etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug 13741: Added new Config category Secure. Any config in secure category will encrypted along with the Hidden category configs 

Status 13741: resolved fixed
Reviewed-By: Nitin
This commit is contained in:
kishan 2012-02-17 16:41:38 +05:30
parent eee03d4426
commit aec1204eb2
6 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/com/cloud/configuration/ConfigurationVO.java
View File

@ -91,7 +91,7 @@ public class ConfigurationVO implements Configuration{
}
public String getValue() {
return ("Hidden".equals(getCategory()) ? DBEncryptionUtil.decrypt(value) : value);
return (("Hidden".equals(getCategory()) || "Secure".equals(getCategory())) ? DBEncryptionUtil.decrypt(value) : value);
}
public void setValue(String value) {

7
server/src/com/cloud/configuration/Config.java
View File

@ -43,7 +43,7 @@ public enum Config {
AlertEmailAddresses("Alert", ManagementServer.class, String.class, "alert.email.addresses", null, "Comma separated list of email addresses used for sending alerts.", null),
AlertEmailSender("Alert", ManagementServer.class, String.class, "alert.email.sender", null, "Sender of alert email (will be in the From header of the email).", null),
AlertSMTPHost("Alert", ManagementServer.class, String.class, "alert.smtp.host", null, "SMTP hostname used for sending out email alerts.", null),
AlertSMTPPassword("Alert", ManagementServer.class, String.class, "alert.smtp.password", null, "Password for SMTP authentication (applies only if alert.smtp.useAuth is true).", null),
AlertSMTPPassword("Secure", ManagementServer.class, String.class, "alert.smtp.password", null, "Password for SMTP authentication (applies only if alert.smtp.useAuth is true).", null),
AlertSMTPPort("Alert", ManagementServer.class, Integer.class, "alert.smtp.port", "465", "Port the SMTP server is listening on.", null),
AlertSMTPUseAuth("Alert", ManagementServer.class, String.class, "alert.smtp.useAuth", null, "If true, use SMTP authentication when sending emails.", null),
AlertSMTPUsername("Alert", ManagementServer.class, String.class, "alert.smtp.username", null, "Username for SMTP authentication (applies only if alert.smtp.useAuth is true).", null),
@ -84,7 +84,7 @@ public enum Config {
// Network
NetworkLBHaproxyStatsVisbility("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.visibility", "global", "Load Balancer(haproxy) stats visibilty, the value can be one of the following six parameters : global,guest-network,link-local,disabled,all,default", null),
NetworkLBHaproxyStatsUri("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.uri","/admin?stats","Load Balancer(haproxy) uri.",null),
NetworkLBHaproxyStatsAuth("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.auth","admin1:AdMiN123","Load Balancer(haproxy) authetication string in the format username:password",null),
NetworkLBHaproxyStatsAuth("Secure", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.auth","admin1:AdMiN123","Load Balancer(haproxy) authetication string in the format username:password",null),
NetworkLBHaproxyStatsPort("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.port","8081","Load Balancer(haproxy) stats port number.",null),
NetworkRouterRpFilter("Network", ManagementServer.class, Integer.class, "network.disable.rpfilter", "true", "disable rp_filter on Domain Router VM public interfaces.", null),
@ -327,7 +327,7 @@ public enum Config {
ProjectEmailSender("Project Defaults", ManagementServer.class, String.class, "project.email.sender", null, "Sender of project invitation email (will be in the From header of the email)", null),
ProjectSMTPHost("Project Defaults", ManagementServer.class, String.class, "project.smtp.host", null, "SMTP hostname used for sending out email project invitations", null),
ProjectSMTPPassword("Project Defaults", ManagementServer.class, String.class, "project.smtp.password", null, "Password for SMTP authentication (applies only if project.smtp.useAuth is true)", null),
ProjectSMTPPassword("Secure", ManagementServer.class, String.class, "project.smtp.password", null, "Password for SMTP authentication (applies only if project.smtp.useAuth is true)", null),
ProjectSMTPPort("Project Defaults", ManagementServer.class, Integer.class, "project.smtp.port", "465", "Port the SMTP server is listening on", null),
ProjectSMTPUseAuth("Project Defaults", ManagementServer.class, String.class, "project.smtp.useAuth", null, "If true, use SMTP authentication when sending emails", null),
ProjectSMTPUsername("Project Defaults", ManagementServer.class, String.class, "project.smtp.username", null, "Username for SMTP authentication (applies only if project.smtp.useAuth is true)", null),
@ -360,6 +360,7 @@ public enum Config {
_configs.put("Hidden", new ArrayList<Config>());
_configs.put("Account Defaults", new ArrayList<Config>());
_configs.put("Project Defaults", new ArrayList<Config>());
_configs.put("Secure", new ArrayList<Config>());
// Add values into HashMap
for (Config c : Config.values()) {

6
server/src/com/cloud/configuration/dao/ConfigurationDaoImpl.java
View File

@ -142,7 +142,7 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
public boolean update(String name, String category, String value) {
Transaction txn = Transaction.currentTxn();
try {
value = "Hidden".equals(category) ? DBEncryptionUtil.encrypt(value) : value;
value = ("Hidden".equals(category) || "Secure".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
PreparedStatement stmt = txn.prepareStatement(UPDATE_CONFIGURATION_SQL);
stmt.setString(1, value);
stmt.setString(2, name);
@ -176,7 +176,7 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
returnValue = rs.getString(1);
if(returnValue != null) {
txn.commit();
if("Hidden".equals(category)){
if("Hidden".equals(category) || "Secure".equals(category)){
return DBEncryptionUtil.decrypt(returnValue);
} else {
return returnValue;
@ -188,7 +188,7 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
}
stmt.close();
if("Hidden".equals(category)){
if("Hidden".equals(category) || "Secure".equals(category)){
initValue = DBEncryptionUtil.encrypt(initValue);
}
stmtInsert = txn.prepareAutoCloseStatement(

2
server/src/com/cloud/server/ConfigurationServerImpl.java
View File

@ -179,7 +179,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
String instance = "DEFAULT";
String component = c.getComponent();
String value = c.getDefaultValue();
value = ("Hidden".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
value = ("Hidden".equals(category) || "Secure".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
String description = c.getDescription();
ConfigurationVO configVO = new ConfigurationVO(category, instance, component, name, value, description);
_configDao.persist(configVO);

2
server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
View File

@ -354,7 +354,7 @@ public class Upgrade2214to30 implements DbUpgrade {
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
pstmt = conn.prepareStatement("select name, value from configuration where category = 'Hidden'");
pstmt = conn.prepareStatement("select name, value from configuration where category in ('Hidden', 'Secure')");
rs = pstmt.executeQuery();
while (rs.next()) {
String name = rs.getString(1);

2
utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChanger.java
View File

@ -271,7 +271,7 @@ public class EncryptionSecretKeyChanger {
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
pstmt = conn.prepareStatement("select name, value from configuration where category = 'Hidden'");
pstmt = conn.prepareStatement("select name, value from configuration where category in ('Hidden', 'Secure')");
rs = pstmt.executeQuery();
while (rs.next()) {
String name = rs.getString(1);