43d20e67f8
graphite: Do not cache DNS names for Graphite host
2015-05-12 13:47:59 +02:00
bd71fcb650
Fixed two coverity reported issues
...
Dereference after null check
Dm: Dubious method used
This closes #219
2015-05-01 16:08:26 +05:30
9e3b825f91
findbugs: make default encoding explicit
2015-05-01 08:20:27 +02:00
d39b993512
Fixed a few findbugs issues after the merge 0b83559
...
HttpUploadServerHandler.java:142, DM_BOXED_PRIMITIVE_FOR_PARSING
NfsSecondaryStorageResource.java:2630, DM_BOXED_PRIMITIVE_FOR_PARSING
NfsSecondaryStorageResource.java:2775, DM_DEFAULT_ENCODING
EncryptionUtil.java:59, DM_DEFAULT_ENCODING
2015-04-30 13:56:44 +05:30
0b8355920e
Merge branch 'volume-upload' into master
...
This closes #206
2015-04-29 11:12:53 +05:30
48ef7e5f28
utils: improve timeout to 60s, define generics properly
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit d2471df0be
2015-04-13 15:47:45 +05:30
018023c1ef
volume upload: added validation for file formats
...
merged TemplateUtils and ImageStoreUtil to a singe ImageStoreUtil
also added a unittest for ImageStoreUtil
2015-03-20 16:25:13 +05:30
c8901a7990
utils: use a better extended implementation of SSLSocketFactory
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b4a5a32a74
2015-03-13 17:32:07 +05:30
debcbcc145
Fixed PMD NullDeref issues in S3Utils.
2015-03-05 11:58:24 +05:30
c5c1b1d462
Fixed checkstyle issues due to commit 0b6c540a20
2015-03-04 16:21:53 +05:30
0b6c540a20
listDirectory method updated to use ObjectListing.isTruncated().
...
Because buckets can contain a virtually unlimited number of keys, the
complete results of a list query can be extremely large. To manage large
result sets, Amazon S3 uses pagination to split them into multiple
responses.
Signed-off-by: Rajani Karuturi <rajanikaruturi@gmail.com>
This closes #25
2015-03-04 12:52:48 +05:30
1f72548f57
CLOUDSTACK-4807: tests for NetUtils
...
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2015-03-03 21:21:52 +01:00
20bcb4b673
CLOUDSTACK-7063, CLOUDSTACK-7064: Add security headers on HTTP response
...
- Adds X-XSS-Protection header
- Adds X-Content-Type-Options header
- Fixes to use json content type defined from global settings
- Uses secure cookie if enabled in global settings
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b6b3494782
2015-02-28 18:14:49 +05:30
6df2fe7a8a
CLOUDSTACK-8273: refactor baremetal user name to utils, restrict baremetal user
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit cb08707add
2015-02-26 17:47:01 +05:30
3814677977
volume upload: getUploadParamsForVolume url has IP address instead of hostname, SSL fails
2015-02-17 11:31:44 +05:30
c31e8e7409
CLOUDSTACK-8215: Change Date calculation to Joda DateTime
...
(cherry picked from commit 03e07c41b5
2015-02-05 17:22:31 +05:30
fdf4bd2ea2
SAML changing date calculation
...
Signed-off-by: Erik Weber <terbolous@gmail.com>
(cherry picked from commit b84c8889a3
2015-02-05 17:22:20 +05:30
d62d511f47
improve protocol enabling based on socket object type
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-02-05 15:48:21 +05:30
008911d4b1
CLOUDSTACK-8195: Don't break IdP, return metadata XML
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 1172867df0
2015-02-03 17:05:29 +05:30
0d74d7bdea
use a preferable protocol that works on most infra
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f5f6c2d1a71bab1d0855
2015-01-29 16:03:29 +05:30
664186f483
CLOUDSTACK-8160: use preferable protocols
...
(cherry picked from commit debfcdef78
2015-01-21 18:04:45 +05:30
e7c80021d6
CLOUDSTACK-5946: Fix keystore filename to avoid warning logs
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit ed69d588ec
2015-01-21 18:04:00 +05:30
60f18cc713
CID 1264632: Rely on a known and widely available encoding UTF8
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 0763b5576d
2015-01-20 07:49:09 +05:30
b2393c31ed
move ConstantTimeComparator to utils
2015-01-14 12:14:00 +01:00
b7b3a4fb3c
CLOUDSTACK-8037: Require signed AuthnRequest, adds more security
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 6bec69844d
2015-01-14 02:43:48 +05:30
aaf6a34c54
CLOUDSTACK-8035: Generate and store X509Cert and reuse this for SAML
...
The fix generates X509Certificate if missing from DB and uses that for eternity.
SAML SP metadata remains same since it's using the same X509 certificate and
it remains same after restarts. The certificate is serialized, base64 encoded
and stored in the keystore table under a specific name. For reading, it's
retrieved, base64 decoded and deserialized.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 4358714381
2015-01-12 16:49:49 +05:30
0b94f254e8
CLOUDSTACK-8034: Hash user IDs for SAML authentication
...
The User table's UUID column is restricted to 40 chars only, since we don't
know how long the nameID/userID of a SAML authenticated user will be - the fix
hashes that user ID and takes a substring of length 40 chars. For hashing,
SHA256 is used which returns a 64 char length string.
- Fix tests, add test cases
- Improve checkSAMLUser method
- Use SHA256 one way hashing to create unique UUID for SAML users
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b2b496288d
2015-01-12 13:37:51 +05:30
dc17e4ef39
Increased SSL handshake timeout to 30 seconds
2015-01-07 14:27:51 +05:30
9bb6cf8452
volume upload: persisting the volume metadata
...
on calling GetUploadParamsForVolume, persisting the metadata to db
validating the account limits and incrementing the appropriate limits
encoded the metadata on management server using preshared key
2014-12-18 17:50:51 +05:30
3c9e14e85a
CLOUDSTACK-5241: Remove Rot13 usage
2014-12-03 19:38:47 -08:00
1e0880cbab
CLOUDSTACK-7903: Fix build regression from previous fix
...
The previous fix tried to access StatsCollector from UsageManagerImpl
which is not possible due to dependency cycle.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2014-12-01 16:35:23 +05:30
960b7bbf74
CLOUDSTACK-7977
...
Fix password generator, add guards for minimum length
2014-11-26 15:08:48 -08:00
7ff31f1b22
Merge remote-tracking branch 'origin/inetaddress'
...
- Tested locally against unit tests
- TravisCI build passed: https://travis-ci.org/apache/cloudstack/builds/41990351
- Manual QA passed for basic auth and saml auth using default IDP settings
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Conflicts:
server/src/com/cloud/api/ApiServlet.java
2014-11-25 14:32:09 +05:30
72ba98b1b8
Validate IPv4 address using Apache Commons Validator
2014-11-24 14:43:48 +01:00
3577423da9
removed executable flags from java classes
...
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2014-11-23 19:49:01 +01:00
55c449aa07
Properties loading simplification
...
- Using the PropertiesUtil methods, the resource handling could be elliminated
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2014-11-23 19:48:56 +01:00
b2023d04ba
Simplification on Properties handling
...
- Added method to create properties and load contents from file
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2014-11-23 19:48:56 +01:00
ca9dd457f9
Stream handling simplification in PropertiesUtil
...
- use resource block instead of finally block
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2014-11-23 19:48:55 +01:00
9ac93d3e43
CLOUDSTACK-7678:volumes are getting uploaded successfully with wrong url.
2014-11-21 14:36:36 -08:00
f2ccee7a03
name convention adherence
2014-11-18 16:52:46 +01:00
6bc0defa1d
CID-1254832 tyr-with-resource
2014-11-18 15:48:31 +01:00
e1d4a329c4
Package name should reflect the location on the filesystem or viseversa
2014-11-18 14:12:44 +01:00
16de4a7176
Fix for potential NPE
2014-11-18 14:12:14 +01:00
638da54fce
CID-1254833 refactor condition to include null-case
2014-11-18 12:12:00 +01:00
ef6ec7b276
Fixed few coverity issues like invalid boxing unboxing issues, resource leaks, null dereferences
2014-11-13 17:26:24 +05:30
840c2fda85
CLOUDSTACK-7583: Send VmStats to Graphite host when configured
...
This allows external processing of VmStats information without using
the usage server of CloudStack
Statistics are being send to Graphite using UDP and not TCP.
UDP is used to prevent the management server waiting for TCP timeouts
when the Graphite server is unavailable
2014-11-11 13:04:43 +01:00
990da08451
Add check to ensure VR template version matches digit.digit.digit format. Returns version as 0 otherwise
2014-11-10 15:33:50 +05:30
7716989344
SAMLUtils: SAML user id should fit within the UUID VARCHAR(40) column
...
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 6df0b9f677
2014-10-31 01:24:56 +05:30
57c4841403
CLOUDSTACK-7814: Fix default passphrase for keystores
...
In upgrade case, the db.properties file is not changed, but the following commit
would require passphrase for keystore in it, thus result in error(NPE in fact
due to there is no such properity).
commit 918c320438
2014-10-28 16:25:52 -07:00
1de0cb7094
restore barematel work after merge
2014-10-17 10:24:01 +02:00
Wido den Hollander
Rajani Karuturi
Daan Hoogland
Rohit Yadav
santhosh
Laszlo Hornyak
Erik Weber
Pierre-Yves Ritschard
Kishan Kavala
Sheng Yang
amoghvk
Min Chen
Daan Hoogland
Hugo Trippaers
Santhosh Edukulla
Kishan Kavala