From 8ab5b8d4ce2be24c3557020a122e20a4832c7122 Mon Sep 17 00:00:00 2001 From: Yann Dirson Date: Mon, 16 Sep 2024 15:42:57 +0200 Subject: [PATCH] Upgrade: forbid upgrading with a key XAPI will reject XAPI now rejects the default keysize of 7.x era, which must be regenerated before upgrading to 8.3. Let the installer refuse to initiate a situation where a Rolling Pool Upgrade would be unable to proceed, with not-yet-updated slaves holding the running VMs getting refused connection to the updated part of the pool. Signed-off-by: Yann Dirson --- constants.py | 3 +++ upgrade.py | 12 ++++++++++++ 2 files changed, 15 insertions(+) diff --git a/constants.py b/constants.py index 770ba96b..a41f6ee0 100644 --- a/constants.py +++ b/constants.py @@ -196,3 +196,6 @@ def error_string(error, logname, with_hd): # Error partitioning disk as in use PARTITIONING_ERROR = \ 'The disk appears to be in use and partition changes cannot be applied. Reboot and repeat the installation' + +# crypto configuration +MIN_KEY_SIZE = 2048 diff --git a/upgrade.py b/upgrade.py index 721aea23..4151ec8c 100644 --- a/upgrade.py +++ b/upgrade.py @@ -4,6 +4,8 @@ import re import shutil +from OpenSSL import crypto + import diskutil import product from xcp.version import * @@ -206,11 +208,21 @@ def __init__(self, source): input_data = util.readKeyValueFile(default_storage_conf_path) self.storage_type = input_data['TYPE'] + self.key_size = None + cert_path = os.path.join(primary_fs.mount_point, "etc/xensource/xapi-ssl.pem") + with open(cert_path, "r") as cert_file: + cert_text = cert_file.read() + cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_text) + self.key_size = cert.get_pubkey().bits() + logger.info("ExistingInstallation %s: certificate key size %s", source, self.key_size) + primary_fs.unmount() def testUpgradeForbidden(self, tool): if tool.partTableType == constants.PARTITION_DOS: raise RuntimeError("Upgrade from a DOS partition type is not supported.") + if self.key_size < constants.MIN_KEY_SIZE: + raise RuntimeError("Current server certificate is too small (%s bits), please regenerate with at least %s bits." % (self.key_size, constants.MIN_KEY_SIZE)) prepTargetStateChanges = [] prepTargetArgs = ['primary-disk', 'target-boot-mode', 'boot-partnum', 'primary-partnum', 'logs-partnum', 'swap-partnum', 'storage-partnum']