From aec1204eb2b4958734951d85f1a759f42a54916c Mon Sep 17 00:00:00 2001
From: kishan <kishan@cloud.com>
Date: Fri, 17 Feb 2012 16:41:38 +0530
Subject: [PATCH] Bug 13741: Added new Config category Secure. Any config in
 secure category will encrypted along with the Hidden category configs Status
 13741: resolved fixed Reviewed-By: Nitin

---
 core/src/com/cloud/configuration/ConfigurationVO.java      | 2 +-
 server/src/com/cloud/configuration/Config.java             | 7 ++++---
 .../com/cloud/configuration/dao/ConfigurationDaoImpl.java  | 6 +++---
 server/src/com/cloud/server/ConfigurationServerImpl.java   | 2 +-
 server/src/com/cloud/upgrade/dao/Upgrade2214to30.java      | 2 +-
 .../com/cloud/utils/crypt/EncryptionSecretKeyChanger.java  | 2 +-
 6 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/core/src/com/cloud/configuration/ConfigurationVO.java b/core/src/com/cloud/configuration/ConfigurationVO.java
index 3ddcbe1e307..2e9cf3d6b41 100644
--- a/core/src/com/cloud/configuration/ConfigurationVO.java
+++ b/core/src/com/cloud/configuration/ConfigurationVO.java
@@ -91,7 +91,7 @@ public class ConfigurationVO implements Configuration{
 	}
 
 	public String getValue() {
-		return ("Hidden".equals(getCategory()) ? DBEncryptionUtil.decrypt(value) : value);
+		return (("Hidden".equals(getCategory()) || "Secure".equals(getCategory())) ? DBEncryptionUtil.decrypt(value) : value);
 	}
 	
 	public void setValue(String value) {
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index e9190a41931..6a071bb4790 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -43,7 +43,7 @@ public enum Config {
 	AlertEmailAddresses("Alert", ManagementServer.class, String.class, "alert.email.addresses", null, "Comma separated list of email addresses used for sending alerts.", null),
 	AlertEmailSender("Alert", ManagementServer.class, String.class, "alert.email.sender", null, "Sender of alert email (will be in the From header of the email).", null),
 	AlertSMTPHost("Alert", ManagementServer.class, String.class, "alert.smtp.host", null, "SMTP hostname used for sending out email alerts.", null),
-	AlertSMTPPassword("Alert", ManagementServer.class, String.class, "alert.smtp.password", null, "Password for SMTP authentication (applies only if alert.smtp.useAuth is true).", null),
+	AlertSMTPPassword("Secure", ManagementServer.class, String.class, "alert.smtp.password", null, "Password for SMTP authentication (applies only if alert.smtp.useAuth is true).", null),
 	AlertSMTPPort("Alert", ManagementServer.class, Integer.class, "alert.smtp.port", "465", "Port the SMTP server is listening on.", null),
 	AlertSMTPUseAuth("Alert", ManagementServer.class, String.class, "alert.smtp.useAuth", null, "If true, use SMTP authentication when sending emails.", null),
 	AlertSMTPUsername("Alert", ManagementServer.class, String.class, "alert.smtp.username", null, "Username for SMTP authentication (applies only if alert.smtp.useAuth is true).", null),
@@ -84,7 +84,7 @@ public enum Config {
 	// Network
 	NetworkLBHaproxyStatsVisbility("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.visibility", "global", "Load Balancer(haproxy) stats visibilty, the value can be one of the following six parameters : global,guest-network,link-local,disabled,all,default", null),
 	NetworkLBHaproxyStatsUri("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.uri","/admin?stats","Load Balancer(haproxy) uri.",null),
-	NetworkLBHaproxyStatsAuth("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.auth","admin1:AdMiN123","Load Balancer(haproxy) authetication string in the format username:password",null),
+	NetworkLBHaproxyStatsAuth("Secure", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.auth","admin1:AdMiN123","Load Balancer(haproxy) authetication string in the format username:password",null),
 	NetworkLBHaproxyStatsPort("Network", ManagementServer.class, String.class, "network.loadbalancer.haproxy.stats.port","8081","Load Balancer(haproxy) stats port number.",null),		
 	NetworkRouterRpFilter("Network", ManagementServer.class, Integer.class, "network.disable.rpfilter", "true", "disable rp_filter on Domain Router VM public interfaces.", null),
     
@@ -327,7 +327,7 @@ public enum Config {
     
     ProjectEmailSender("Project Defaults", ManagementServer.class, String.class, "project.email.sender", null, "Sender of project invitation email (will be in the From header of the email)", null),
     ProjectSMTPHost("Project Defaults", ManagementServer.class, String.class, "project.smtp.host", null, "SMTP hostname used for sending out email project invitations", null),
-    ProjectSMTPPassword("Project Defaults", ManagementServer.class, String.class, "project.smtp.password", null, "Password for SMTP authentication (applies only if project.smtp.useAuth is true)", null),
+    ProjectSMTPPassword("Secure", ManagementServer.class, String.class, "project.smtp.password", null, "Password for SMTP authentication (applies only if project.smtp.useAuth is true)", null),
     ProjectSMTPPort("Project Defaults", ManagementServer.class, Integer.class, "project.smtp.port", "465", "Port the SMTP server is listening on", null),
     ProjectSMTPUseAuth("Project Defaults", ManagementServer.class, String.class, "project.smtp.useAuth", null, "If true, use SMTP authentication when sending emails", null),
     ProjectSMTPUsername("Project Defaults", ManagementServer.class, String.class, "project.smtp.username", null, "Username for SMTP authentication (applies only if project.smtp.useAuth is true)", null),
@@ -360,6 +360,7 @@ public enum Config {
     	_configs.put("Hidden", new ArrayList<Config>());
     	_configs.put("Account Defaults", new ArrayList<Config>());
     	_configs.put("Project Defaults", new ArrayList<Config>());
+    	_configs.put("Secure", new ArrayList<Config>());
     	
     	// Add values into HashMap
         for (Config c : Config.values()) {
diff --git a/server/src/com/cloud/configuration/dao/ConfigurationDaoImpl.java b/server/src/com/cloud/configuration/dao/ConfigurationDaoImpl.java
index 88b615eddda..68ce1f39bd2 100644
--- a/server/src/com/cloud/configuration/dao/ConfigurationDaoImpl.java
+++ b/server/src/com/cloud/configuration/dao/ConfigurationDaoImpl.java
@@ -142,7 +142,7 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
     public boolean update(String name, String category, String value) {
     	Transaction txn = Transaction.currentTxn();
 		try {
-			value = "Hidden".equals(category) ? DBEncryptionUtil.encrypt(value) : value;
+			value = ("Hidden".equals(category) || "Secure".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
 			PreparedStatement stmt = txn.prepareStatement(UPDATE_CONFIGURATION_SQL);
 			stmt.setString(1, value);
 			stmt.setString(2, name);
@@ -176,7 +176,7 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
 				returnValue =  rs.getString(1);
 				if(returnValue != null) {
 					txn.commit();
-					if("Hidden".equals(category)){
+					if("Hidden".equals(category) || "Secure".equals(category)){
 						return DBEncryptionUtil.decrypt(returnValue);
 					} else {
 						return returnValue;
@@ -188,7 +188,7 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
 			}
 			stmt.close();
 
-			if("Hidden".equals(category)){
+			if("Hidden".equals(category) || "Secure".equals(category)){
 				initValue = DBEncryptionUtil.encrypt(initValue);
 			}
 			stmtInsert = txn.prepareAutoCloseStatement(
diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java b/server/src/com/cloud/server/ConfigurationServerImpl.java
index 42a23b81dea..43126b036cc 100755
--- a/server/src/com/cloud/server/ConfigurationServerImpl.java
+++ b/server/src/com/cloud/server/ConfigurationServerImpl.java
@@ -179,7 +179,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
                     String instance = "DEFAULT";
                     String component = c.getComponent();
                     String value = c.getDefaultValue();
-                    value = ("Hidden".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
+                    value = ("Hidden".equals(category) || "Secure".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
                     String description = c.getDescription();
                     ConfigurationVO configVO = new ConfigurationVO(category, instance, component, name, value, description);
                     _configDao.persist(configVO);
diff --git a/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java b/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
index 8eea2304c6c..da6d0acbeb3 100644
--- a/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
+++ b/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
@@ -354,7 +354,7 @@ public class Upgrade2214to30 implements DbUpgrade {
         PreparedStatement pstmt = null;
         ResultSet rs = null;
         try {
-            pstmt = conn.prepareStatement("select name, value from configuration where category = 'Hidden'");
+            pstmt = conn.prepareStatement("select name, value from configuration where category in ('Hidden', 'Secure')");
             rs = pstmt.executeQuery();
             while (rs.next()) {
                 String name = rs.getString(1);
diff --git a/utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChanger.java b/utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChanger.java
index 55d4913cff5..c2297b30f5e 100755
--- a/utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChanger.java
+++ b/utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChanger.java
@@ -271,7 +271,7 @@ public class EncryptionSecretKeyChanger {
 		PreparedStatement pstmt = null;
 		ResultSet rs = null;
 		try {
-			pstmt = conn.prepareStatement("select name, value from configuration where category = 'Hidden'");
+			pstmt = conn.prepareStatement("select name, value from configuration where category in ('Hidden', 'Secure')");
 			rs = pstmt.executeQuery();
 			while (rs.next()) {
 				String name = rs.getString(1);