From f2a08afd6fbcecd5a5ee839d42235e1e20c4d83e Mon Sep 17 00:00:00 2001
From: kishan <kishan@cloud.com>
Date: Tue, 1 May 2012 11:10:59 +0530
Subject: [PATCH] bug CS-14695: Encrypt VNC password during 3.0.0 upgrade
 status CS-14695: resolved fixed reviewed-by: Abhi

---
 .../cloud/upgrade/dao/Upgrade2214to30.java    | 41 +++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java b/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
index 2e7d1222f86..14fab7dd83b 100755
--- a/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
+++ b/server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
@@ -496,6 +496,7 @@ public class Upgrade2214to30 implements DbUpgrade {
         encryptHostDetails(conn);
         encryptVNCPassword(conn);
         encryptUserCredentials(conn);
+        encryptVPNPassword(conn);
         s_logger.debug("Done encrypting the data");
     }
 
@@ -666,6 +667,46 @@ public class Upgrade2214to30 implements DbUpgrade {
         s_logger.debug("Done encrypting user keys");
     }
 
+    private void encryptVPNPassword(Connection conn) {
+    	s_logger.debug("Encrypting vpn_users password");
+        PreparedStatement pstmt = null;
+        ResultSet rs = null;
+        try {
+            pstmt = conn.prepareStatement("select id, password from `cloud`.`vpn_users`");
+            rs = pstmt.executeQuery();
+            while (rs.next()) {
+                long id = rs.getLong(1);
+                String password = rs.getString(2);
+                String encryptedpassword = DBEncryptionUtil.encrypt(password);
+                pstmt = conn.prepareStatement("update `cloud`.`vpn_users` set password=? where id=?");
+                if (encryptedpassword == null) {
+                    pstmt.setNull(1, Types.VARCHAR);
+                } else {
+                    pstmt.setBytes(1, encryptedpassword.getBytes("UTF-8"));
+                }
+                pstmt.setLong(2, id);
+                pstmt.executeUpdate();
+            }
+        } catch (SQLException e) {
+            throw new CloudRuntimeException("Unable encrypt vpn_users password ", e);
+        } catch (UnsupportedEncodingException e) {
+            throw new CloudRuntimeException("Unable encrypt vpn_users password ", e);
+        } finally {
+            try {
+                if (rs != null) {
+                    rs.close();
+                }
+
+                if (pstmt != null) {
+                    pstmt.close();
+                }
+            } catch (SQLException e) {
+            }
+        }
+        s_logger.debug("Done encrypting vpn_users password");
+    }
+
+    
     private void dropKeysIfExist(Connection conn) {
         HashMap<String, List<String>> uniqueKeys = new HashMap<String, List<String>>();
         List<String> keys = new ArrayList<String>();