You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by we...@apache.org on 2013/07/12 10:57:01 UTC
[1/3] git commit: updated refs/heads/4.2 to b2a077d
Updated Branches:
refs/heads/4.2 f3a2fc22b -> b2a077dff
CLOUDSTACK-3362: use POST instead of GET and encode/decode cert/key in uploadCustomCertificate
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/838cfa2b
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/838cfa2b
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/838cfa2b
Branch: refs/heads/4.2
Commit: 838cfa2bb6dadf848cf4f3090ef0ce338d0443c2
Parents: f3a2fc2
Author: Wei Zhou <w....@leaseweb.com>
Authored: Thu Jul 11 16:06:21 2013 +0200
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Fri Jul 12 10:43:38 2013 +0200
----------------------------------------------------------------------
.../com/cloud/server/ManagementServerImpl.java | 24 ++++++++++++++++----
ui/scripts/ui-custom/physicalResources.js | 5 ++--
2 files changed, 23 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/838cfa2b/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index a0b9daa..36b3879 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -16,7 +16,9 @@
// under the License.
package com.cloud.server;
+import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
+import java.net.URLDecoder;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
@@ -3301,18 +3303,32 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
}
}
- if (cmd.getPrivateKey() != null && !_ksMgr.validateCertificate(cmd.getCertificate(), cmd.getPrivateKey(), cmd.getDomainSuffix())) {
+ String certificate = cmd.getCertificate();
+ String key = cmd.getPrivateKey();
+ try {
+ if (certificate != null)
+ certificate = URLDecoder.decode(certificate, "UTF-8");
+ if (key != null)
+ key = URLDecoder.decode(key, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ } finally {
+ }
+
+ if (cmd.getPrivateKey() != null && !_ksMgr.validateCertificate(certificate, key, cmd.getDomainSuffix())) {
throw new InvalidParameterValueException("Failed to pass certificate validation check");
}
if (cmd.getPrivateKey() != null) {
- _ksMgr.saveCertificate(ConsoleProxyManager.CERTIFICATE_NAME, cmd.getCertificate(), cmd.getPrivateKey(), cmd.getDomainSuffix());
+ _ksMgr.saveCertificate(ConsoleProxyManager.CERTIFICATE_NAME, certificate, key, cmd.getDomainSuffix());
} else {
- _ksMgr.saveCertificate(cmd.getAlias(), cmd.getCertificate(), cmd.getCertIndex(), cmd.getDomainSuffix());
+ _ksMgr.saveCertificate(cmd.getAlias(), certificate, cmd.getCertIndex(), cmd.getDomainSuffix());
}
_consoleProxyMgr.setManagementState(ConsoleProxyManagementState.ResetSuspending);
- return "Certificate has been updated, we will stop all running console proxy VMs to propagate the new certificate, please give a few minutes for console access service to be up again";
+ List<SecondaryStorageVmVO> alreadyRunning = _secStorageVmDao.getSecStorageVmListInStates(null, State.Running, State.Migrating, State.Starting);
+ for (SecondaryStorageVmVO ssVmVm : alreadyRunning)
+ _secStorageVmMgr.rebootSecStorageVm(ssVmVm.getId());
+ return "Certificate has been updated, we will stop all running console proxy VMs and secondary storage VMs to propagate the new certificate, please give a few minutes for console access service to be up again";
}
@Override
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/838cfa2b/ui/scripts/ui-custom/physicalResources.js
----------------------------------------------------------------------
diff --git a/ui/scripts/ui-custom/physicalResources.js b/ui/scripts/ui-custom/physicalResources.js
index 529adcf..5173172 100644
--- a/ui/scripts/ui-custom/physicalResources.js
+++ b/ui/scripts/ui-custom/physicalResources.js
@@ -80,10 +80,11 @@
var $loading = $('<div>').addClass('loading-overlay');
$('.system-dashboard-view:visible').prepend($loading);
$.ajax({
+ type: "POST",
url: createURL('uploadCustomCertificate'),
data: {
- certificate: args.data.certificate,
- privatekey: args.data.privatekey,
+ certificate: encodeURIComponent(args.data.certificate),
+ privatekey: encodeURIComponent(args.data.privatekey),
domainsuffix: args.data.domainsuffix
},
dataType: 'json',
[2/3] git commit: updated refs/heads/4.2 to b2a077d
Posted by we...@apache.org.
CLOUDSTACK-3368: clear download URLs when create SSVM and validate download URLs
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/b3ac91ef
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/b3ac91ef
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/b3ac91ef
Branch: refs/heads/4.2
Commit: b3ac91ef6391533e72c5a7524403dad5e65dddbf
Parents: 838cfa2
Author: Wei Zhou <w....@leaseweb.com>
Authored: Thu Jul 11 16:07:48 2013 +0200
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Fri Jul 12 10:43:49 2013 +0200
----------------------------------------------------------------------
.../secondary/SecondaryStorageManagerImpl.java | 7 +++++
.../cloud/storage/upload/UploadMonitorImpl.java | 27 +++++++++++++++++---
2 files changed, 30 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b3ac91ef/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java b/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
index 05256a8..6859b0b 100755
--- a/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
+++ b/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
@@ -98,9 +98,11 @@ import com.cloud.resource.ServerResource;
import com.cloud.resource.UnableDeleteHostException;
import com.cloud.service.ServiceOfferingVO;
import com.cloud.service.dao.ServiceOfferingDao;
+import com.cloud.storage.UploadVO;
import com.cloud.storage.VMTemplateVO;
import com.cloud.storage.dao.SnapshotDao;
import com.cloud.storage.dao.StoragePoolHostDao;
+import com.cloud.storage.dao.UploadDao;
import com.cloud.storage.dao.VMTemplateDao;
import com.cloud.storage.template.TemplateConstants;
import com.cloud.template.TemplateManager;
@@ -114,6 +116,7 @@ import com.cloud.utils.Pair;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.GlobalLock;
import com.cloud.utils.db.SearchCriteria.Op;
+import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.SearchCriteria2;
import com.cloud.utils.db.SearchCriteriaService;
import com.cloud.utils.events.SubscriptionMgr;
@@ -225,6 +228,8 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
protected RulesManager _rulesMgr;
@Inject
TemplateManager templateMgr;
+ @Inject
+ UploadDao _uploadDao;
@Inject
KeystoreManager _keystoreMgr;
@@ -658,6 +663,8 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
if (_allocLock.lock(ACQUIRE_GLOBAL_LOCK_TIMEOUT_FOR_SYNC)) {
try {
secStorageVm = startNew(dataCenterId, role);
+ for (UploadVO upload :_uploadDao.listAll())
+ _uploadDao.expunge(upload.getId());
} finally {
_allocLock.unlock();
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b3ac91ef/server/src/com/cloud/storage/upload/UploadMonitorImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/storage/upload/UploadMonitorImpl.java b/server/src/com/cloud/storage/upload/UploadMonitorImpl.java
index d46db0c..a589e7d 100755
--- a/server/src/com/cloud/storage/upload/UploadMonitorImpl.java
+++ b/server/src/com/cloud/storage/upload/UploadMonitorImpl.java
@@ -211,11 +211,33 @@ public class UploadMonitorImpl extends ManagerBase implements UploadMonitor {
boolean success = false;
Type type = (template.getFormat() == ImageFormat.ISO) ? Type.ISO : Type.TEMPLATE ;
+ // find an endpoint to send command
+ DataStore store = this.storeMgr.getDataStore(vmTemplateHost.getDataStoreId(), DataStoreRole.Image);
+ EndPoint ep = _epSelector.select(store);
//Check if it already exists.
List<UploadVO> extractURLList = _uploadDao.listByTypeUploadStatus(template.getId(), type, UploadVO.Status.DOWNLOAD_URL_CREATED);
if (extractURLList.size() > 0) {
- return extractURLList.get(0);
+ // do some check here
+ UploadVO upload = extractURLList.get(0);
+ String uploadUrl = extractURLList.get(0).getUploadUrl();
+ String[] token = uploadUrl.split("/");
+ // example: uploadUrl = https://10-11-101-112.realhostip.com/userdata/2fdd9a70-9c4a-4a04-b1d5-1e41c221a1f9.iso
+ // then token[2] = 10-11-101-112.realhostip.com, token[4] = 2fdd9a70-9c4a-4a04-b1d5-1e41c221a1f9.iso
+ String hostname = ep.getPublicAddr().replace(".", "-") + ".";
+ if ((token != null) && (token.length == 5) && (token[2].equals(hostname + _ssvmUrlDomain))) // ssvm publicip and domain suffix not changed
+ return extractURLList.get(0);
+ else if ((token != null) && (token.length == 5) && (token[2].startsWith(hostname))) { // domain suffix changed
+ String uuid = token[4];
+ uploadUrl = generateCopyUrl(ep.getPublicAddr(), uuid);
+ UploadVO vo = _uploadDao.createForUpdate();
+ vo.setLastUpdated(new Date());
+ vo.setUploadUrl(uploadUrl);
+ _uploadDao.update(upload.getId(), vo);
+ return _uploadDao.findById(upload.getId(), true);
+ } else { // ssvm publicip changed
+ return null;
+ }
}
// It doesn't exist so create a DB entry.
@@ -224,9 +246,6 @@ public class UploadMonitorImpl extends ManagerBase implements UploadMonitor {
uploadTemplateObj.setInstallPath(vmTemplateHost.getInstallPath());
_uploadDao.persist(uploadTemplateObj);
- // find an endpoint to send command
- DataStore store = this.storeMgr.getDataStore(vmTemplateHost.getDataStoreId(), DataStoreRole.Image);
- EndPoint ep = _epSelector.select(store);
try{
// Create Symlink at ssvm
String path = vmTemplateHost.getInstallPath();
[3/3] git commit: updated refs/heads/4.2 to b2a077d
Posted by we...@apache.org.
CLOUDSTACK-1475: fix RegisterISO error after Update SSL Certificate
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/b2a077df
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/b2a077df
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/b2a077df
Branch: refs/heads/4.2
Commit: b2a077dfff5ba71723187ce970a4aa040794fe82
Parents: b3ac91e
Author: Wei Zhou <w....@leaseweb.com>
Authored: Thu Jul 11 16:08:26 2013 +0200
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Fri Jul 12 10:43:57 2013 +0200
----------------------------------------------------------------------
services/console-proxy/server/scripts/config_ssl.sh | 9 +++++++++
services/secondary-storage/scripts/config_ssl.sh | 9 +++++++++
2 files changed, 18 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b2a077df/services/console-proxy/server/scripts/config_ssl.sh
----------------------------------------------------------------------
diff --git a/services/console-proxy/server/scripts/config_ssl.sh b/services/console-proxy/server/scripts/config_ssl.sh
index 8d80c47..e474787 100755
--- a/services/console-proxy/server/scripts/config_ssl.sh
+++ b/services/console-proxy/server/scripts/config_ssl.sh
@@ -90,6 +90,9 @@ customPrivCert=$(dirname $0)/certs/realhostip.crt
customCertChain=
publicIp=
hostName=
+keyStore=$(dirname $0)/certs/realhostip.keystore
+aliasName="CPVMCertificate"
+storepass="vmops.com"
while getopts 'i:h:k:p:t:c' OPTION
do
case $OPTION in
@@ -162,6 +165,12 @@ then
exit 2
fi
+if [ -f "$customPrivCert" ]
+then
+ keytool -delete -alias $aliasName -keystore $keyStore -storepass $storepass -noprompt
+ keytool -import -alias $aliasName -keystore $keyStore -storepass $storepass -noprompt -file $customPrivCert
+fi
+
if [ -d /etc/apache2 ]
then
config_apache2_conf $publicIp $hostName
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b2a077df/services/secondary-storage/scripts/config_ssl.sh
----------------------------------------------------------------------
diff --git a/services/secondary-storage/scripts/config_ssl.sh b/services/secondary-storage/scripts/config_ssl.sh
index 8d80c47..e474787 100755
--- a/services/secondary-storage/scripts/config_ssl.sh
+++ b/services/secondary-storage/scripts/config_ssl.sh
@@ -90,6 +90,9 @@ customPrivCert=$(dirname $0)/certs/realhostip.crt
customCertChain=
publicIp=
hostName=
+keyStore=$(dirname $0)/certs/realhostip.keystore
+aliasName="CPVMCertificate"
+storepass="vmops.com"
while getopts 'i:h:k:p:t:c' OPTION
do
case $OPTION in
@@ -162,6 +165,12 @@ then
exit 2
fi
+if [ -f "$customPrivCert" ]
+then
+ keytool -delete -alias $aliasName -keystore $keyStore -storepass $storepass -noprompt
+ keytool -import -alias $aliasName -keystore $keyStore -storepass $storepass -noprompt -file $customPrivCert
+fi
+
if [ -d /etc/apache2 ]
then
config_apache2_conf $publicIp $hostName