etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-9901 secure and hidden config values are returned as plaintext string 

secure and hidden config values are first unencrypted before returning
them in the api. This is not desired as they are secure configs
returning encrypted strings for secure and hidden configs if encryption
is enabled.
This commit is contained in:
Rajani Karuturi 2016-11-03 10:56:53 +05:30
parent dcc7f4ce27
commit fca41148b7
3 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
framework/config/src/org/apache/cloudstack/config/Configuration.java
View File

@ -81,4 +81,10 @@ public interface Configuration {
* parameter is no longer used and can be deleted. * parameter is no longer used and can be deleted.
*/ */
Date getUpdated(); Date getUpdated();
/**
*
* @return returns true if the configuration is encrypted else false.
*/
boolean isEncrypted();
} }

7
framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigurationVO.java
View File

@ -122,7 +122,7 @@ public class ConfigurationVO implements Configuration {
@Override @Override
public String getValue() { public String getValue() {
if(isEncryptedConfig()) { if(isEncrypted()) {
return DBEncryptionUtil.decrypt(value); return DBEncryptionUtil.decrypt(value);
} else { } else {
return value; return value;
@ -130,14 +130,15 @@ public class ConfigurationVO implements Configuration {
} }
public void setValue(String value) { public void setValue(String value) {
if(isEncryptedConfig()) { if(isEncrypted()) {
this.value = DBEncryptionUtil.encrypt(value); this.value = DBEncryptionUtil.encrypt(value);
} else { } else {
this.value = value; this.value = value;
} }
} }
private boolean isEncryptedConfig() { @Override
public boolean isEncrypted() {
return "Hidden".equals(getCategory()) || "Secure".equals(getCategory()); return "Hidden".equals(getCategory()) || "Secure".equals(getCategory());
} }

7
server/src/com/cloud/api/ApiResponseHelper.java
View File

@ -16,6 +16,7 @@
// under the License. // under the License.
package com.cloud.api; package com.cloud.api;
import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.agent.api.VgpuTypesInfo; import com.cloud.agent.api.VgpuTypesInfo;
import com.cloud.api.query.ViewResponseHelper; import com.cloud.api.query.ViewResponseHelper;
import com.cloud.api.query.vo.AccountJoinVO; import com.cloud.api.query.vo.AccountJoinVO;
@ -455,7 +456,11 @@ public class ApiResponseHelper implements ResponseGenerator {
cfgResponse.setCategory(cfg.getCategory()); cfgResponse.setCategory(cfg.getCategory());
cfgResponse.setDescription(cfg.getDescription()); cfgResponse.setDescription(cfg.getDescription());
cfgResponse.setName(cfg.getName()); cfgResponse.setName(cfg.getName());
cfgResponse.setValue(cfg.getValue()); if(cfg.isEncrypted()) {
cfgResponse.setValue(DBEncryptionUtil.encrypt(cfg.getValue()));
} else {
cfgResponse.setValue(cfg.getValue());
}
cfgResponse.setObjectName("configuration"); cfgResponse.setObjectName("configuration");
return cfgResponse; return cfgResponse;