From 16016785cb725ca619aefa4c809847a7c880ca9e Mon Sep 17 00:00:00 2001
From: siddheshwar-more <siddheshwar.more@clogeny.com>
Date: Mon, 27 Jan 2014 17:57:46 +0530
Subject: [PATCH] Added basic auth option to enable basic authentication for
 winrm

---
 ec2-user-data/winrm-http.erb        | 2 ++
 lib/chef/knife/ec2_server_create.rb | 8 +++++++-
 spec/unit/ec2_server_create_spec.rb | 7 +++++++
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/ec2-user-data/winrm-http.erb b/ec2-user-data/winrm-http.erb
index bac64422..71cd9834 100644
--- a/ec2-user-data/winrm-http.erb
+++ b/ec2-user-data/winrm-http.erb
@@ -7,6 +7,8 @@
     winrm quickconfig -q
     winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}'
     winrm set winrm/config '@{MaxTimeoutms="1800000"}'
+    <%= "winrm set winrm/config/service '@{AllowUnencrypted=\"true\"}'
+    winrm set winrm/config/service/auth '@{Basic=\"true\"}'" if defined?(basic_auth) && basic_auth %>
     
     echo "winrm e winrm/config/listener" >> $env:temp\knife-ec2-user-data.log
     winrm e winrm/config/listener >> $env:temp\knife-ec2-user-data.log
diff --git a/lib/chef/knife/ec2_server_create.rb b/lib/chef/knife/ec2_server_create.rb
index d635f44b..4f9207e0 100644
--- a/lib/chef/knife/ec2_server_create.rb
+++ b/lib/chef/knife/ec2_server_create.rb
@@ -284,6 +284,12 @@ class Ec2ServerCreate < Knife
         :boolean => true,
         :default => false
 
+      option :basic_auth,
+        :long => "--basic-auth",
+        :description => "Enable Basic authentication for winrm on VM. Default is false",
+        :boolean => true,
+        :default => false
+
     def tcp_test_winrm(ip_addr, port)
       tcp_socket = TCPSocket.new(ip_addr, port)
       yield
@@ -710,7 +716,7 @@ def load_windows_user_data
               })
           else
             winrm_cfg_ps = ERBHelpers::ERBCompiler.run(
-              File.read(File.join(user_data_scripts_dir, "winrm-http.erb")), {})
+              File.read(File.join(user_data_scripts_dir, "winrm-http.erb")), {:basic_auth => locate_config_value(:basic_auth)})
           end
         end
 
diff --git a/spec/unit/ec2_server_create_spec.rb b/spec/unit/ec2_server_create_spec.rb
index 1665dd24..0fc0b9dd 100644
--- a/spec/unit/ec2_server_create_spec.rb
+++ b/spec/unit/ec2_server_create_spec.rb
@@ -672,6 +672,13 @@
           server_def[:user_data].should include("$fwpolicy.Rules.Add($fwrule)")
         end
 
+        it "enable basic authentication for winrm on --basic-auth CLI option set" do
+          @knife_ec2_create.config[:basic_auth] = true
+          server_def = @knife_ec2_create.create_server_def
+          server_def[:user_data].should include("winrm set winrm/config/service '@{AllowUnencrypted=\"true\"}'")
+          server_def[:user_data].should include("winrm set winrm/config/service/auth '@{Basic=\"true\"}'")
+        end
+
         context "winrm-transport set to ssl" do
           before(:each) do
             @knife_ec2_create.config[:winrm_transport] = "ssl"