You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Syed Ahmed <sa...@cloudops.com> on 2013/11/28 02:01:55 UTC
Review Request 15897: Add certificate chain support for netscaler.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15897/
-----------------------------------------------------------
Review request for cloudstack and Murali Reddy.
Bugs: CLOUDSTACK-5296
https://issues.apache.org/jira/browse/CLOUDSTACK-5296
Repository: cloudstack-git
Description
-------
This patch adds support for trust chains in the netscaler.
I initially planned on using the 10.1 API's "bundle" feature but during my testing I found that was not working. So I am doing the chain linking myself. Also NS can have only one entity of a certificate ie lets say two different users try to add the same certificate on the netscaler only one of them will go through. The other one says resouce already exists even though they have different files.
This can be a problem in trust chains where the chain can be shared between multiple accounts/certificates. So, I am using the figerprint as an identifier of a certificate and making sure that we delete it only when no one references it.
Diffs
-----
.gitignore dab1b3f
api/src/com/cloud/network/lb/LoadBalancingRule.java 4b2f9c4
engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java 99354c5
plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java 7dac9a0
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java a2eba07
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 17f88bd
utils/src/com/cloud/utils/security/CertificateHelper.java e8d20b0
Diff: https://reviews.apache.org/r/15897/diff/
Testing
-------
Testing was done a a 3-length chain with a root, intermediate and a client certificate. Two clients share the same intermediate certificate.
Thanks,
Syed Ahmed
Re: Review Request 15897: Add certificate chain support for netscaler.
Posted by Murali Reddy <mu...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15897/#review30245
-----------------------------------------------------------
Ship it!
commit fb89a2d8f6c75d92ac926e9728ef9fa974ffcdd1 on 4.3
- Murali Reddy
On Dec. 5, 2013, 7:04 p.m., Syed Ahmed wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15897/
> -----------------------------------------------------------
>
> (Updated Dec. 5, 2013, 7:04 p.m.)
>
>
> Review request for cloudstack and Murali Reddy.
>
>
> Bugs: CLOUDSTACK-5296
> https://issues.apache.org/jira/browse/CLOUDSTACK-5296
>
>
> Repository: cloudstack-git
>
>
> Description
> -------
>
> This patch adds support for trust chains in the netscaler.
>
> I initially planned on using the 10.1 API's "bundle" feature but during my testing I found that was not working. So I am doing the chain linking myself. Also NS can have only one entity of a certificate ie lets say two different users try to add the same certificate on the netscaler only one of them will go through. The other one says resouce already exists even though they have different files.
>
> This can be a problem in trust chains where the chain can be shared between multiple accounts/certificates. So, I am using the figerprint as an identifier of a certificate and making sure that we delete it only when no one references it.
>
>
> Diffs
> -----
>
> .gitignore 8e3b052
> api/src/com/cloud/network/lb/LoadBalancingRule.java 39c969c
> engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java af0d970
> plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java e48d31d
> server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java a1650e0
> server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 74adb37
> utils/src/com/cloud/utils/security/CertificateHelper.java 8344d72
>
> Diff: https://reviews.apache.org/r/15897/diff/
>
>
> Testing
> -------
>
> Testing was done a a 3-length chain with a root, intermediate and a client certificate. Two clients share the same intermediate certificate.
>
>
> Thanks,
>
> Syed Ahmed
>
>
Re: Review Request 15897: Add certificate chain support for netscaler.
Posted by Syed Ahmed <sa...@cloudops.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15897/
-----------------------------------------------------------
(Updated Dec. 5, 2013, 7:04 p.m.)
Review request for cloudstack and Murali Reddy.
Changes
-------
Added patch for 4.3
Bugs: CLOUDSTACK-5296
https://issues.apache.org/jira/browse/CLOUDSTACK-5296
Repository: cloudstack-git
Description
-------
This patch adds support for trust chains in the netscaler.
I initially planned on using the 10.1 API's "bundle" feature but during my testing I found that was not working. So I am doing the chain linking myself. Also NS can have only one entity of a certificate ie lets say two different users try to add the same certificate on the netscaler only one of them will go through. The other one says resouce already exists even though they have different files.
This can be a problem in trust chains where the chain can be shared between multiple accounts/certificates. So, I am using the figerprint as an identifier of a certificate and making sure that we delete it only when no one references it.
Diffs (updated)
-----
.gitignore 8e3b052
api/src/com/cloud/network/lb/LoadBalancingRule.java 39c969c
engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java af0d970
plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java e48d31d
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java a1650e0
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 74adb37
utils/src/com/cloud/utils/security/CertificateHelper.java 8344d72
Diff: https://reviews.apache.org/r/15897/diff/
Testing
-------
Testing was done a a 3-length chain with a root, intermediate and a client certificate. Two clients share the same intermediate certificate.
Thanks,
Syed Ahmed
Re: Review Request 15897: Add certificate chain support for netscaler.
Posted by Murali Reddy <mu...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15897/#review29806
-----------------------------------------------------------
patch does not apply on 4.3. Can you please submit patch for 4.3
Applied on master commit ee7380ace2014f8839417fd79e0a52cf9a0f02cd
- Murali Reddy
On Dec. 4, 2013, 4:44 a.m., Syed Ahmed wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15897/
> -----------------------------------------------------------
>
> (Updated Dec. 4, 2013, 4:44 a.m.)
>
>
> Review request for cloudstack and Murali Reddy.
>
>
> Bugs: CLOUDSTACK-5296
> https://issues.apache.org/jira/browse/CLOUDSTACK-5296
>
>
> Repository: cloudstack-git
>
>
> Description
> -------
>
> This patch adds support for trust chains in the netscaler.
>
> I initially planned on using the 10.1 API's "bundle" feature but during my testing I found that was not working. So I am doing the chain linking myself. Also NS can have only one entity of a certificate ie lets say two different users try to add the same certificate on the netscaler only one of them will go through. The other one says resouce already exists even though they have different files.
>
> This can be a problem in trust chains where the chain can be shared between multiple accounts/certificates. So, I am using the figerprint as an identifier of a certificate and making sure that we delete it only when no one references it.
>
>
> Diffs
> -----
>
> .gitignore dab1b3f
> api/src/com/cloud/network/lb/LoadBalancingRule.java 4b2f9c4
> engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java 99354c5
> plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java 7dac9a0
> server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java a2eba07
> server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 17f88bd
> utils/src/com/cloud/utils/security/CertificateHelper.java e8d20b0
>
> Diff: https://reviews.apache.org/r/15897/diff/
>
>
> Testing
> -------
>
> Testing was done a a 3-length chain with a root, intermediate and a client certificate. Two clients share the same intermediate certificate.
>
>
> Thanks,
>
> Syed Ahmed
>
>
Re: Review Request 15897: Add certificate chain support for netscaler.
Posted by Syed Ahmed <sa...@cloudops.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15897/
-----------------------------------------------------------
(Updated Dec. 4, 2013, 4:44 a.m.)
Review request for cloudstack and Murali Reddy.
Changes
-------
Updated the NetscalerResource. Fixed compilation issue. Can you please check now ... sorry for the trouble.
Bugs: CLOUDSTACK-5296
https://issues.apache.org/jira/browse/CLOUDSTACK-5296
Repository: cloudstack-git
Description
-------
This patch adds support for trust chains in the netscaler.
I initially planned on using the 10.1 API's "bundle" feature but during my testing I found that was not working. So I am doing the chain linking myself. Also NS can have only one entity of a certificate ie lets say two different users try to add the same certificate on the netscaler only one of them will go through. The other one says resouce already exists even though they have different files.
This can be a problem in trust chains where the chain can be shared between multiple accounts/certificates. So, I am using the figerprint as an identifier of a certificate and making sure that we delete it only when no one references it.
Diffs (updated)
-----
.gitignore dab1b3f
api/src/com/cloud/network/lb/LoadBalancingRule.java 4b2f9c4
engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java 99354c5
plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java 7dac9a0
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java a2eba07
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 17f88bd
utils/src/com/cloud/utils/security/CertificateHelper.java e8d20b0
Diff: https://reviews.apache.org/r/15897/diff/
Testing
-------
Testing was done a a 3-length chain with a root, intermediate and a client certificate. Two clients share the same intermediate certificate.
Thanks,
Syed Ahmed
Re: Review Request 15897: Add certificate chain support for netscaler.
Posted by Murali Reddy <mu...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15897/#review29653
-----------------------------------------------------------
patch does not compile on master. Fails with error:
[ERROR] /Users/murali/projects/asf/incubator-cloudstack/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java:[2388,36] cannot find symbol
[ERROR] symbol : method get(com.citrix.netscaler.nitro.service.nitro_service,com.citrix.netscaler.nitro.resource.config.ns.nsip)
[ERROR] location: class com.citrix.netscaler.nitro.resource.config.ns.nsip
[ERROR] /Users/murali/projects/asf/incubator-cloudstack/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java:[2437,28] cannot find symbol
[ERROR] symbol : method get(com.citrix.netscaler.nitro.service.nitro_service,com.citrix.netscaler.nitro.resource.config.ns.nsip)
[ERROR] location: class com.citrix.netscaler.nitro.resource.config.ns.nsip
- Murali Reddy
On Nov. 28, 2013, 1:01 a.m., Syed Ahmed wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15897/
> -----------------------------------------------------------
>
> (Updated Nov. 28, 2013, 1:01 a.m.)
>
>
> Review request for cloudstack and Murali Reddy.
>
>
> Bugs: CLOUDSTACK-5296
> https://issues.apache.org/jira/browse/CLOUDSTACK-5296
>
>
> Repository: cloudstack-git
>
>
> Description
> -------
>
> This patch adds support for trust chains in the netscaler.
>
> I initially planned on using the 10.1 API's "bundle" feature but during my testing I found that was not working. So I am doing the chain linking myself. Also NS can have only one entity of a certificate ie lets say two different users try to add the same certificate on the netscaler only one of them will go through. The other one says resouce already exists even though they have different files.
>
> This can be a problem in trust chains where the chain can be shared between multiple accounts/certificates. So, I am using the figerprint as an identifier of a certificate and making sure that we delete it only when no one references it.
>
>
> Diffs
> -----
>
> .gitignore dab1b3f
> api/src/com/cloud/network/lb/LoadBalancingRule.java 4b2f9c4
> engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java 99354c5
> plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java 7dac9a0
> server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java a2eba07
> server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 17f88bd
> utils/src/com/cloud/utils/security/CertificateHelper.java e8d20b0
>
> Diff: https://reviews.apache.org/r/15897/diff/
>
>
> Testing
> -------
>
> Testing was done a a 3-length chain with a root, intermediate and a client certificate. Two clients share the same intermediate certificate.
>
>
> Thanks,
>
> Syed Ahmed
>
>