etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug CS-15221: Encrypt config value before changing category to Hidden. Regression due to af1fc1cf5d361cb6d43e0107a644c42f645a0ccc 

status CS-15221: resolved fixed
reviewed-by: Nitin
This commit is contained in:
kishan 2012-06-05 14:41:06 +05:30
parent 5ac297f88e
commit c4cf065a3f
2 changed files with 42 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
server/src/com/cloud/upgrade/dao/Upgrade302to303.java
View File

@ -16,6 +16,7 @@ package com.cloud.upgrade.dao;
* @author Alena Prokharchyk
*/
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
@ -25,6 +26,7 @@ import java.util.UUID;
import org.apache.log4j.Logger;
//
import com.cloud.dc.DataCenter.NetworkType;
import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.script.Script;
@ -59,6 +61,7 @@ public class Upgrade302to303 implements DbUpgrade {
@Override
public void performDataMigration(Connection conn) {
setupExternalNetworkDevices(conn);
encryptConfig(conn);
}
private void setupExternalNetworkDevices(Connection conn) {
@ -249,6 +252,45 @@ public class Upgrade302to303 implements DbUpgrade {
}
}
private void encryptConfig(Connection conn){
//Encrypt config params and change category to Hidden
s_logger.debug("Encrypting Config values");
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
pstmt = conn.prepareStatement("select name, value from `cloud`.`configuration` where name in ('router.ram.size', 'secondary.storage.vm', 'security.hash.key') and category <> 'Hidden'");
rs = pstmt.executeQuery();
while (rs.next()) {
String name = rs.getString(1);
String value = rs.getString(2);
if (value == null) {
continue;
}
String encryptedValue = DBEncryptionUtil.encrypt(value);
pstmt = conn.prepareStatement("update `cloud`.`configuration` set value=?, category = 'Hidden' where name=?");
pstmt.setBytes(1, encryptedValue.getBytes("UTF-8"));
pstmt.setString(2, name);
pstmt.executeUpdate();
}
} catch (SQLException e) {
throw new CloudRuntimeException("Unable encrypt configuration values ", e);
} catch (UnsupportedEncodingException e) {
throw new CloudRuntimeException("Unable encrypt configuration values ", e);
} finally {
try {
if (rs != null) {
rs.close();
}
if (pstmt != null) {
pstmt.close();
}
} catch (SQLException e) {
}
}
s_logger.debug("Done encrypting Config values");
}
@Override
public File[] getCleanupScripts() {
return null;

3
setup/db/db/schema-302to303.sql
View File

@ -105,9 +105,6 @@ UPDATE `cloud`.`configuration` set component='NetworkManager' where name='router
UPDATE `cloud`.`configuration` set component='NetworkManager' where name='router.template.id';
UPDATE `cloud`.`configuration` set category='Advanced' where name='capacity.skipcounting.hours';
UPDATE `cloud`.`configuration` set category='Advanced' where name='use.local.storage';
UPDATE `cloud`.`configuration` set category='Hidden' where name='router.ram.size';
UPDATE `cloud`.`configuration` set category='Hidden' where name='secondary.storage.vm';
UPDATE `cloud`.`configuration` set category='Hidden' where name='security.hash.key';
UPDATE `cloud`.`configuration` set description = 'Percentage (as a value between 0 and 1) of local storage utilization above which alerts will be sent about low local storage available.' where name = 'cluster.localStorage.capacity.notificationthreshold';
DELETE FROM `cloud`.`configuration` WHERE name='direct.agent.pool.size';