etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,611 Commits 326 Branches 325 Tags 885 MiB
Commit Graph

22611 Commits

Author SHA1 Message Date
Rohit Yadav c116ca968e CLOUDSTACK-8613, CLOUDSTACK-6301: Dump KVM domain XML with secure flag 
When dumping XML use appropriate flags:

1, VIR_DOMAIN_XML_SECURE (dump security sensitive information too)
8, VIR_DOMAIN_XML_MIGRATABLE (dump XML suitable for migration)

Source:
https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags

This fixes CVE 2015-3252: VNC password lost during VM migration across KVM
hosts. The issue is also seen when a VM is rebooted.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit cb2aca7516)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
 2015-08-14 10:52:58 +05:30
Rohit Yadav 5de04025a6 schema: fix foreign key checks for 3.0.7 to 4.1.0 upgrade path 
Without this upgrades from 3.0.7 version fails.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit a0cff4ca48)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-05-13 14:13:48 +02:00
Sebastien Goasguen 7939787ef2 Add CONTRIBUTING instructions 2015-04-03 10:45:24 +02:00
Rohit Yadav 3af3c73083 server: remove unused import in ImageStoreJoinDaoImpl 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-11 17:29:17 +05:30
Rohit Yadav f0f0b85531 api: avoid sending sensitive data in api response 
- UI: use post when updating user
- S3: don't send s3 key in the response
- VPN: don't send preshared key in remoteaccessvpn api response
- Snapshot response should set zone id not volume's device id

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 02cadc3fb3)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	api/src/org/apache/cloudstack/api/response/RemoteAccessVpnResponse.java
	server/src/com/cloud/api/ApiResponseHelper.java
 2015-03-11 16:37:33 +05:30
Rohit Yadav 02d2851b3a systemvm: avoid tcp responses with timestamp 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f3f47f25ba)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-09 17:15:48 +05:30
Sebastien Goasguen 6fece62788 exclude Dockerfile and supervisord.conf from RAT 2015-03-04 12:35:26 +01:00
Sebastien Goasguen a17f2d1707 Add Dockerfile for simulator 2015-03-04 11:56:24 +01:00
Rohit Yadav d7988f17b0 CLOUDSTACK-7089: don't log VNC password 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit e287de9fd9)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-26 18:11:43 +05:30
Rohit Yadav 9c0ed73b8e CLOUDSTACK-8282: startSystemVM should override consoleproxy.start setting 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b462a56f27)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/consoleproxy/ConsoleProxyManager.java
	server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
 2015-02-25 14:35:49 +05:30
Rohit Yadav ad29ce9344 db: use explicit USE statements to avoid SQL failures 
create-schema-premium.sql may fail with certain MySQL/MariaDB version which
require explicit database use.

(cherry picked from commit 09e26c826f)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-23 02:03:35 +05:30
Rohit Yadav 82ef390c21 CLOUDSTACK-6541: Fix monthly recurring snapshot UI limit, limit to 1-28 days 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 070813a106)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-19 15:43:16 +05:30
Rohit Yadav 0f846b9bdb CLOUDSTACK-5824: poll for delete snapshot and volume events 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit a85aea74de)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-19 15:34:47 +05:30
Pierre-Yves Ritschard f75317b10a ensure agent reconciliation triggers events 
(cherry picked from commit 0ba75bcebd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-18 11:16:39 +05:30
Rohit Yadav 30ec59817d CLOUDSTACK-7085, CLOUDSTACK-7084: disallow empty passwords 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit e5cd75790a)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	api/src/org/apache/cloudstack/api/command/admin/account/CreateAccountCmd.java
	api/src/org/apache/cloudstack/api/command/admin/user/CreateUserCmd.java
 2015-02-16 15:33:45 +05:30
Jayapal aa3b615037 CLOUDSTACK-5494: Fixed dns is open to public in VR 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 81994cf443)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-06 15:32:46 +05:30
Rohit Yadav 66027f43bb improve protocol enabling based on socket object type 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit d62d511f47)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	plugins/network-elements/opendaylight/src/main/java/org/apache/cloudstack/network/opendaylight/api/NeutronRestApi.java
	utils/src/com/cloud/utils/rest/RESTServiceConnector.java
 2015-02-05 15:49:53 +05:30
Anthony Xu 6a07aed6db fixed NPE 
(cherry picked from commit 98b416b7f0)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-05 12:15:28 +05:30
yichi.lu 12aef675ce Remove the comparison between GuestOSCategoryVO.CATEGORY_NONE and guestOSCategory.getName() to make OS category of None to be a valid option. 
Signed-off-by: Daan Hoogland <dhoogland@schubergphilis.com>
(cherry picked from commit f194adb2de)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/resource/ResourceManagerImpl.java
 2015-02-04 14:55:13 +05:30
Rohit Yadav ce5631553e CLOUDSTACK-8198: Use random local storage UUID 
Earlier host addition of multiple hosts with local storage failed due to
same local storage UUID being used where the storage path is same.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit bf17f640c6)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
 2015-02-03 22:38:39 +05:30
Rohit Yadav a10a9d522c appliance: hold on to openswan version, don't upgrade 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-28 23:21:47 +05:30
Rohit Yadav efad7b0051 appliance: upgrade systemvm to latest packages 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-28 23:18:56 +05:30
Rohit Yadav 3e61df4918 appliance: fix versions and let it have jre 1.7 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-28 18:19:45 +05:30
Rohit Yadav 5822132bc1 appliance: fix systemvm build 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-28 18:14:46 +05:30
Rohit Yadav 61563d71ed appliance: use latest debian 7.8 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-28 18:08:24 +05:30
Rohit Yadav f5f6c2d1a7 use a preferable protocol that works on jvm 1.6 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-28 13:41:00 +05:30
Rohit Yadav 1ef12f4145 awsapi: fix duplicate variable 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-27 12:00:56 +05:30
Marcus Sorensen bf397bfc88 LibvirtComputingResource: Expose KVMStoragePoolManager 
KVMStoragePoolManager is a singleton in practice, any plugin
or extension of LibvirtComputingResource will need to act on
the specific instance of KVMStoragePoolManager that LibvirtComputingResource
has initialized. Therefore, expose this variable for those who
wish to call storage commands from plugins or extensions.
 2015-01-23 00:09:55 -08:00
Rohit Yadav 43f3d6ae19 services, awsapi: use better string comparision 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit d08369ad06)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	awsapi/src/com/cloud/bridge/util/EC2RestAuth.java
	awsapi/src/com/cloud/bridge/util/RestAuth.java
 2015-01-22 18:14:11 +05:30
Rohit Yadav 53c0ab856a CLOUDSTACK-8160: use preferable protocols 
(cherry picked from commit debfcdef78)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	client/tomcatconf/server7-nonssl.xml.in
	client/tomcatconf/server7-ssl.xml.in
	engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
	plugins/event-bus/rabbitmq/src/org/apache/cloudstack/mom/rabbitmq/RabbitMQEventBus.java
	plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/XenServerConnectionPool.java
	plugins/network-elements/opendaylight/src/main/java/org/apache/cloudstack/network/opendaylight/api/NeutronRestApi.java
	plugins/network-elements/palo-alto/src/com/cloud/network/utils/HttpClientWrapper.java
	plugins/storage/volume/cloudbyte/src/org/apache/cloudstack/storage/datastore/util/ElastistorUtil.java
	plugins/storage/volume/nexenta/src/org/apache/cloudstack/storage/datastore/util/NexentaNmsClient.java
	plugins/storage/volume/solidfire/src/org/apache/cloudstack/storage/datastore/util/SolidFireUtil.java
	pom.xml
	services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
	services/console-proxy/server/src/com/cloud/consoleproxy/util/RawHTTP.java
	systemvm/scripts/config_ssl.sh
	utils/src/com/cloud/utils/nio/NioClient.java
	utils/src/com/cloud/utils/rest/RESTServiceConnector.java
	utils/src/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java
	vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareContext.java
 2015-01-21 18:24:54 +05:30
Rohit Yadav bd5fe46e53 CID 1264632: Rely on a known and widely available encoding UTF8 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 0763b5576d)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 07:50:12 +05:30
Abhinandan Prateek 969bbb02a9 CLOUDSTACK-8164: Look for all host to avoid NPE 
(cherry picked from commit d8def3dc0b)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	engine/storage/src/org/apache/cloudstack/storage/helper/VMSnapshotHelperImpl.java
 2015-01-19 11:32:06 +05:30
Rohit Yadav 2c7cacd9df CLOUDSTACK-8167: publish volume uuid on event bus in create snapshot cmd 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f6564b0b03)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	api/src/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotCmd.java
 2015-01-18 17:43:02 +05:30
Rohit Yadav dc97372d6f engine/storage: add NPE check, break if parent snapshot is null 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit c06ca09b54)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-18 17:21:07 +05:30
Rohit Yadav fc5d8e95bf CLOUDSTACK-8166: add boundary checks in various usage parsers 
- Add boundary condition to continue looping if creation data is after end date
- Add null pointer fix for create snapshot bug

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 065c556cf5)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-18 17:15:14 +05:30
Pierre-Yves Ritschard 87d444b05a move ConstantTimeComparator to utils 
(cherry picked from commit b2393c31ed)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/api/ApiServer.java
 2015-01-14 20:47:27 +05:30
Pierre-Yves Ritschard bee99e5992 Use constant-time comparison functions when checking signatures 
This limits the likeliness of timing attacks against the API.
See http://codahale.com/a-lesson-in-timing-attacks/ for the
full rationale.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/user/AccountManagerImpl.java

(cherry picked from commit 9b4e39e837)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/user/AccountManagerImpl.java
 2015-01-14 20:46:18 +05:30
Erik Weber 0f7ec982bf Add absolute schema references to support MySQL 5.6 better 
(cherry picked from commit 396936ea5e)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-14 20:33:29 +05:30
Edison Su ebf9897293 CLOUDSTACK-7301, CLOUDSTACK-7947: double check if parent snapshot is removed or not 
when creating new snapshot, check if parent snapshot is removed or not

Reviewed-by: Min
(cherry picked from commit bd79965329)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/XenserverSnapshotStrategy.java
 2014-12-18 18:26:24 +05:30
Rohit Yadav a15acb8e74 api: Add licenses to getvmuserdata api and response 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-15 13:22:56 +05:30
Rohit Yadav 5b56c7fcb5 scripts: Fix UI issue when deploying instance through host view 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-12 23:41:33 +05:30
Rohit Yadav afe1323a54 CHANGES: update changes file 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-12 20:36:51 +05:30
Rohit Yadav 5519095a29 CLOUDSTACK-8070: during 4.3.1 to 4.3.2 upgrade encrypt config that are hidden 
In case there is an encryption key/password is provided the value, specifically
for router.ram.size will be encrypted otherwise it will remain plain text.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-12 20:33:16 +05:30
Rohit Yadav 485c76a2f8 debian: add version entry for 4.3.2 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-12 05:30:52 +05:30
Rohit Yadav f47e32ec5f
cloudstack: change version to 4.3.2 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-11 19:08:36 +05:30
Rohit Yadav 436d6f6db4 CHANGES: update latest fixed list of issues on 4.3 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-10 19:38:28 +05:30
Rohit Yadav f189c105d8 CLOUDSTACK-8014: Fix NPE searching including removed templates 
Steps to reproduce if you have this issue:
- Create a VM's volume snapshot
- Remove VM's template and mark the template as removed with timestamp in DB
- Restart mgmt server and create a volume out of snapshot you should get NPE

Fix: In `storagePoolHasEnoughSpace`, we're only searching for a VM's volume's
snapshot's template by Id and not including removed templates. This is a corner
case and NPE hits when template has been marked removed for a VM's volume's
template so we should search including removed templates.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-10 19:13:30 +05:30
Rohit Yadav 63298d9b74 CLOUDSTACK-7974: remove old hostname entry for a VM when adding a VM 
When adding a VM, it adds an entry to /etc/hosts file on the VR but does not
clear up any older entries for the VM with a same name. The fix uncomments the
command that removes any old entries in the VM.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-10 18:21:34 +05:30
Rohit Yadav 32adae40e2 CLOUDSTACK-7572: Fix regression from 156bd9b 
In case the configured consoleproxy url domain does not start with *
use the work mode 3 as recommended in the doc:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-09 17:57:12 +05:30
Rohit Yadav 40743e9339 CHANGES: update list of fixed issues for 4.3.2 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-09 17:27:29 +05:30