You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ki...@apache.org on 2013/07/04 13:33:44 UTC

git commit: updated refs/heads/4.1 to 3128a4c

Updated Branches:
  refs/heads/4.1 e8fea3441 -> 3128a4cce


CLOUDSTACK-1012:Encrypt system.vm.password for 4.1 to 4.1.1 upgrades


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/3128a4cc
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/3128a4cc
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/3128a4cc

Branch: refs/heads/4.1
Commit: 3128a4ccee0b8e9d990601bcf72399390e9239ba
Parents: e8fea34
Author: Saksham Srivastava <sa...@citrix.com>
Authored: Mon Jun 24 16:16:36 2013 +0530
Committer: Kishan Kavala <ki...@cloud.com>
Committed: Thu Jul 4 16:57:52 2013 +0530

----------------------------------------------------------------------
 .../com/cloud/upgrade/dao/Upgrade410to411.java  | 65 ++++++++++++++++++++
 1 file changed, 65 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3128a4cc/server/src/com/cloud/upgrade/dao/Upgrade410to411.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/upgrade/dao/Upgrade410to411.java b/server/src/com/cloud/upgrade/dao/Upgrade410to411.java
index 5b25620..64c3b4b 100644
--- a/server/src/com/cloud/upgrade/dao/Upgrade410to411.java
+++ b/server/src/com/cloud/upgrade/dao/Upgrade410to411.java
@@ -17,12 +17,16 @@
 
 package com.cloud.upgrade.dao;
 
+import com.cloud.utils.crypt.DBEncryptionUtil;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.script.Script;
 import org.apache.log4j.Logger;
 
 import java.io.File;
 import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
 
 public class Upgrade410to411 implements DbUpgrade {
     final static Logger s_logger = Logger.getLogger(Upgrade410to411.class);
@@ -54,6 +58,7 @@ public class Upgrade410to411 implements DbUpgrade {
 
     @Override
     public void performDataMigration(Connection conn) {
+        upgradeSystemVmPassword(conn);
     }
 
     @Override
@@ -61,4 +66,64 @@ public class Upgrade410to411 implements DbUpgrade {
         return null;
     }
 
+    private void upgradeSystemVmPassword(Connection conn) {
+        PreparedStatement pstmt = null;
+        PreparedStatement pstmtSecond = null;
+        PreparedStatement stmt = null;
+        PreparedStatement psCategory = null;
+        ResultSet rsOne = null;
+        ResultSet rsSecond = null;
+        ResultSet rsCategory = null;
+        String rpassword = null;
+        String randomPassword = null;
+        String configCategory = null;
+        try {
+            //Check if system.vm.random.password is set to true
+            pstmt = conn.prepareStatement("select value from cloud.configuration where name='system.vm.random.password'");
+            rsOne = pstmt.executeQuery();
+            if(rsOne.first()) {
+                randomPassword = (String) rsOne.getString(1);
+                if (randomPassword.equalsIgnoreCase("true")) {
+                    // Check if the category of the password is not Secure
+                    // If category is Secure, then it was already encrypted in 4.1, no need to further encrypt
+                    psCategory = conn.prepareStatement("select category from cloud.configuration where name='system.vm.password'");
+                    rsCategory = psCategory.executeQuery();
+                    if(rsCategory.first()) {
+                        configCategory = (String) rsCategory.getString(1);
+                        if(!configCategory.equalsIgnoreCase("Secure")) {
+                            //Encrypt the password now
+                            pstmtSecond = conn.prepareStatement("select value from cloud.configuration where name='system.vm.password'");
+                            rsSecond = pstmtSecond.executeQuery();
+
+                            if(rsSecond.first()) {
+                                s_logger.info("Encrypting systemvmpassword as it is not encrypted");
+                                rpassword = (String) rsSecond.getString(1);
+                                stmt = conn.prepareStatement("UPDATE `cloud`.`configuration` SET value = ?, category = 'Secure' WHERE name = 'system.vm.password'");
+                                stmt.setString(1, DBEncryptionUtil.encrypt(rpassword));
+                                stmt.executeUpdate();
+                            }
+                        }
+                    }
+                }
+            }
+        } catch (SQLException e) {
+            throw new CloudRuntimeException("Error while updating system vm password", e);
+        } finally {
+            try {
+                if (pstmt != null) {
+                    pstmt.close();
+                }
+                if (psCategory !=null) {
+                    psCategory.close();
+                }
+                if (pstmtSecond !=null) {
+                    pstmtSecond.close();
+                }
+                if (stmt != null) {
+                    stmt.close();
+                }
+            } catch (SQLException e) {
+            }
+        }
+    }
 }