7f323636c4c405e1b01590f0434e2dda1b0d25 --- bin/ngcp-api_ping | 169 ++++++++++++++++++++++++++++++++++ bin/ngcp-create_customer | 10 +- bin/ngcp-create_domain | 10 +- bin/ngcp-create_subscriber | 10 +- bin/ngcp-delete_domain | 10 +- bin/ngcp-get_customer | 10 +- bin/ngcp-terminate_customer | 10 +- bin/ngcp-terminate_subscriber | 10 +- 8 files changed, 225 insertions(+), 14 deletions(-) create mode 100644 bin/ngcp-api_ping diff --git a/bin/ngcp-api_ping b/bin/ngcp-api_ping new file mode 100644 index 0000000..1e35d94 --- /dev/null +++ b/bin/ngcp-api_ping @@ -0,0 +1,169 @@ +#!/usr/bin/perl +use strict; +use warnings; +use Config::Tiny; +use English; +use Getopt::Long; +use JSON qw(); +use LWP::UserAgent; +use Pod::Usage; +use IO::Socket::SSL; + +my $config = Config::Tiny->read('/etc/default/ngcp-api'); +my $opts = { + host => '127.0.0.1', + port => 1443, + auth_user => 'administrator', + auth_pwd => 'administrator', + verbose => 0, + admin => 0 +}; + +if ($config) { + $opts->{host} = $config->{_}->{NGCP_API_IP}; + $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; +} + +GetOptions( $opts, + "help|h" => sub { pod2usage(-exitval =>0); }, + "host=s", + "port=i", + "auth_user=s", + "auth_pwd=s", + "verbose", + "man" => sub { pod2usage(-exitval => 0, -verbose => 2); }, +) or pod2usage(2); + +sub main { + my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port}; + my $ua = LWP::UserAgent->new(); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } + $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', + $opts->{auth_user}, $opts->{auth_pwd}); + # debug!! + if($opts->{verbose}) { + $ua->show_progress(1); + $ua->add_handler("request_send", sub { shift->dump; return }); + $ua->add_handler("response_done", sub { shift->dump; return }); + } + my $url = $urlbase . '/api/domains/'; + my $res = do_request($ua, $url); + if($res->is_success) { + print "API up\n"; + } else { + die $res->as_string; + } + return; +} + +sub do_request { + my $ua = shift; + my $url = shift; + my $req = HTTP::Request->new('GET', $url); + $req->header('Content-Type' => 'application/json'); + $req->header('Prefer' => 'return=representation'); + + return $ua->request($req); +} + +main(); + +__END__ +=head1 NAME + +ngcp-api_ping - check NGCP API status + +=head1 SYNOPSIS + +ngcp-api_ping [options] + +=head1 OPTIONS + +=over 8 + +=item B<-help> + +Print a brief help message and exits. + +=item B<-auth_user> + +Authentication username . Defaults to 'administrator'. + +=item B<-auth_pwd> + +Authentication password . Defaults to 'administrator'. + +=item B<-host> + +Host where the send queries. Defaults to '127.0.0.1'. + +=item B<-port> + +Port where the send queries. Defaults to 1443. + +=item B<-verbose> + +See debug information. Default false. + +=back + +=head1 DESCRIPTION + +B will check NGCP API. + +=head1 USAGE + +ngcp-api-check -host 1.2.3.4 + +=head1 REQUIRED ARGUMENTS + +None + +=head1 EXIT STATUS + +Exit code 0 means that everything should have went fine otherwise error. + +=head1 DIAGNOSTICS + +=head1 CONFIGURATION + +/etc/default/ngcp-api for default values + +=head1 DEPENDENCIES + +ngcp-api_ping relies on a bunch of Perl modules, all of them specified as +dependencies through the ngcp-ossbss-clients-perl Debian package. + +=head1 INCOMPATIBILITIES + +No known at this time. + +=head1 BUGS AND LIMITATIONS + +Please report problems you notice to the Sipwise +Development Team . + +=head1 AUTHOR + +Victor Seva + +=head1 LICENSE + +Copyright (c) 2015 Sipwise GmbH, Austria. +All rights reserved. You may not copy, distribute +or modify without prior written permission from +Sipwise GmbH, Austria. + +=head1 LICENSE AND COPYRIGHT + +Copyright (c) 2015 Sipwise GmbH, Austria. +You should have received a copy of the licence terms together with the +software. + +=cut diff --git a/bin/ngcp-create_customer b/bin/ngcp-create_customer index 002afea..c9f669f 100755 --- a/bin/ngcp-create_customer +++ b/bin/ngcp-create_customer @@ -7,6 +7,7 @@ use Getopt::Long; use JSON qw(); use LWP::UserAgent; use Pod::Usage; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -23,6 +24,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -47,8 +49,12 @@ sub main { status => 'active', }; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!! diff --git a/bin/ngcp-create_domain b/bin/ngcp-create_domain index 7877b6e..cf0859c 100755 --- a/bin/ngcp-create_domain +++ b/bin/ngcp-create_domain @@ -7,6 +7,7 @@ use Getopt::Long; use JSON qw(); use LWP::UserAgent; use Pod::Usage; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -23,6 +24,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -50,8 +52,12 @@ sub main { ($opts->{skip_sip} ? (_skip_sip_reload => 1) : ()), }; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!! diff --git a/bin/ngcp-create_subscriber b/bin/ngcp-create_subscriber index ccbd256..aedc58a 100755 --- a/bin/ngcp-create_subscriber +++ b/bin/ngcp-create_subscriber @@ -7,6 +7,7 @@ use Getopt::Long; use JSON qw(); use LWP::UserAgent; use Pod::Usage; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -21,6 +22,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -56,8 +58,12 @@ sub main { my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port}; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!! diff --git a/bin/ngcp-delete_domain b/bin/ngcp-delete_domain index d10ae93..f5f0938 100755 --- a/bin/ngcp-delete_domain +++ b/bin/ngcp-delete_domain @@ -8,6 +8,7 @@ use JSON qw(); use LWP::UserAgent; use Pod::Usage; use URI; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -24,6 +25,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -46,8 +48,12 @@ sub main { my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port}; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!! diff --git a/bin/ngcp-get_customer b/bin/ngcp-get_customer index d01b805..7cecd3b 100755 --- a/bin/ngcp-get_customer +++ b/bin/ngcp-get_customer @@ -8,6 +8,7 @@ use JSON qw(); use LWP::UserAgent; use Pod::Usage; use Data::Dumper; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -22,6 +23,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -46,8 +48,12 @@ die pod2usage(-exitval => 1, -message => "Missing parameters") unless sub main { my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port}; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!! diff --git a/bin/ngcp-terminate_customer b/bin/ngcp-terminate_customer index 71969f1..4a55a13 100755 --- a/bin/ngcp-terminate_customer +++ b/bin/ngcp-terminate_customer @@ -7,6 +7,7 @@ use Getopt::Long; use JSON qw(); use LWP::UserAgent; use Pod::Usage; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -21,6 +22,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -45,8 +47,12 @@ die pod2usage(-exitval => 1, -message => "Missing parameters") unless sub main { my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port}; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!! diff --git a/bin/ngcp-terminate_subscriber b/bin/ngcp-terminate_subscriber index 84032b1..2b92882 100755 --- a/bin/ngcp-terminate_subscriber +++ b/bin/ngcp-terminate_subscriber @@ -7,6 +7,7 @@ use Getopt::Long; use JSON qw(); use LWP::UserAgent; use Pod::Usage; +use IO::Socket::SSL; my $config = Config::Tiny->read('/etc/default/ngcp-api'); my $opts = { @@ -21,6 +22,7 @@ my $opts = { if ($config) { $opts->{host} = $config->{_}->{NGCP_API_IP}; $opts->{port} = $config->{_}->{NGCP_API_PORT}; + $opts->{sslverify} = $config->{_}->{NGCP_API_SSLVERIFY} || 'yes'; } GetOptions( $opts, @@ -45,8 +47,12 @@ die pod2usage(-exitval => 1, -message => "Missing parameters") unless sub main { my $urlbase = 'https://'.$opts->{host}.':'.$opts->{port}; my $ua = LWP::UserAgent->new(); - # set to 0 if using a self-signed certificate - $ua->ssl_opts(verify_hostname => 0); + if($opts->{sslverify} eq 'no') { + $ua->ssl_opts( + verify_hostname => 0, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE, + ); + } $ua->credentials($opts->{host}.':'.$opts->{port}, 'api_admin_http', $opts->{auth_user}, $opts->{auth_pwd}); # debug!!