You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ap...@apache.org on 2014/01/09 11:28:10 UTC
[1/2] git commit: updated refs/heads/master to f741d99
Updated Branches:
refs/heads/master 7dc4c5cb5 -> f741d99c8
CLOUDSTACK-5790: decrypted ldap hostname and port during upgrade as they are not encrypted now.
Conflicts:
engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
Signed-off-by: Abhinandan Prateek <ap...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/f741d99c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/f741d99c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/f741d99c
Branch: refs/heads/master
Commit: f741d99c80b3a2ad26b41d4131c930646086ce3c
Parents: 001e67a
Author: Rajani Karuturi <ra...@gmail.com>
Authored: Wed Jan 8 18:12:55 2014 +0530
Committer: Abhinandan Prateek <ap...@apache.org>
Committed: Thu Jan 9 15:50:53 2014 +0530
----------------------------------------------------------------------
.../com/cloud/upgrade/dao/Upgrade421to430.java | 36 ++++++++++++++++++++
setup/db/db/schema-421to430.sql | 3 --
2 files changed, 36 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/f741d99c/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
index 6df44ec..268a27d 100644
--- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
@@ -21,8 +21,11 @@ import java.io.File;
import java.io.UnsupportedEncodingException;
import java.sql.Connection;
import java.sql.PreparedStatement;
+import java.sql.ResultSet;
import java.sql.SQLException;
+import java.sql.Types;
+import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import com.cloud.utils.crypt.DBEncryptionUtil;
@@ -88,6 +91,39 @@ public class Upgrade421to430 implements DbUpgrade {
pstmt.setString(3, desc);
pstmt.executeUpdate();
}
+
+ /**
+ * if encrypted, decrypt the ldap hostname and port and then update as they are not encrypted now.
+ */
+ pstmt = conn.prepareStatement("SELECT conf.value FROM `cloud`.`configuration` conf WHERE conf.name='ldap.hostname'");
+ ResultSet resultSet = pstmt.executeQuery();
+ String hostname = null;
+ String port;
+ int portNumber = 0;
+ if (resultSet.next()) {
+ hostname = DBEncryptionUtil.decrypt(resultSet.getString(1));
+ }
+
+ pstmt = conn.prepareStatement("SELECT conf.value FROM `cloud`.`configuration` conf WHERE conf.name='ldap.port'");
+ resultSet = pstmt.executeQuery();
+ if (resultSet.next()) {
+ port = DBEncryptionUtil.decrypt(resultSet.getString(1));
+ if (StringUtils.isNotBlank(port)) {
+ portNumber = Integer.valueOf(port);
+ }
+ }
+
+ if (StringUtils.isNotBlank(hostname)) {
+ pstmt = conn.prepareStatement("INSERT INTO `cloud`.`ldap_configuration`(hostname, port) VALUES(?,?)");
+ pstmt.setString(1, hostname);
+ if (portNumber != 0) {
+ pstmt.setInt(2, portNumber);
+ } else {
+ pstmt.setNull(2, Types.INTEGER);
+ }
+ pstmt.executeUpdate();
+ }
+
} catch (SQLException e) {
throw new CloudRuntimeException("Unable to insert ldap configuration values ", e);
} catch (UnsupportedEncodingException e) {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/f741d99c/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index b26166a..24e8223 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -616,9 +616,6 @@ CREATE TABLE `cloud`.`ldap_configuration` (
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-INSERT INTO `cloud`.`ldap_configuration`(hostname) SELECT conf.value FROM `cloud`.`configuration` conf WHERE conf.name='ldap.hostname' ;
-UPDATE `cloud`.`ldap_configuration` SET port=(SELECT conf.value FROM `cloud`.`configuration` conf WHERE conf.name='ldap.port') WHERE hostname = (SELECT conf.value FROM `cloud` .`configuration` conf WHERE conf.name='ldap.hostname');
-
UPDATE `cloud`.`volumes` SET display_volume=1 where id>0;
create table `cloud`.`monitoring_services` (
[2/2] git commit: updated refs/heads/master to f741d99
Posted by ap...@apache.org.
Revert "CLOUDSTACK-5435 enabled encryption for ldap params"
This reverts commit 1d5051f60e0b302287f4fd806a84e65afc7494d0.
Signed-off-by: Abhinandan Prateek <ap...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/001e67ab
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/001e67ab
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/001e67ab
Branch: refs/heads/master
Commit: 001e67ab026362678d4ef850e8512b59885bab60
Parents: 7dc4c5c
Author: Rajani Karuturi <ra...@gmail.com>
Authored: Wed Jan 8 18:23:59 2014 +0530
Committer: Abhinandan Prateek <ap...@apache.org>
Committed: Thu Jan 9 15:50:53 2014 +0530
----------------------------------------------------------------------
.../cloudstack/api/command/LDAPConfigCmd.java | 41 ++++++++++++--------
.../api/response/LdapConfigurationResponse.java | 13 ++++---
.../cloudstack/ldap/LdapConfigurationVO.java | 21 ++++------
.../apache/cloudstack/ldap/LdapManagerImpl.java | 9 +++--
setup/db/db/schema-421to430.sql | 2 +-
5 files changed, 46 insertions(+), 40 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/001e67ab/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
index db6d7dd..5e424de 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
@@ -21,11 +21,9 @@ import java.util.List;
import javax.inject.Inject;
-import com.cloud.exception.ConcurrentOperationException;
-import com.cloud.exception.InsufficientCapacityException;
-import com.cloud.exception.InvalidParameterValueException;
-import com.cloud.exception.ResourceAllocationException;
-import com.cloud.exception.ResourceUnavailableException;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.log4j.Logger;
+
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseCmd;
@@ -39,9 +37,12 @@ import org.apache.cloudstack.framework.config.impl.ConfigurationVO;
import org.apache.cloudstack.ldap.LdapConfiguration;
import org.apache.cloudstack.ldap.LdapConfigurationVO;
import org.apache.cloudstack.ldap.LdapManager;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.log4j.Logger;
+import com.cloud.exception.ConcurrentOperationException;
+import com.cloud.exception.InsufficientCapacityException;
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.exception.ResourceAllocationException;
+import com.cloud.exception.ResourceUnavailableException;
import com.cloud.user.Account;
import com.cloud.utils.Pair;
@@ -67,7 +68,7 @@ public class LDAPConfigCmd extends BaseCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name = ApiConstants.LIST_ALL, type = BaseCmd.CommandType.BOOLEAN, description = "If true return current LDAP configuration")
+ @Parameter(name = ApiConstants.LIST_ALL, type = CommandType.BOOLEAN, description = "If true return current LDAP configuration")
private Boolean listAll;
@Parameter(name = ApiConstants.HOST_NAME, type = CommandType.STRING, description = "Hostname or ip address of the ldap server eg: my.ldap.com")
@@ -79,13 +80,19 @@ public class LDAPConfigCmd extends BaseCmd {
@Parameter(name = ApiConstants.USE_SSL, type = CommandType.BOOLEAN, description = "Check Use SSL if the external LDAP server is configured for LDAP over SSL.")
private Boolean useSSL;
- @Parameter(name = ApiConstants.SEARCH_BASE, type = CommandType.STRING, description = "The search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.")
+ @Parameter(name = ApiConstants.SEARCH_BASE,
+ type = CommandType.STRING,
+ description = "The search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.")
private String searchBase;
- @Parameter(name = ApiConstants.QUERY_FILTER, type = CommandType.STRING, description = "You specify a query filter here, which narrows down the users, who can be part of this domain.")
+ @Parameter(name = ApiConstants.QUERY_FILTER,
+ type = CommandType.STRING,
+ description = "You specify a query filter here, which narrows down the users, who can be part of this domain.")
private String queryFilter;
- @Parameter(name = ApiConstants.BIND_DN, type = CommandType.STRING, description = "Specify the distinguished name of a user with the search permission on the directory.")
+ @Parameter(name = ApiConstants.BIND_DN,
+ type = CommandType.STRING,
+ description = "Specify the distinguished name of a user with the search permission on the directory.")
private String bindDN;
@Parameter(name = ApiConstants.BIND_PASSWORD, type = CommandType.STRING, description = "Enter the password.")
@@ -170,7 +177,8 @@ public class LDAPConfigCmd extends BaseCmd {
/////////////////////////////////////////////////////
@Override
- public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException {
+ public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException,
+ ResourceAllocationException {
if (getListAll()) {
// return the existing conf
@@ -184,7 +192,8 @@ public class LDAPConfigCmd extends BaseCmd {
String searchBaseConfig = _ldapConfiguration.getBaseDn();
String bindDnConfig = _ldapConfiguration.getBindPrincipal();
for (LdapConfigurationVO ldapConfigurationVO : result.first()) {
- responses.add(createLDAPConfigResponse(ldapConfigurationVO.getHostname(), ldapConfigurationVO.getPort(), useSSlConfig, null, searchBaseConfig, bindDnConfig));
+ responses.add(createLDAPConfigResponse(ldapConfigurationVO.getHostname(), ldapConfigurationVO.getPort(), useSSlConfig, null, searchBaseConfig,
+ bindDnConfig));
}
}
response.setResponses(responses);
@@ -195,7 +204,7 @@ public class LDAPConfigCmd extends BaseCmd {
} else {
boolean result = updateLDAP();
if (result) {
- LDAPConfigResponse lr = this.createLDAPConfigResponse(getHostname(), getPort().toString(), getUseSSL(), getQueryFilter(), getSearchBase(), getBindDN());
+ LDAPConfigResponse lr = createLDAPConfigResponse(getHostname(), getPort(), getUseSSL(), getQueryFilter(), getSearchBase(), getBindDN());
lr.setResponseName(getCommandName());
setResponseObject(lr);
}
@@ -203,10 +212,10 @@ public class LDAPConfigCmd extends BaseCmd {
}
- private LDAPConfigResponse createLDAPConfigResponse(String hostname, String port, Boolean useSSL, String queryFilter, String searchBase, String bindDN) {
+ private LDAPConfigResponse createLDAPConfigResponse(String hostname, Integer port, Boolean useSSL, String queryFilter, String searchBase, String bindDN) {
LDAPConfigResponse lr = new LDAPConfigResponse();
lr.setHostname(hostname);
- lr.setPort(port);
+ lr.setPort(port.toString());
lr.setUseSSL(useSSL.toString());
lr.setQueryFilter(queryFilter);
lr.setBindDN(bindDN);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/001e67ab/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
index f03df42..a4e4782 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
@@ -16,10 +16,11 @@
// under the License.
package org.apache.cloudstack.api.response;
+import com.google.gson.annotations.SerializedName;
+
import org.apache.cloudstack.api.BaseResponse;
import com.cloud.serializer.Param;
-import com.google.gson.annotations.SerializedName;
public class LdapConfigurationResponse extends BaseResponse {
@SerializedName("hostname")
@@ -28,7 +29,7 @@ public class LdapConfigurationResponse extends BaseResponse {
@SerializedName("port")
@Param(description = "port")
- private String port;
+ private int port;
public LdapConfigurationResponse() {
super();
@@ -39,7 +40,7 @@ public class LdapConfigurationResponse extends BaseResponse {
this.hostname = hostname;
}
- public LdapConfigurationResponse(final String hostname, final String port) {
+ public LdapConfigurationResponse(final String hostname, final int port) {
this.hostname = hostname;
this.port = port;
}
@@ -48,7 +49,7 @@ public class LdapConfigurationResponse extends BaseResponse {
return hostname;
}
- public String getPort() {
+ public int getPort() {
return port;
}
@@ -56,7 +57,7 @@ public class LdapConfigurationResponse extends BaseResponse {
this.hostname = hostname;
}
- public void setPort(final String port) {
+ public void setPort(final int port) {
this.port = port;
}
-}
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/001e67ab/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
index 54b35cb..488e7f4 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
@@ -16,10 +16,6 @@
// under the License.
package org.apache.cloudstack.ldap;
-import org.apache.cloudstack.api.InternalIdentity;
-
-import com.cloud.utils.db.Encrypt;
-
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
@@ -27,27 +23,26 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.api.InternalIdentity;
+
@Entity
@Table(name = "ldap_configuration")
public class LdapConfigurationVO implements InternalIdentity {
+ @Column(name = "hostname")
+ private String hostname;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private Long id;
- @Encrypt
- @Column(name = "hostname")
- private String hostname;
-
- @Encrypt
@Column(name = "port")
- private String port;
+ private int port;
public LdapConfigurationVO() {
}
- public LdapConfigurationVO(final String hostname, final String port) {
+ public LdapConfigurationVO(final String hostname, final int port) {
this.hostname = hostname;
this.port = port;
}
@@ -61,11 +56,11 @@ public class LdapConfigurationVO implements InternalIdentity {
return id;
}
- public String getPort() {
+ public int getPort() {
return port;
}
public void setId(final long id) {
this.id = id;
}
-}
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/001e67ab/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
index 42b0aeb..6d71f4f 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
@@ -24,6 +24,9 @@ import javax.inject.Inject;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
+
import org.apache.cloudstack.api.LdapValidator;
import org.apache.cloudstack.api.command.LDAPConfigCmd;
import org.apache.cloudstack.api.command.LDAPRemoveCmd;
@@ -37,8 +40,6 @@ import org.apache.cloudstack.api.command.LdapUserSearchCmd;
import org.apache.cloudstack.api.response.LdapConfigurationResponse;
import org.apache.cloudstack.api.response.LdapUserResponse;
import org.apache.cloudstack.ldap.dao.LdapConfigurationDao;
-import org.apache.log4j.Logger;
-import org.springframework.stereotype.Component;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.utils.Pair;
@@ -75,10 +76,10 @@ public class LdapManagerImpl implements LdapManager, LdapValidator {
try {
final String providerUrl = "ldap://" + hostname + ":" + port;
_ldapContextFactory.createBindContext(providerUrl);
- configuration = new LdapConfigurationVO(hostname, Integer.toString(port));
+ configuration = new LdapConfigurationVO(hostname, port);
_ldapConfigurationDao.persist(configuration);
s_logger.info("Added new ldap server with hostname: " + hostname);
- return new LdapConfigurationResponse(hostname, Integer.toString(port));
+ return new LdapConfigurationResponse(hostname, port);
} catch (final NamingException e) {
throw new InvalidParameterValueException("Unable to bind to the given LDAP server");
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/001e67ab/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index 1cd891b..b26166a 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -612,7 +612,7 @@ INSERT INTO `cloud`.`configuration`(category, instance, component, name, value,
CREATE TABLE `cloud`.`ldap_configuration` (
`id` bigint unsigned NOT NULL auto_increment COMMENT 'id',
`hostname` varchar(255) NOT NULL COMMENT 'the hostname of the ldap server',
- `port` varchar(255) COMMENT 'port that the ldap server is listening on',
+ `port` int(10) COMMENT 'port that the ldap server is listening on',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;