mirror of https://github.com/apache/cloudstack.git
CLOUDSTACK-6864: UploadSSlCert API requires double encoding of URL params
This commit is contained in:
Saksham Srivastava
parent
60638c1539
commit
f2464e4182
|
|
@ -18,8 +18,6 @@ package org.apache.cloudstack.network.lb;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.io.StringReader;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.KeyPair;
|
||||
|
|
@ -53,18 +51,17 @@ import javax.crypto.NoSuchPaddingException;
|
|||
import javax.ejb.Local;
|
||||
import javax.inject.Inject;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.openssl.PEMReader;
|
||||
import org.bouncycastle.openssl.PasswordFinder;
|
||||
|
||||
import org.apache.cloudstack.acl.SecurityChecker;
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd;
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.ListSslCertsCmd;
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd;
|
||||
import org.apache.cloudstack.api.response.SslCertResponse;
|
||||
import org.apache.cloudstack.context.CallContext;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.openssl.PEMReader;
|
||||
import org.bouncycastle.openssl.PasswordFinder;
|
||||
|
||||
import com.cloud.event.ActionEvent;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -109,10 +106,10 @@ public class CertServiceImpl implements CertService {
|
|||
public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
|
||||
try {
|
||||
|
||||
String cert = URLDecoder.decode(certCmd.getCert(), "UTF-8");
|
||||
String key = URLDecoder.decode(certCmd.getKey(), "UTF-8");
|
||||
String cert = certCmd.getCert();
|
||||
String key = certCmd.getKey();
|
||||
String password = certCmd.getPassword();
|
||||
String chain = certCmd.getChain() == null ? null : URLDecoder.decode(certCmd.getChain(), "UTF-8");
|
||||
String chain = certCmd.getChain();
|
||||
|
||||
validate(cert, key, password, chain);
|
||||
s_logger.debug("Certificate Validation succeeded");
|
||||
|
|
@ -127,8 +124,8 @@ public class CertServiceImpl implements CertService {
|
|||
|
||||
return createCertResponse(certVO, null);
|
||||
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
throw new CloudRuntimeException("Error decoding certificate data");
|
||||
} catch (Exception e) {
|
||||
throw new CloudRuntimeException("Error parsing certificate data " + e.getMessage());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -429,7 +426,7 @@ public class CertServiceImpl implements CertService {
|
|||
try {
|
||||
return (Certificate)certPem.readObject();
|
||||
} catch (Exception e) {
|
||||
throw new InvalidParameterValueException("Invalid Certificate format. Expected X509 certificate");
|
||||
throw new InvalidParameterValueException("Invalid Certificate format. Expected X509 certificate. Failed due to " + e.getMessage());
|
||||
} finally {
|
||||
IOUtils.closeQuietly(certPem);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,21 +27,19 @@ import static org.mockito.Mockito.when;
|
|||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URLEncoder;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd;
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd;
|
||||
import org.apache.cloudstack.context.CallContext;
|
||||
import org.junit.After;
|
||||
import org.junit.Assume;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.mockito.Mockito;
|
||||
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.DeleteSslCertCmd;
|
||||
import org.apache.cloudstack.api.command.user.loadbalancer.UploadSslCertCmd;
|
||||
import org.apache.cloudstack.context.CallContext;
|
||||
|
||||
import com.cloud.network.dao.LoadBalancerCertMapDao;
|
||||
import com.cloud.network.dao.LoadBalancerCertMapVO;
|
||||
import com.cloud.network.dao.LoadBalancerVO;
|
||||
|
|
@ -101,9 +99,9 @@ public class CertServiceTest {
|
|||
String chainFile = getClass().getResource("/certs/root_chain.crt").getFile();
|
||||
String password = "user";
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String chain = URLEncoder.encode(readFileToString(new File(chainFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
String chain = readFileToString(new File(chainFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -153,8 +151,8 @@ public class CertServiceTest {
|
|||
String keyFile = getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile();
|
||||
String password = "test";
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -199,8 +197,8 @@ public class CertServiceTest {
|
|||
String certFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile();
|
||||
String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile();
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -239,9 +237,9 @@ public class CertServiceTest {
|
|||
String chainFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile();
|
||||
String password = "user";
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String chain = URLEncoder.encode(readFileToString(new File(chainFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
String chain = readFileToString(new File(chainFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -291,9 +289,9 @@ public class CertServiceTest {
|
|||
String chainFile = getClass().getResource("/certs/rsa_ca_signed2.crt").getFile();
|
||||
String password = "user";
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String chain = URLEncoder.encode(readFileToString(new File(chainFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
String chain = readFileToString(new File(chainFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -343,8 +341,8 @@ public class CertServiceTest {
|
|||
String keyFile = getClass().getResource("/certs/rsa_ca_signed.key").getFile();
|
||||
String password = "user";
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -388,8 +386,8 @@ public class CertServiceTest {
|
|||
String keyFile = getClass().getResource("/certs/rsa_self_signed_with_pwd.key").getFile();
|
||||
String password = "bad_password";
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -432,8 +430,8 @@ public class CertServiceTest {
|
|||
String certFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile();
|
||||
String keyFile = getClass().getResource("/certs/rsa_random_pkey.key").getFile();
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -471,8 +469,8 @@ public class CertServiceTest {
|
|||
String certFile = getClass().getResource("/certs/rsa_self_signed.crt").getFile();
|
||||
String keyFile = getClass().getResource("/certs/dsa_self_signed.key").getFile();
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -511,8 +509,8 @@ public class CertServiceTest {
|
|||
String certFile = getClass().getResource("/certs/expired_cert.crt").getFile();
|
||||
String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile();
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -550,8 +548,8 @@ public class CertServiceTest {
|
|||
String certFile = getClass().getResource("/certs/non_x509_pem.crt").getFile();
|
||||
String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile();
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
@ -590,8 +588,8 @@ public class CertServiceTest {
|
|||
String certFile = getClass().getResource("/certs/bad_format_cert.crt").getFile();
|
||||
String keyFile = getClass().getResource("/certs/rsa_self_signed.key").getFile();
|
||||
|
||||
String cert = URLEncoder.encode(readFileToString(new File(certFile)), "UTF-8");
|
||||
String key = URLEncoder.encode(readFileToString(new File(keyFile)), "UTF-8");
|
||||
String cert = readFileToString(new File(certFile));
|
||||
String key = readFileToString(new File(keyFile));
|
||||
|
||||
CertServiceImpl certService = new CertServiceImpl();
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue