Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6F6331035E for ; Tue, 31 Dec 2013 06:57:55 +0000 (UTC) Received: (qmail 78227 invoked by uid 500); 31 Dec 2013 06:57:52 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 78182 invoked by uid 500); 31 Dec 2013 06:57:51 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 78168 invoked by uid 99); 31 Dec 2013 06:57:49 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 31 Dec 2013 06:57:49 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id EA3E790C78B; Tue, 31 Dec 2013 06:57:48 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: rajeshbattala@apache.org To: commits@cloudstack.apache.org Message-Id: <4e3736040f3a433b83d3f984aa5cd949@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: git commit: updated refs/heads/4.3 to 68c4acc Date: Tue, 31 Dec 2013 06:57:48 +0000 (UTC) Updated Branches: refs/heads/4.3 3b3adbf71 -> 68c4acce7 CLOUDSTACK-5687 [Hyper-V] Remote Access VPN fails with Unsupported command while trying to configure VPN users Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/68c4acce Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/68c4acce Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/68c4acce Branch: refs/heads/4.3 Commit: 68c4acce7da394eac07e1761b12a4cc48e5442cf Parents: 3b3adbf Author: Rajesh Battala Authored: Tue Dec 31 12:30:32 2013 +0530 Committer: Rajesh Battala Committed: Tue Dec 31 12:31:23 2013 +0530 ---------------------------------------------------------------------- .../resource/HypervDirectConnectResource.java | 91 ++++++++++++++++++++ 1 file changed, 91 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68c4acce/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java b/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java index a2475a9..bb78fce 100644 --- a/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java +++ b/plugins/hypervisors/hyperv/src/com/cloud/hypervisor/hyperv/resource/HypervDirectConnectResource.java @@ -24,6 +24,7 @@ import java.net.URI; import java.net.URISyntaxException; import java.net.URL; import java.nio.channels.SocketChannel; +import java.rmi.RemoteException; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -75,6 +76,7 @@ import com.cloud.agent.api.routing.IpAssocAnswer; import com.cloud.agent.api.routing.IpAssocCommand; import com.cloud.agent.api.routing.LoadBalancerConfigCommand; import com.cloud.agent.api.routing.NetworkElementCommand; +import com.cloud.agent.api.routing.RemoteAccessVpnCfgCommand; import com.cloud.agent.api.routing.SavePasswordCommand; import com.cloud.agent.api.routing.SetFirewallRulesAnswer; import com.cloud.agent.api.routing.SetFirewallRulesCommand; @@ -89,6 +91,7 @@ import com.cloud.agent.api.routing.SetStaticRouteAnswer; import com.cloud.agent.api.routing.SetStaticRouteCommand; import com.cloud.agent.api.routing.Site2SiteVpnCfgCommand; import com.cloud.agent.api.routing.VmDataCommand; +import com.cloud.agent.api.routing.VpnUsersCfgCommand; import com.cloud.agent.api.to.DhcpTO; import com.cloud.agent.api.to.FirewallRuleTO; import com.cloud.agent.api.to.IpAddressTO; @@ -424,6 +427,10 @@ public class HypervDirectConnectResource extends ServerResourceBase implements S answer = execute((Site2SiteVpnCfgCommand) cmd); } else if (clazz == CheckS2SVpnConnectionsCommand.class) { answer = execute((CheckS2SVpnConnectionsCommand) cmd); + } else if (clazz == RemoteAccessVpnCfgCommand.class) { + answer = execute((RemoteAccessVpnCfgCommand) cmd); + } else if (clazz == VpnUsersCfgCommand.class) { + answer = execute((VpnUsersCfgCommand) cmd); } else if (clazz == SetStaticRouteCommand.class) { answer = execute((SetStaticRouteCommand) cmd); } else if (clazz == SetMonitorServiceCommand.class) { @@ -459,7 +466,91 @@ public class HypervDirectConnectResource extends ServerResourceBase implements S } return answer; } + + protected Answer execute(final RemoteAccessVpnCfgCommand cmd) { + String controlIp = getRouterSshControlIp(cmd); + StringBuffer argsBuf = new StringBuffer(); + if (cmd.isCreate()) { + argsBuf.append(" -r ").append(cmd.getIpRange()).append(" -p ").append(cmd.getPresharedKey()).append(" -s ").append(cmd.getVpnServerIp()).append(" -l ").append(cmd.getLocalIp()) + .append(" -c "); + + } else { + argsBuf.append(" -d ").append(" -s ").append(cmd.getVpnServerIp()); + } + argsBuf.append(" -C ").append(cmd.getLocalCidr()); + argsBuf.append(" -i ").append(cmd.getPublicInterface()); + + try { + + if (s_logger.isDebugEnabled()) { + s_logger.debug("Executing /opt/cloud/bin/vpn_lt2p.sh "); + } + + Pair result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", getSystemVMKeyFile(), null, "/opt/cloud/bin/vpn_l2tp.sh " + argsBuf.toString()); + + if (!result.first()) { + s_logger.error("RemoteAccessVpnCfg command on domR failed, message: " + result.second()); + return new Answer(cmd, false, "RemoteAccessVpnCfg command failed due to " + result.second()); + } + + if (s_logger.isInfoEnabled()) { + s_logger.info("RemoteAccessVpnCfg command on domain router " + argsBuf.toString() + " completed"); + } + + } catch (Throwable e) { + if (e instanceof RemoteException) { + s_logger.warn(e.getMessage()); + } + + String msg = "RemoteAccessVpnCfg command failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd); + } + + protected Answer execute(final VpnUsersCfgCommand cmd) { + + String controlIp = getRouterSshControlIp(cmd); + for (VpnUsersCfgCommand.UsernamePassword userpwd : cmd.getUserpwds()) { + StringBuffer argsBuf = new StringBuffer(); + if (!userpwd.isAdd()) { + argsBuf.append(" -U ").append(userpwd.getUsername()); + } else { + argsBuf.append(" -u ").append(userpwd.getUsernamePassword()); + } + + try { + + if (s_logger.isDebugEnabled()) { + s_logger.debug("Executing /opt/cloud/bin/vpn_lt2p.sh "); + } + + Pair result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", getSystemVMKeyFile(), null, "/opt/cloud/bin/vpn_l2tp.sh " + argsBuf.toString()); + + if (!result.first()) { + s_logger.error("VpnUserCfg command on domR failed, message: " + result.second()); + + return new Answer(cmd, false, "VpnUserCfg command failed due to " + result.second()); + } + } catch (Throwable e) { + if (e instanceof RemoteException) { + s_logger.warn(e.getMessage()); + } + + String msg = "VpnUserCfg command failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + } + + return new Answer(cmd); + } + + + private SetStaticRouteAnswer execute(SetStaticRouteCommand cmd) { if (s_logger.isInfoEnabled()) { s_logger.info("Executing resource SetStaticRouteCommand: " + s_gson.toJson(cmd));