Examples of com.intel.mtwilson.datatypes.InternetAddress

• com.intel.mtwilson.datatypes.InternetAddress
  An Internet Address can be a hostname, FQDN, IPv4, or IPv6 address. If any other addressing schemes are used and can be used to route packets or translated to an address that can be used to route packets, they should be added here. This class is intended as a multi-use container: the operator can use whatever addressing scheme is prevalent in the environment. The same input is returned by toString(). A note about the name: a network address commonly refers to the first 16 bits of an IP address; a subnet address commonly refers to the next 8 bits, and a host address commonly refers to the last 8 bits of an IP address. Oftentimes the terms network address and host address are used loosely to refer to the entire IP address or to a hostname or DNS name. @author jbuhacoff

     * @param host
     * @return
     */
    public HashMap<String, ? extends IManifest> getManifest(TblHosts host) {
        try {
            InternetAddress hostAddress = new InternetAddress(host.getName());
            String connectionString = getConnectionString(host);
            String tlsPolicyName = host.getTlsPolicyName() == null ? "TRUST_FIRST_CERTIFICATE" : host.getTlsPolicyName(); // txtHost.getTlsPolicy();  // XXX TODO TxtHost doesn't have this field yet
//            ByteArrayResource resource = new ByteArrayResource(host.getTlsKeystore() == null ? new byte[0] : host.getTlsKeystore()); // XXX TODO it's the responsibility of the caller to save the TblHosts record after calling this method if the policy is trust first certificate ; we need to get tie the keystore to the database, especially for TRUST_FIRST_CERTIFICATE, so if it's the first connection we can save the certificate back to the database after connecting
            String password = "password"; // XXX TODO uh oh... opening a keystore requires a password, so we can verify its signed contents, which is important. putting the password in the txthost record won't be secure.  password needs to  come from attestation service configuration - or from the user.  this isn't an issue for the factory because the factory is supposed to get the keystore AFTER it has been opened with the password.  but when this code moves to the JPA/DAO/Repository layer, we'll need to have a password from somewhere.
            SimpleKeystore tlsKeystore = new SimpleKeystore(host.getTlsKeystoreResource(), password); // XXX TODO see above commment about password;  the per-host trusted certificates keystore has to either be protected by a password known to all mt wilson instances (stored in database or sync'd across each server's configuration files) or it has to be protected by a group secret known to all authorized clients (and then we need a mechanism for the api client to send us the secret in the request, and a way get secrets in and out of api client's keystore so it can be sync'd across the authorized group of clients) or we can just not store it encrypted and use a pem-format keystore instead of a java KeyStore

     * @param txtHost must have Name, AddOnConnectionInfo, SSLPolicy, and SSLCertificate fields set
     * @return
     */
    public HostAgent getHostAgent(TblHosts host) {
        try {
            InternetAddress hostAddress = new InternetAddress(host.getName()); // switching from Hostname to InternetAddress (better support for both hostname and ip address)
            // here we figure out if it's vmware or intel  and ensure we have a valid connection string starting with the vendor scheme.  XXX TODO should not be here, everyone should have valid connection strings like vmware:*, intel:*, citrix:*, etc.
            // no special case for citrix, since that support was added recently they should always come with citrix: prepended.
            String connectionString = getConnectionString(host);
            TlsPolicy tlsPolicy = getTlsPolicy(host);
            return getHostAgent(hostAddress, connectionString, tlsPolicy); // XXX TODO need to have a way for the agent using trust-first-certificate to save a new certificate to the TblHosts record... right now it is lost.