etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,826 Commits 324 Branches 325 Tags 796 MiB
Commit Graph

7826 Commits

Author SHA1 Message Date
Sheng Yang 302dc9c40b bug 12704: Fix multiply public nics with redundant router 
status 12704: resolved fixed
 2011-12-21 15:59:24 -08:00
Alena Prokharchyk 2b37568a87 bug 12001: fixed resource limit check for domain - treat -1 as unlimited 
status 12001: resolved fixed
 2011-12-21 15:13:10 -08:00
Kelven Yang 8f969846d4 bug 12696: add keysym mapping for capslock key 2011-12-21 13:51:38 -08:00
Edison Su 42d45efa44 set creating template timeout from cmds.timeout 2011-12-20 18:41:00 -08:00
Chiradeep Vittal 42896d8212 add stronger security to defend against attacks originating in the vm 2011-12-16 22:02:09 -08:00
Chiradeep Vittal 005ef54cb2 bug 12290: improve antispoofing lgic 
handle reboot within vm correctly
iptables -S missing in csp
 2011-12-16 20:46:57 -08:00
Edison Su a4d1ce3f87 set the cpu weight based on cpu * cores 2011-12-15 15:08:14 -08:00
frank 9312823c97 Bug 12565 - no check for correctness of the options given during cloud-setup-database steps 
fix a typo
 2011-12-15 11:01:30 -08:00
frank 387f8afac6 Bug 12565 - no check for correctness of the options given during cloud-setup-database steps 
status 12565: resolved fixed
 2011-12-15 10:47:30 -08:00
Prasanna Santhanam 5338828f76 reverting changes related to provider. not part of 2.2.y 2011-12-15 13:53:37 +05:30
Prasanna Santhanam fb03f61f1d transactions of syncNetworkGroups now on . 2011-12-15 13:53:37 +05:30
Prasanna Santhanam 3a3b31f7a2 adding the missing database creation file when we seperated cloud_simulator database from cloud 2011-12-15 13:53:37 +05:30
Prasanna Santhanam f9e9916d80 sql syntax corrections in the simulator schema creation file 2011-12-15 13:53:37 +05:30
Prasanna Santhanam 059dba39c6 kvm and xen are already part of sandbox/advanced 
(cherry picked from commit dc1783be18fdfc3c4cbaef0332f2e5a5cf1d1539)
 2011-12-15 13:53:37 +05:30
Prasanna Santhanam 9e4a2a23b0 kvm and xen are already part of sandbox/advanced 
(cherry picked from commit 36bf5be8561acf6fedecc77e7464e630d10e5d12)
 2011-12-15 13:53:37 +05:30
Prasanna Santhanam d70b326063 - some quick environment configuration files 
- adding service providers for zone configuration
- getting the python framework working with providers
(cherry picked from commit e0dd12619cc2dc32d23cc1f6cd82f01cd9f80b87)
 2011-12-15 13:53:36 +05:30
Kelven Yang 10e07a5c15 bug 11319: turn-off debug-time logger window 2011-12-14 10:51:43 -08:00
Abhinandan Prateek cf080277ed bug 12005: java reflection was breaking due to parameter in the constructor 2011-12-14 09:54:12 +05:30
Abhinandan Prateek e12c5fed42 bug 12005: java reflection was breaking due to parameter in the constructor 2011-12-14 09:50:01 +05:30
Edison Su 6207278bbf fix meta data issue on direct tagged network, where router's public ip address is null 2011-12-13 17:23:39 -08:00
Kelven Yang 151578278b bug 11319: console proxy and console viewer keyboard framework refactoring 2011-12-13 14:54:20 -08:00
Chiradeep Vittal 7dd98d4c73 bug 12290: arptables for vif mistakenly wiped out when tap device also present 2011-12-12 17:31:34 -08:00
kishan 807394cbd0 bug 12436: Add new parameter external.network.stats.interval to upgrade script 
status 12436 : resolved fixed
reviewed-by: Nitin
 2011-12-08 12:08:02 +05:30
kishan e614592b13 Added new param for external network stats collection interval 2011-12-08 12:02:17 +05:30
Edison Su 0f8ed3a60c fix reboot vm, then attached disk is lost 2011-12-06 13:45:20 -08:00
frank 672e71ce34 better error message when checking hostname failed in cloud-setup-database 2011-12-01 10:45:46 -08:00
David Nalley 5cd1cb17d3 fixin a typo in a logging message 2011-11-29 17:09:46 -05:00
Abhinandan Prateek 59a48ce59d bug 11910: no need to do full sync as first thing after connect 2011-11-29 11:35:11 +05:30
frank 9cade8e061 attach branch name to rpm name 2011-11-28 15:30:03 -08:00
frank e014bb724e make build number attach to release number 0 in rpm package name. 
1. if --prerelease specified, the release number equals to
        0.buildnumber
2. if --prerelease omitted, the release number equals to
        1 or --release-version if --release-version specified
 2011-11-28 15:29:53 -08:00
frank 3ca237c150 better help message of cloud-setup-database 2011-11-23 17:33:15 -08:00
frank 82db0eb371 add cleanup/recover procedures to cloud-setup-database 2011-11-23 17:14:20 -08:00
frank 97e97b6609 Refine cloud-setup-database script 2011-11-23 11:25:09 -08:00
Abhinandan Prateek 09e3e2e2ff bug 11910: full sync will only stop unknown VMs on agent 2011-11-23 17:18:51 +05:30
Alena Prokharchyk fd0dc5281a bug 12105: don't generate corresponding firewall rule for the pf/staticNat/lb rule in revoke state 2011-11-21 16:25:00 -08:00
frank dc4c25fdcc introduce cloud-grab-dependent-library-versions grabbing dependent libraries version of mgmt server 2011-11-21 14:30:55 -08:00
frank f5a2d123db Bug 12078 - pxe config file not being sent down (edit) 
better debug message
 2011-11-18 15:40:21 -08:00
frank 41799f021b Bug 12078 - pxe config file not being sent down (edit) 
status 12078: resolved  fixed
 2011-11-18 15:34:05 -08:00
Alena Prokharchyk d387e586ef bug 12067: set 'extractable' field default value to 0 as a part of 2.2.13 to 2.2.14 db upgrade 
status 12067: resolved fixed
 2011-11-18 13:35:07 -08:00
Abhinandan Prateek 6ced772ce8 bug 11910: avoid Starting to Running state changes during full sync, as the VM startup process does not like it 2011-11-17 14:30:25 +05:30
Sheng Yang 5ee092a1ad bug 11904: Fix regression caused by OpenJDK 1.6.0 security fix 
It’s due to an security fix of OpenJDK 1.6.0 added by Redhat. Here is excerpt
of [RHSA-2011:1380-01] Critical: java-1.6.0-openjdk security update(
https://www.redhat.com/archives/rhsa-announce/2011-October/msg00011.html)

    A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block
    ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a
    chosen plain text attack against a connection mixing trusted and untrusted
    data could use this flaw to recover portions of the trusted data sent over
    the connection. (CVE-2011-3389)

    Note: This update mitigates the CVE-2011-3389 issue by splitting the first
    application data record byte to a separate SSL/TLS protocol record. This
    mitigation may cause compatibility issues with some SSL/TLS implementations
    and can be disabled using the jsse.enableCBCProtection boolean property.
    This can be done on the command line by appending the flag
    "-Djsse.enableCBCProtection=false" to the java command.

To our knowledge, there are two condition need to be met to trigger this bug:
1.    Using old keystore generated by mgmt. server 2.2.8, which is signed with
SHA1withDSA. Any version later than 2.2.8 would generate keystore signed with
SHA1withRSA. RSA one seems fine with us so far.
2.    Use OpenJDK >=1.6.0.

The reason is, due to the security fix above, the assumption that one packet
would contain only one SSL record is broken. The decrypted data maybe only
contained the first byte of original application data. Then result in buffer
underflow when mgmt server want to read more from it.

To workaround it, according to the message above, add
"-Djsse.enableCBCProtection=false" to tomcat6.conf JAVA_OPTS line would work.
Notice the parameter would only work with latest version of OpenJDK, so simply
add it to the all setup would not work.

This patch provided a fix for it.

status 11904: resolved fixed
 2011-11-16 18:37:07 -08:00
Kelven Yang ad6d7ff9d2 bug 12039,12041: when taking snapshot for detached volume, keep the worker VM around until backup copy to SSVM is done 
Reviewed-by: Frank
 2011-11-16 18:05:06 -08:00
Alex Huang ee9eadef47 bug 12054: added details level to make it faster if so desired by the admin. Reviewed-by: Alena, Will 2011-11-16 17:32:56 -08:00
Alex Huang 013b14dffe print out the statement on closing for better debugging output 2011-11-16 16:24:02 -08:00
Kelven Yang fc1854681a bug 12039, 12041: forgot one more place. Reviewed-by: kelven 2011-11-16 11:26:12 -08:00
root 1db4e8b3f5 bug 11938: Remove thread.sleep() from HostCapacityChecker. cpu and memory capacities can be null for host in maintenance so check for that, wrap the host capacity checker thread with try and catch to make it more robust. Add more logging for entry and exit of thread. 
status 11938: resolved fixed
reviewed-by: Abhi
 2011-11-16 20:13:07 +05:30
Kelven Yang e790059a34 bug 12039, 12041: detach all disks before destroy worker VM to avoid accidentally delete the underlying disk along with the worker VM. Reviewed-by: Kelven 2011-11-15 19:05:53 -08:00
Alex Huang 67aa34f46d bug 12040: fixed the problem where if the connection is not retrievable, we cause a classcastexception 
Reviewed-by: Anthony
 2011-11-15 12:12:50 -08:00
keshav 58a09e00a7 Don't need to specify source NAT IP address and public VLAN tag in interface NAT mode. 2011-11-14 19:01:34 -08:00
frank 536a93d16a Bug 12007 - OVM - Addition of OVM host fails - NPE (edit) 
fix a typo

reviewed-by: edison
 2011-11-14 16:59:55 -08:00