[pve-devel] [PATCH cluster 4/4] get_remote_info: also return FP if available

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue Apr 13 14:16:28 CEST 2021


Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 data/PVE/RemoteConfig.pm | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/data/PVE/RemoteConfig.pm b/data/PVE/RemoteConfig.pm
index 563e5c1..c4b8499 100644
--- a/data/PVE/RemoteConfig.pm
+++ b/data/PVE/RemoteConfig.pm
@@ -191,7 +191,8 @@ sub get_remote_info {
 	port => 8006,
     };
 
-    if (my $fp = $api_node->{fingerprint}) {
+    my $fp;
+    if ($fp = $api_node->{fingerprint}) {
 	$conn_args->{cached_fingerprints} = { uc($fp) => 1 };
     } else {
 	# FIXME add proper parameter to APIClient
@@ -207,14 +208,24 @@ sub get_remote_info {
 
     my $conn = PVE::APIClient::LWP->new(%$conn_args);
 
-
     my $args = {};
     $args->{cidr} = $network_cidr if $network_cidr;
 
-    print "Request IP information of node '$node'\n";
-    my $res = $conn->get("/nodes/$node/addr", $args);
+    print "Requesting IP information of node '$node'\n";
+    my $ips = $conn->get("/nodes/$node/addr", $args);
+
+    if ($host ne $node) {
+	print "Requesting certificate information of node '$node'\n";
+	my $cert_info = $conn->get("/nodes/$node/certificates/info");
+	foreach my $cert (@$cert_info) {
+	    $fp = $cert->{fingerprint} if $cert->{filename} ne 'pve-root-ca.pem';
+	    last if $cert->{filename} eq 'pveproxy-ssl.pem';
+	}
+    }
+
+    $fp = uc($fp) if $fp;
 
-    return ($res, $conn_args);
+    return ($ips, $fp, $conn_args);
 }
 
 sub complete_remote_cluster {
-- 
2.20.1





More information about the pve-devel mailing list