You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Animesh Chaturvedi (JIRA)" <ji...@apache.org> on 2014/10/14 18:49:35 UTC
[jira] [Commented] (CLOUDSTACK-7242) adding a Secure config using
the new ConfigDepot and ConfigKey breaks the build when encryption is
enabled
[ https://issues.apache.org/jira/browse/CLOUDSTACK-7242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14171206#comment-14171206 ]
Animesh Chaturvedi commented on CLOUDSTACK-7242:
------------------------------------------------
Kishan can you help with this issue?
> adding a Secure config using the new ConfigDepot and ConfigKey breaks the build when encryption is enabled
> ----------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-7242
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7242
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Management Server
> Reporter: Rajani Karuturi
> Assignee: Kishan Kavala
> Priority: Critical
> Fix For: 4.5.0
>
>
> In the inner layers, when it get the value of the key it tries to do decrypt if its a secure or hidden field. But, it doesn’t encrypt while adding the config.
> Here is code snippet from ConfigurationVO
> {noformat}
> @Override
> public String getValue() {
> return (("Hidden".equals(getCategory()) || "Secure".equals(getCategory())) ? DBEncryptionUtil.decrypt(value) : value);
> }
> public void setValue(String value) {
> this.value = value;
> }
> {noformat}
> we should make the getter and setter consistent. Otherwise, you won’t be able to introduce any new secure/hidden configs unless you put the encrypted value in the db before.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)