knife-windows 1.7.0 → 1.7.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (52) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +26 -26
  3. data/CHANGELOG.md +139 -135
  4. data/DOC_CHANGES.md +22 -22
  5. data/Gemfile +13 -13
  6. data/README.md +404 -404
  7. data/RELEASE_NOTES.md +9 -9
  8. data/appveyor.yml +39 -39
  9. data/ci.gemfile +16 -16
  10. data/knife-windows.gemspec +26 -26
  11. data/lib/chef/knife/bootstrap/windows-chef-client-msi.erb +246 -246
  12. data/lib/chef/knife/bootstrap_windows_base.rb +443 -443
  13. data/lib/chef/knife/bootstrap_windows_ssh.rb +116 -116
  14. data/lib/chef/knife/bootstrap_windows_winrm.rb +102 -102
  15. data/lib/chef/knife/core/windows_bootstrap_context.rb +378 -378
  16. data/lib/chef/knife/knife_windows_base.rb +33 -33
  17. data/lib/chef/knife/windows_cert_generate.rb +155 -155
  18. data/lib/chef/knife/windows_cert_install.rb +68 -68
  19. data/lib/chef/knife/windows_helper.rb +36 -36
  20. data/lib/chef/knife/windows_listener_create.rb +107 -107
  21. data/lib/chef/knife/winrm.rb +122 -122
  22. data/lib/chef/knife/winrm_base.rb +128 -128
  23. data/lib/chef/knife/winrm_knife_base.rb +307 -307
  24. data/lib/chef/knife/winrm_session.rb +98 -98
  25. data/lib/chef/knife/winrm_shared_options.rb +47 -47
  26. data/lib/chef/knife/wsman_endpoint.rb +44 -44
  27. data/lib/chef/knife/wsman_test.rb +118 -118
  28. data/lib/knife-windows/path_helper.rb +242 -234
  29. data/lib/knife-windows/version.rb +6 -6
  30. data/spec/assets/fake_trusted_certs/excluded.txt +2 -0
  31. data/spec/assets/fake_trusted_certs/github.pem +42 -0
  32. data/spec/assets/fake_trusted_certs/google.crt +41 -0
  33. data/spec/assets/win_fake_trusted_cert_script.txt +89 -0
  34. data/spec/assets/win_template_rendered_with_bootstrap_install_command.txt +223 -223
  35. data/spec/assets/win_template_rendered_with_bootstrap_install_command_on_12_5_client.txt +223 -223
  36. data/spec/assets/win_template_rendered_without_bootstrap_install_command.txt +335 -335
  37. data/spec/assets/win_template_rendered_without_bootstrap_install_command_on_12_5_client.txt +335 -335
  38. data/spec/assets/win_template_unrendered.txt +246 -246
  39. data/spec/dummy_winrm_connection.rb +21 -21
  40. data/spec/functional/bootstrap_download_spec.rb +236 -236
  41. data/spec/spec_helper.rb +94 -94
  42. data/spec/unit/knife/bootstrap_options_spec.rb +157 -157
  43. data/spec/unit/knife/bootstrap_template_spec.rb +98 -98
  44. data/spec/unit/knife/bootstrap_windows_winrm_spec.rb +423 -423
  45. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +213 -177
  46. data/spec/unit/knife/windows_cert_generate_spec.rb +90 -90
  47. data/spec/unit/knife/windows_cert_install_spec.rb +51 -51
  48. data/spec/unit/knife/windows_listener_create_spec.rb +76 -76
  49. data/spec/unit/knife/winrm_session_spec.rb +95 -95
  50. data/spec/unit/knife/winrm_spec.rb +500 -500
  51. data/spec/unit/knife/wsman_test_spec.rb +209 -209
  52. metadata +7 -3
@@ -1,98 +1,98 @@
1
- #
2
- # Author:: Steven Murawski <smurawski@chef.io>
3
- # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require 'chef/application'
20
- require 'winrm'
21
- require 'winrm-elevated'
22
-
23
- class Chef
24
- class Knife
25
- class WinrmSession
26
- attr_reader :host, :endpoint, :port, :output, :error, :exit_code
27
-
28
- def initialize(options)
29
- configure_proxy
30
-
31
- @host = options[:host]
32
- @port = options[:port]
33
- @user = options[:user]
34
- @shell_args = [ options[:shell] ]
35
- @shell_args << { codepage: options[:codepage] } if options[:shell] == :cmd
36
- url = "#{options[:host]}:#{options[:port]}/wsman"
37
- scheme = options[:transport] == :ssl ? 'https' : 'http'
38
- @endpoint = "#{scheme}://#{url}"
39
-
40
- opts = Hash.new
41
- opts = {
42
- user: @user,
43
- password: options[:password],
44
- basic_auth_only: options[:basic_auth_only],
45
- disable_sspi: options[:disable_sspi],
46
- no_ssl_peer_verification: options[:no_ssl_peer_verification],
47
- ssl_peer_fingerprint: options[:ssl_peer_fingerprint],
48
- endpoint: endpoint,
49
- transport: options[:transport]
50
- }
51
- options[:transport] == :kerberos ? opts.merge!({:service => options[:service], :realm => options[:realm]}) : opts.merge!({:ca_trust_path => options[:ca_trust_path]})
52
- opts[:operation_timeout] = options[:operation_timeout] if options[:operation_timeout]
53
- Chef::Log.debug("WinRM::WinRMWebService options: #{opts}")
54
- Chef::Log.debug("Endpoint: #{endpoint}")
55
- Chef::Log.debug("Transport: #{options[:transport]}")
56
-
57
- @winrm_session = WinRM::Connection.new(opts)
58
- @winrm_session.logger = Chef::Log
59
-
60
- transport = @winrm_session.send(:transport)
61
- http_client = transport.instance_variable_get(:@httpcli)
62
- Chef::HTTP::DefaultSSLPolicy.new(http_client.ssl_config).set_custom_certs
63
- end
64
-
65
- def relay_command(command)
66
- session_result = WinRM::Output.new
67
- @winrm_session.shell(*@shell_args) do |shell|
68
- shell.username = @user.split("\\").last if shell.respond_to?(:username)
69
- session_result = shell.run(command) do |stdout, stderr|
70
- print_data(@host, stdout) if stdout
71
- print_data(@host, stderr, :red) if stderr
72
- end
73
- end
74
- @exit_code = session_result.exitcode
75
- session_result
76
- end
77
-
78
- private
79
-
80
- def print_data(host, data, color = :cyan)
81
- if data =~ /\n/
82
- data.split(/\n/).each { |d| print_data(host, d, color) }
83
- elsif !data.nil?
84
- print Chef::Knife::Winrm.ui.color(host, color)
85
- puts " #{data}"
86
- end
87
- end
88
-
89
- def configure_proxy
90
- if Chef::Config.respond_to?(:export_proxies)
91
- Chef::Config.export_proxies
92
- else
93
- Chef::Application.new.configure_proxy_environment_variables
94
- end
95
- end
96
- end
97
- end
98
- end
1
+ #
2
+ # Author:: Steven Murawski <smurawski@chef.io>
3
+ # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require 'chef/application'
20
+ require 'winrm'
21
+ require 'winrm-elevated'
22
+
23
+ class Chef
24
+ class Knife
25
+ class WinrmSession
26
+ attr_reader :host, :endpoint, :port, :output, :error, :exit_code
27
+
28
+ def initialize(options)
29
+ configure_proxy
30
+
31
+ @host = options[:host]
32
+ @port = options[:port]
33
+ @user = options[:user]
34
+ @shell_args = [ options[:shell] ]
35
+ @shell_args << { codepage: options[:codepage] } if options[:shell] == :cmd
36
+ url = "#{options[:host]}:#{options[:port]}/wsman"
37
+ scheme = options[:transport] == :ssl ? 'https' : 'http'
38
+ @endpoint = "#{scheme}://#{url}"
39
+
40
+ opts = Hash.new
41
+ opts = {
42
+ user: @user,
43
+ password: options[:password],
44
+ basic_auth_only: options[:basic_auth_only],
45
+ disable_sspi: options[:disable_sspi],
46
+ no_ssl_peer_verification: options[:no_ssl_peer_verification],
47
+ ssl_peer_fingerprint: options[:ssl_peer_fingerprint],
48
+ endpoint: endpoint,
49
+ transport: options[:transport]
50
+ }
51
+ options[:transport] == :kerberos ? opts.merge!({:service => options[:service], :realm => options[:realm]}) : opts.merge!({:ca_trust_path => options[:ca_trust_path]})
52
+ opts[:operation_timeout] = options[:operation_timeout] if options[:operation_timeout]
53
+ Chef::Log.debug("WinRM::WinRMWebService options: #{opts}")
54
+ Chef::Log.debug("Endpoint: #{endpoint}")
55
+ Chef::Log.debug("Transport: #{options[:transport]}")
56
+
57
+ @winrm_session = WinRM::Connection.new(opts)
58
+ @winrm_session.logger = Chef::Log
59
+
60
+ transport = @winrm_session.send(:transport)
61
+ http_client = transport.instance_variable_get(:@httpcli)
62
+ Chef::HTTP::DefaultSSLPolicy.new(http_client.ssl_config).set_custom_certs
63
+ end
64
+
65
+ def relay_command(command)
66
+ session_result = WinRM::Output.new
67
+ @winrm_session.shell(*@shell_args) do |shell|
68
+ shell.username = @user.split("\\").last if shell.respond_to?(:username)
69
+ session_result = shell.run(command) do |stdout, stderr|
70
+ print_data(@host, stdout) if stdout
71
+ print_data(@host, stderr, :red) if stderr
72
+ end
73
+ end
74
+ @exit_code = session_result.exitcode
75
+ session_result
76
+ end
77
+
78
+ private
79
+
80
+ def print_data(host, data, color = :cyan)
81
+ if data =~ /\n/
82
+ data.split(/\n/).each { |d| print_data(host, d, color) }
83
+ elsif !data.nil?
84
+ print Chef::Knife::Winrm.ui.color(host, color)
85
+ puts " #{data}"
86
+ end
87
+ end
88
+
89
+ def configure_proxy
90
+ if Chef::Config.respond_to?(:export_proxies)
91
+ Chef::Config.export_proxies
92
+ else
93
+ Chef::Application.new.configure_proxy_environment_variables
94
+ end
95
+ end
96
+ end
97
+ end
98
+ end
@@ -1,47 +1,47 @@
1
- #
2
- # Author:: Steven Murawski (<smurawski@chef.io)
3
- # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require 'chef/knife'
20
- require 'chef/encrypted_data_bag_item'
21
- require 'kconv'
22
-
23
- class Chef
24
- class Knife
25
- module WinrmSharedOptions
26
-
27
- # Shared command line options for knife winrm and knife wsman test
28
- def self.included(includer)
29
- includer.class_eval do
30
- option :manual,
31
- :short => "-m",
32
- :long => "--manual-list",
33
- :boolean => true,
34
- :description => "QUERY is a space separated list of servers",
35
- :default => false
36
-
37
- option :attribute,
38
- :short => "-a ATTR",
39
- :long => "--attribute ATTR",
40
- :description => "The attribute to use for opening the connection - default is fqdn",
41
- :default => "fqdn"
42
- end
43
- end
44
-
45
- end
46
- end
47
- end
1
+ #
2
+ # Author:: Steven Murawski (<smurawski@chef.io)
3
+ # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require 'chef/knife'
20
+ require 'chef/encrypted_data_bag_item'
21
+ require 'kconv'
22
+
23
+ class Chef
24
+ class Knife
25
+ module WinrmSharedOptions
26
+
27
+ # Shared command line options for knife winrm and knife wsman test
28
+ def self.included(includer)
29
+ includer.class_eval do
30
+ option :manual,
31
+ :short => "-m",
32
+ :long => "--manual-list",
33
+ :boolean => true,
34
+ :description => "QUERY is a space separated list of servers",
35
+ :default => false
36
+
37
+ option :attribute,
38
+ :short => "-a ATTR",
39
+ :long => "--attribute ATTR",
40
+ :description => "The attribute to use for opening the connection - default is fqdn",
41
+ :default => "fqdn"
42
+ end
43
+ end
44
+
45
+ end
46
+ end
47
+ end
@@ -1,44 +1,44 @@
1
- #
2
- # Author:: Steven Murawski (<smurawski@chef.io)
3
- # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- class Chef
20
- class Knife
21
- class WsmanEndpoint
22
- attr_accessor :host
23
- attr_accessor :wsman_port
24
- attr_accessor :wsman_url
25
- attr_accessor :product_version
26
- attr_accessor :protocol_version
27
- attr_accessor :product_vendor
28
- attr_accessor :response_status_code
29
- attr_accessor :error_message
30
-
31
- def initialize(name, port, url)
32
- @host = name
33
- @wsman_port = port
34
- @wsman_url = url
35
- end
36
-
37
- def to_hash
38
- hash = {}
39
- instance_variables.each {|var| hash[var.to_s.delete("@")] = instance_variable_get(var) }
40
- hash
41
- end
42
- end
43
- end
44
- end
1
+ #
2
+ # Author:: Steven Murawski (<smurawski@chef.io)
3
+ # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ class Chef
20
+ class Knife
21
+ class WsmanEndpoint
22
+ attr_accessor :host
23
+ attr_accessor :wsman_port
24
+ attr_accessor :wsman_url
25
+ attr_accessor :product_version
26
+ attr_accessor :protocol_version
27
+ attr_accessor :product_vendor
28
+ attr_accessor :response_status_code
29
+ attr_accessor :error_message
30
+
31
+ def initialize(name, port, url)
32
+ @host = name
33
+ @wsman_port = port
34
+ @wsman_url = url
35
+ end
36
+
37
+ def to_hash
38
+ hash = {}
39
+ instance_variables.each {|var| hash[var.to_s.delete("@")] = instance_variable_get(var) }
40
+ hash
41
+ end
42
+ end
43
+ end
44
+ end
@@ -1,118 +1,118 @@
1
- #
2
- # Author:: Steven Murawski (<smurawski@chef.io>)
3
- # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require 'httpclient'
20
- require 'chef/knife'
21
- require 'chef/knife/winrm_knife_base'
22
- require 'chef/knife/wsman_endpoint'
23
-
24
- class Chef
25
- class Knife
26
- class WsmanTest < Knife
27
-
28
- include Chef::Knife::WinrmCommandSharedFunctions
29
-
30
- deps do
31
- require 'chef/search/query'
32
- end
33
-
34
- banner "knife wsman test QUERY (options)"
35
-
36
- def run
37
- # pass a dummy password to avoid prompt for password
38
- # but it does nothing
39
- @config[:winrm_password] = 'cute_little_kittens'
40
-
41
- configure_session
42
- verify_wsman_accessiblity_for_nodes
43
- end
44
-
45
- private
46
-
47
- def verify_wsman_accessiblity_for_nodes
48
- error_count = 0
49
- @winrm_sessions.each do |item|
50
- Chef::Log.debug("checking for WSMAN availability at #{item.endpoint}")
51
-
52
- ssl_error = nil
53
- begin
54
- response = post_identity_request(item.endpoint)
55
- ui.msg "Connected successfully to #{item.host} at #{item.endpoint}."
56
- rescue Exception => err
57
- end
58
-
59
- output_object = parse_response(item, response)
60
- output_object.error_message += "\r\nError returned from endpoint: #{err.message}" if err
61
-
62
- unless output_object.error_message.nil?
63
- ui.warn "Failed to connect to #{item.host} at #{item.endpoint}."
64
- if err && err.is_a?(OpenSSL::SSL::SSLError)
65
- ui.warn "Failure due to an issue with SSL; likely cause would be unsuccessful certificate verification."
66
- ui.warn "Either ensure your certificate is valid or use '--winrm-ssl-verify-mode verify_none' to ignore verification failures."
67
- end
68
- error_count += 1
69
- end
70
-
71
- if config[:verbosity] >= 1
72
- output(output_object)
73
- end
74
- end
75
- if error_count > 0
76
- ui.error "Failed to connect to #{error_count} nodes."
77
- exit 1
78
- end
79
- end
80
-
81
- def post_identity_request(endpoint)
82
- xml = '<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:wsmid="http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd"><s:Header/><s:Body><wsmid:Identify/></s:Body></s:Envelope>'
83
- header = {
84
- 'WSMANIDENTIFY' => 'unauthenticated',
85
- 'Content-Type' => 'application/soap+xml; charset=UTF-8'
86
- }
87
-
88
- client = HTTPClient.new
89
- Chef::HTTP::DefaultSSLPolicy.new(client.ssl_config).set_custom_certs
90
- client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE if resolve_no_ssl_peer_verification
91
- client.post(endpoint, xml, header)
92
- end
93
-
94
- def parse_response(node, response)
95
- output_object = Chef::Knife::WsmanEndpoint.new(node.host, node.port, node.endpoint)
96
- output_object.response_status_code = response.status_code unless response.nil?
97
-
98
- if response.nil? || response.status_code != 200
99
- output_object.error_message = "No valid WSMan endoint listening at #{node.endpoint}."
100
- else
101
- doc = REXML::Document.new(response.body)
102
- output_object.protocol_version = search_xpath(doc, "//wsmid:ProtocolVersion")
103
- output_object.product_version = search_xpath(doc, "//wsmid:ProductVersion")
104
- output_object.product_vendor = search_xpath(doc, "//wsmid:ProductVendor")
105
- if output_object.protocol_version.to_s.strip.length == 0
106
- output_object.error_message = "Endpoint #{node.endpoint} on #{node.host} does not appear to be a WSMAN endpoint. Response body was #{response.body}"
107
- end
108
- end
109
- output_object
110
- end
111
-
112
- def search_xpath(document, property_name)
113
- result = REXML::XPath.match(document, property_name)
114
- result[0].nil? ? '' : result[0].text
115
- end
116
- end
117
- end
118
- end
1
+ #
2
+ # Author:: Steven Murawski (<smurawski@chef.io>)
3
+ # Copyright:: Copyright (c) 2015-2016 Chef Software, Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require 'httpclient'
20
+ require 'chef/knife'
21
+ require 'chef/knife/winrm_knife_base'
22
+ require 'chef/knife/wsman_endpoint'
23
+
24
+ class Chef
25
+ class Knife
26
+ class WsmanTest < Knife
27
+
28
+ include Chef::Knife::WinrmCommandSharedFunctions
29
+
30
+ deps do
31
+ require 'chef/search/query'
32
+ end
33
+
34
+ banner "knife wsman test QUERY (options)"
35
+
36
+ def run
37
+ # pass a dummy password to avoid prompt for password
38
+ # but it does nothing
39
+ @config[:winrm_password] = 'cute_little_kittens'
40
+
41
+ configure_session
42
+ verify_wsman_accessiblity_for_nodes
43
+ end
44
+
45
+ private
46
+
47
+ def verify_wsman_accessiblity_for_nodes
48
+ error_count = 0
49
+ @winrm_sessions.each do |item|
50
+ Chef::Log.debug("checking for WSMAN availability at #{item.endpoint}")
51
+
52
+ ssl_error = nil
53
+ begin
54
+ response = post_identity_request(item.endpoint)
55
+ ui.msg "Connected successfully to #{item.host} at #{item.endpoint}."
56
+ rescue Exception => err
57
+ end
58
+
59
+ output_object = parse_response(item, response)
60
+ output_object.error_message += "\r\nError returned from endpoint: #{err.message}" if err
61
+
62
+ unless output_object.error_message.nil?
63
+ ui.warn "Failed to connect to #{item.host} at #{item.endpoint}."
64
+ if err && err.is_a?(OpenSSL::SSL::SSLError)
65
+ ui.warn "Failure due to an issue with SSL; likely cause would be unsuccessful certificate verification."
66
+ ui.warn "Either ensure your certificate is valid or use '--winrm-ssl-verify-mode verify_none' to ignore verification failures."
67
+ end
68
+ error_count += 1
69
+ end
70
+
71
+ if config[:verbosity] >= 1
72
+ output(output_object)
73
+ end
74
+ end
75
+ if error_count > 0
76
+ ui.error "Failed to connect to #{error_count} nodes."
77
+ exit 1
78
+ end
79
+ end
80
+
81
+ def post_identity_request(endpoint)
82
+ xml = '<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:wsmid="http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd"><s:Header/><s:Body><wsmid:Identify/></s:Body></s:Envelope>'
83
+ header = {
84
+ 'WSMANIDENTIFY' => 'unauthenticated',
85
+ 'Content-Type' => 'application/soap+xml; charset=UTF-8'
86
+ }
87
+
88
+ client = HTTPClient.new
89
+ Chef::HTTP::DefaultSSLPolicy.new(client.ssl_config).set_custom_certs
90
+ client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE if resolve_no_ssl_peer_verification
91
+ client.post(endpoint, xml, header)
92
+ end
93
+
94
+ def parse_response(node, response)
95
+ output_object = Chef::Knife::WsmanEndpoint.new(node.host, node.port, node.endpoint)
96
+ output_object.response_status_code = response.status_code unless response.nil?
97
+
98
+ if response.nil? || response.status_code != 200
99
+ output_object.error_message = "No valid WSMan endoint listening at #{node.endpoint}."
100
+ else
101
+ doc = REXML::Document.new(response.body)
102
+ output_object.protocol_version = search_xpath(doc, "//wsmid:ProtocolVersion")
103
+ output_object.product_version = search_xpath(doc, "//wsmid:ProductVersion")
104
+ output_object.product_vendor = search_xpath(doc, "//wsmid:ProductVendor")
105
+ if output_object.protocol_version.to_s.strip.length == 0
106
+ output_object.error_message = "Endpoint #{node.endpoint} on #{node.host} does not appear to be a WSMAN endpoint. Response body was #{response.body}"
107
+ end
108
+ end
109
+ output_object
110
+ end
111
+
112
+ def search_xpath(document, property_name)
113
+ result = REXML::XPath.match(document, property_name)
114
+ result[0].nil? ? '' : result[0].text
115
+ end
116
+ end
117
+ end
118
+ end