mirror of https://github.com/apache/cloudstack.git
sensitive information leak to log (#12018)
* sensitive information leak to log * Update agent/src/main/java/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java * Update core/src/main/java/com/cloud/storage/template/HttpTemplateDownloader.java * Update engine/schema/src/main/java/com/cloud/upgrade/DatabaseCreator.java * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalDnsmasqResource.java * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalDnsmasqResource.java * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalKickStartPxeResource.java * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalPingPxeResource.java * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalPingPxeResource.java * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalPingPxeResource.java * Update utils/src/main/java/com/cloud/utils/UriUtils.java Co-authored-by: dahn <daan.hoogland@gmail.com> * Update plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/networkservice/BaremetalKickStartPxeResource.java Co-authored-by: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com> * Sync with 4.20 and fix conflict in BaremetalPingPxeResource * Apply suggestions from code review Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com> --------- Co-authored-by: chenyoulong20g@ict.ac.cn <chenyoulong20g@ict.ac.cn> Co-authored-by: dahn <daan.hoogland@gmail.com> Co-authored-by: dahn <daan@onecht.net> Co-authored-by: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com> Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
This commit is contained in:
Edward-x
GitHub
parent
c0b5358d8e
commit
dd0b863e22
|
|
@ -331,7 +331,7 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
|
|||
final Object resource = this;
|
||||
logger.info("Building class loader for com.cloud.consoleproxy.ConsoleProxy");
|
||||
if (consoleProxyMain == null) {
|
||||
logger.info("Running com.cloud.consoleproxy.ConsoleProxy with encryptor password={}", encryptorPassword);
|
||||
logger.info("Running com.cloud.consoleproxy.ConsoleProxy");
|
||||
consoleProxyMain = new Thread(new ManagedContextRunnable() {
|
||||
@Override
|
||||
protected void runInContext() {
|
||||
|
|
|
|||
|
|
@ -46,10 +46,10 @@ public class BaremetalDnsmasqResource extends BaremetalDhcpResourceBase {
|
|||
com.trilead.ssh2.Connection sshConnection = null;
|
||||
try {
|
||||
super.configure(name, params);
|
||||
logger.debug(String.format("Trying to connect to DHCP server(IP=%1$s, username=%2$s, password=%3$s)", _ip, _username, _password));
|
||||
logger.debug(String.format("Trying to connect to DHCP server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
sshConnection = SSHCmdHelper.acquireAuthorizedConnection(_ip, _username, _password);
|
||||
if (sshConnection == null) {
|
||||
throw new ConfigurationException(String.format("Cannot connect to DHCP server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
throw new ConfigurationException(String.format("Cannot connect to DHCP server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
}
|
||||
|
||||
if (!SSHCmdHelper.sshExecuteCmd(sshConnection, "[ -f '/usr/sbin/dnsmasq' ]")) {
|
||||
|
|
|
|||
|
|
@ -130,8 +130,8 @@ public class BaremetalKickStartPxeResource extends BaremetalPxeResourceBase {
|
|||
|
||||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
logger.debug("SSH Failed to authenticate with user {} credentials", _username);
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
}
|
||||
|
||||
String script = String.format("python /usr/bin/baremetal_user_data.py '%s'", arg);
|
||||
|
|
@ -167,7 +167,7 @@ public class BaremetalKickStartPxeResource extends BaremetalPxeResourceBase {
|
|||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
}
|
||||
|
||||
String copyTo = String.format("%s/%s", _tftpDir, cmd.getTemplateUuid());
|
||||
|
|
|
|||
|
|
@ -101,7 +101,7 @@ public class BaremetalPingPxeResource extends BaremetalPxeResourceBase {
|
|||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, "******"));
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=******", _ip, _username));
|
||||
}
|
||||
|
||||
String cmd = String.format("[ -f /%1$s/pxelinux.0 ] && [ -f /%2$s/kernel ] && [ -f /%3$s/initrd.gz ] ", _tftpDir, _tftpDir, _tftpDir);
|
||||
|
|
@ -150,8 +150,8 @@ public class BaremetalPingPxeResource extends BaremetalPxeResourceBase {
|
|||
try {
|
||||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
logger.debug("SSH Failed to authenticate with user {} credentials", _username);
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
}
|
||||
|
||||
String script =
|
||||
|
|
@ -179,7 +179,7 @@ public class BaremetalPingPxeResource extends BaremetalPxeResourceBase {
|
|||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
}
|
||||
|
||||
String script =
|
||||
|
|
@ -237,7 +237,7 @@ public class BaremetalPingPxeResource extends BaremetalPxeResourceBase {
|
|||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s", _ip, _username));
|
||||
}
|
||||
|
||||
String script = String.format("python /usr/bin/baremetal_user_data.py '%s'", arg);
|
||||
|
|
|
|||
|
|
@ -500,8 +500,12 @@ public class UriUtils {
|
|||
if ((user != null) && (password != null)) {
|
||||
httpclient.getParams().setAuthenticationPreemptive(true);
|
||||
Credentials defaultcreds = new UsernamePasswordCredentials(user, password);
|
||||
httpclient.getState().setCredentials(new AuthScope(hostAndPort.first(), hostAndPort.second(), AuthScope.ANY_REALM), defaultcreds);
|
||||
LOGGER.info("Added username=" + user + ", password=" + password + "for host " + hostAndPort.first() + ":" + hostAndPort.second());
|
||||
httpclient.getState().setCredentials(
|
||||
new AuthScope(hostAndPort.first(), hostAndPort.second(), AuthScope.ANY_REALM), defaultcreds);
|
||||
LOGGER.info("Added username={} along with password for host {}:{}"
|
||||
, user
|
||||
, hostAndPort.first()
|
||||
, hostAndPort.second());
|
||||
}
|
||||
// Execute the method.
|
||||
GetMethod method = new GetMethod(url);
|
||||
|
|
|
|||
Loading…
Reference in New Issue