cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yas...@apache.org
Subject git commit: updated refs/heads/4.5 to 865b2e6
Date Tue, 28 Oct 2014 23:29:44 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/4.5 492962520 -> 865b2e679


CLOUDSTACK-7814: Fix default passphrase for keystores

In upgrade case, the db.properties file is not changed, but the following commit
would require passphrase for keystore in it, thus result in error(NPE in fact
due to there is no such properity).

commit 918c320438980f070150f872e3a3ba907572af83
Author: Upendra Moturi <upendra.moturi@sungard.com>
Date: Fri Jun 20 11:41:58 2014 +0530
CLOUDSTACK-6847.Link.java and console proxy files have hardcoded value

This commit fix it by put default value for passphrases, also set correct
passphrase if fail-safe keystore is used.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/865b2e67
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/865b2e67
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/865b2e67

Branch: refs/heads/4.5
Commit: 865b2e6791a37371fff4c43c974c90f44d24c418
Parents: 4929625
Author: Sheng Yang <sheng.yang@citrix.com>
Authored: Mon Oct 27 18:59:55 2014 -0700
Committer: Sheng Yang <sheng.yang@citrix.com>
Committed: Tue Oct 28 16:29:29 2014 -0700

----------------------------------------------------------------------
 .../ConsoleProxySecureServerFactoryImpl.java    | 32 ++++++++++----------
 utils/src/com/cloud/utils/nio/Link.java         |  9 ++++--
 2 files changed, 22 insertions(+), 19 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/865b2e67/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
----------------------------------------------------------------------
diff --git a/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
b/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
index 7af4c7b..75d23b1 100644
--- a/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
+++ b/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
@@ -16,12 +16,12 @@
 // under the License.
 package com.cloud.consoleproxy;
 
-import java.io.ByteArrayInputStream;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.security.KeyStore;
-import java.util.Properties;
+import com.cloud.utils.db.DbProperties;
+import com.sun.net.httpserver.HttpServer;
+import com.sun.net.httpserver.HttpsConfigurator;
+import com.sun.net.httpserver.HttpsParameters;
+import com.sun.net.httpserver.HttpsServer;
+import org.apache.log4j.Logger;
 
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
@@ -29,14 +29,11 @@ import javax.net.ssl.SSLParameters;
 import javax.net.ssl.SSLServerSocket;
 import javax.net.ssl.SSLServerSocketFactory;
 import javax.net.ssl.TrustManagerFactory;
-
-import org.apache.log4j.Logger;
-
-import com.cloud.utils.db.DbProperties;
-import com.sun.net.httpserver.HttpServer;
-import com.sun.net.httpserver.HttpsConfigurator;
-import com.sun.net.httpserver.HttpsParameters;
-import com.sun.net.httpserver.HttpsServer;
+import java.io.ByteArrayInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.security.KeyStore;
 
 public class ConsoleProxySecureServerFactoryImpl implements ConsoleProxyServerFactory {
     private static final Logger s_logger = Logger.getLogger(ConsoleProxySecureServerFactoryImpl.class);
@@ -54,8 +51,11 @@ public class ConsoleProxySecureServerFactoryImpl implements ConsoleProxyServerFa
             try {
                 s_logger.info("Initializing SSL from built-in default certificate");
 
-                final Properties dbProps = DbProperties.getDbProperties();
-                char[] passphrase = dbProps.getProperty("db.cloud.keyStorePassphrase").toCharArray();
+                final String pass = DbProperties.getDbProperties().getProperty("db.cloud.keyStorePassphrase");
+                char[] passphrase = "vmops.com".toCharArray();
+                if (pass != null) {
+                    passphrase = pass.toCharArray();
+                }
                 KeyStore ks = KeyStore.getInstance("JKS");
 
                 ks.load(new FileInputStream("certs/realhostip.keystore"), passphrase);

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/865b2e67/utils/src/com/cloud/utils/nio/Link.java
----------------------------------------------------------------------
diff --git a/utils/src/com/cloud/utils/nio/Link.java b/utils/src/com/cloud/utils/nio/Link.java
index c295caf..a15b8a4 100755
--- a/utils/src/com/cloud/utils/nio/Link.java
+++ b/utils/src/com/cloud/utils/nio/Link.java
@@ -33,7 +33,6 @@ import java.nio.channels.SelectionKey;
 import java.nio.channels.SocketChannel;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
-import java.util.Properties;
 import java.util.concurrent.ConcurrentLinkedQueue;
 
 import javax.net.ssl.KeyManagerFactory;
@@ -418,8 +417,11 @@ public class Link {
 
         File confFile = PropertiesUtil.findConfigFile("db.properties");
         if (null != confFile && !isClient) {
-            final Properties dbProps = DbProperties.getDbProperties();
-            char[] passphrase = dbProps.getProperty("db.cloud.keyStorePassphrase").toCharArray();
+            final String pass = DbProperties.getDbProperties().getProperty("db.cloud.keyStorePassphrase");
+            char[] passphrase = "vmops.com".toCharArray();
+            if (pass != null) {
+                passphrase = pass.toCharArray();
+            }
             String confPath = confFile.getParent();
             String keystorePath = confPath + keystoreFile;
             if (new File(keystorePath).exists()) {
@@ -427,6 +429,7 @@ public class Link {
             } else {
                 s_logger.warn("SSL: Fail to find the generated keystore. Loading fail-safe
one to continue.");
                 stream = NioConnection.class.getResourceAsStream("/cloud.keystore");
+                passphrase = "vmops.com".toCharArray();
             }
             ks.load(stream, passphrase);
             stream.close();


Mime
View raw message