Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / bcfa06d55c3c79ca6f069ff27531aba3323154a9^! / .
commitbcfa06d55c3c79ca6f069ff27531aba3323154a9[log] [tgz]
authorRodolfo Alonso Hernandez <ralonsoh@redhat.com>Wed Jan 22 17:29:18 2020 +0000
committerRodolfo Alonso Hernandez <ralonsoh@redhat.com>Wed Feb 12 09:44:05 2020 +0000
tree82e9cfc32bf8cce1846b37071bc49e39623ae0a8
parentd43223773d75d2e82fb33a1281038e611c41d0f3 [diff]
Prevent SSH client proxy loops

Avoid creating a SSH client with a proxy client having the same
connection parameters. This will prevent from creating a SSH tunnel
within the same client.

This patch also provides aditional information in the exception
message, in case of SSH connection error, about the proxy client
configured in the SSH client.

Change-Id: I4fcffb7e26b0adc0e39dc13085f93db6495c3bd6
Related-Bug: #1860586

diff --git a/tempest/lib/common/ssh.py b/tempest/lib/common/ssh.py
index 2ac1605..3a05f27 100644
--- a/tempest/lib/common/ssh.py
+++ b/tempest/lib/common/ssh.py

@@ -75,6 +75,11 @@
         self.channel_timeout = float(channel_timeout)
         self.buf_size = 1024
         self.proxy_client = proxy_client
+        if (self.proxy_client and self.proxy_client.host == self.host and
+                self.proxy_client.port == self.port and
+                self.proxy_client.username == self.username):
+            raise exceptions.SSHClientProxyClientLoop(
+                host=self.host, port=self.port, username=self.username)
         self._proxy_conn = None
 
     def _get_ssh_connection(self, sleep=1.5, backoff=1):
@@ -114,8 +119,10 @@
                 ssh.close()
                 if self._is_timed_out(_start_time):
                     LOG.exception("Failed to establish authenticated ssh"
-                                  " connection to %s@%s after %d attempts",
-                                  self.username, self.host, attempts)
+                                  " connection to %s@%s after %d attempts. "
+                                  "Proxy client: %s",
+                                  self.username, self.host, attempts,
+                                  self._get_proxy_client_info())
                     raise exceptions.SSHTimeout(host=self.host,
                                                 user=self.username,
                                                 password=self.password)
@@ -219,3 +226,13 @@
         cmd = 'nc %s %s' % (self.host, self.port)
         chan.exec_command(cmd)
         return chan
+
+    def _get_proxy_client_info(self):
+        if not self.proxy_client:
+            return 'no proxy client'
+        nested_pclient = self.proxy_client._get_proxy_client_info()
+        return ('%(username)s@%(host)s:%(port)s, nested proxy client: '
+                '%(nested_pclient)s' % {'username': self.proxy_client.username,
+                                        'host': self.proxy_client.host,
+                                        'port': self.proxy_client.port,
+                                        'nested_pclient': nested_pclient})

diff --git a/tempest/lib/exceptions.py b/tempest/lib/exceptions.py
index 13af890..0b21562 100644
--- a/tempest/lib/exceptions.py
+++ b/tempest/lib/exceptions.py

@@ -251,6 +251,11 @@
                "stdout:\n%(stdout)s")
 
 
+class SSHClientProxyClientLoop(TempestException):
+    message = ("SSH client proxy client has same host: %(host)s, port: "
+               "%(port)s and username: %(username)s as parent")
+
+
 class UnknownServiceClient(TempestException):
     message = "Service clients named %(services)s are not known"