You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by ya...@apache.org on 2012/08/08 01:32:52 UTC

[2/2] git commit: S2S VPN: CS-15882: Only allow VPN connection between same account's gateways

S2S VPN: CS-15882: Only allow VPN connection between same account's gateways


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/5e0eb93f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/5e0eb93f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/5e0eb93f

Branch: refs/heads/vpc
Commit: 5e0eb93fe6add77c89e0a4cb0348131c2cbe5963
Parents: b5e1c53
Author: Sheng Yang <sh...@citrix.com>
Authored: Tue Aug 7 13:42:54 2012 -0700
Committer: Sheng Yang <sh...@citrix.com>
Committed: Tue Aug 7 16:27:04 2012 -0700

----------------------------------------------------------------------
 .../cloud/network/vpn/Site2SiteVpnManagerImpl.java |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/5e0eb93f/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
index 8331428..73a73e4 100644
--- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
@@ -216,6 +216,10 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
         }
         _accountMgr.checkAccess(caller, null, false, vpnGateway);
         
+        if (customerGateway.getAccountId() != vpnGateway.getAccountId() || customerGateway.getDomainId() != vpnGateway.getDomainId()) {
+            throw new InvalidParameterValueException("VPN connection can only be esitablished between same account's VPN gateway and customer gateway!");
+        }
+
         if (_vpnConnectionDao.findByVpnGatewayIdAndCustomerGatewayId(vpnGatewayId, customerGatewayId) != null) {
             throw new InvalidParameterValueException("The vpn connection with customer gateway id " + customerGatewayId + " or vpn gateway id " 
                     + vpnGatewayId + " already existed!");