diff --git a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java index d10a624323a..ac698f69689 100644 --- a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java +++ b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java @@ -85,7 +85,6 @@ import org.jetbrains.annotations.Nullable; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; -import com.cloud.agent.AgentManager; import com.cloud.agent.api.Answer; import com.cloud.agent.api.Command; import com.cloud.agent.api.to.IpAddressTO; @@ -148,7 +147,6 @@ import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.IPAddressVO; import com.cloud.network.dao.Ipv6GuestPrefixSubnetNetworkMapDao; import com.cloud.network.dao.LoadBalancerDao; -import com.cloud.network.dao.NetworkAccountDao; import com.cloud.network.dao.NetworkDao; import com.cloud.network.dao.NetworkDetailVO; import com.cloud.network.dao.NetworkDetailsDao; @@ -163,7 +161,6 @@ import com.cloud.network.dao.PhysicalNetworkServiceProviderVO; import com.cloud.network.dao.PhysicalNetworkTrafficTypeDao; import com.cloud.network.dao.PhysicalNetworkTrafficTypeVO; import com.cloud.network.dao.PhysicalNetworkVO; -import com.cloud.network.dao.VirtualRouterProviderDao; import com.cloud.network.element.NetworkElement; import com.cloud.network.element.OvsProviderVO; import com.cloud.network.element.VirtualRouterElement; @@ -385,8 +382,6 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C @Inject AccountService _accountService; @Inject - NetworkAccountDao _networkAccountDao; - @Inject VirtualMachineManager vmManager; @Inject Ipv6Service ipv6Service; @@ -395,16 +390,12 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C @Inject AlertManager alertManager; @Inject - VirtualRouterProviderDao vrProviderDao; - @Inject DomainRouterDao routerDao; @Inject DomainRouterJoinDao routerJoinDao; @Inject CommandSetupHelper commandSetupHelper; @Inject - AgentManager agentManager; - @Inject ServiceOfferingDao serviceOfferingDao; @Autowired @@ -4395,23 +4386,37 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C return Transaction.execute(new TransactionCallback() { @Override public Boolean doInTransaction(TransactionStatus status) { - // delete vlans for this zone - List vlans = _vlanDao.listVlansByPhysicalNetworkId(physicalNetworkId); - for (VlanVO vlan : vlans) { - _vlanDao.remove(vlan.getId()); - } - - // Delete networks - List networks = _networksDao.listByPhysicalNetwork(physicalNetworkId); - if (networks != null && !networks.isEmpty()) { - for (NetworkVO network : networks) { - _networksDao.remove(network.getId()); - } - } + disablePhysicalNetwork(physicalNetworkId, pNetwork); + deleteIpAddresses(); + deleteVlans(); + deleteNetworks(); // delete vnets _dcDao.deleteVnet(physicalNetworkId); + if (!deleteProviders()) { + return false; + } + + // delete traffic types + _pNTrafficTypeDao.deleteTrafficTypes(physicalNetworkId); + + return _physicalNetworkDao.remove(physicalNetworkId); + } + + private void disablePhysicalNetwork(Long physicalNetworkId, PhysicalNetworkVO pNetwork) { + pNetwork.setState(PhysicalNetwork.State.Disabled); + _physicalNetworkDao.update(physicalNetworkId, pNetwork); + } + + private void deleteIpAddresses() { + List ipAddresses = _ipAddressDao.listByPhysicalNetworkId(physicalNetworkId); + for (IPAddressVO ipaddress : ipAddresses) { + _ipAddressDao.remove(ipaddress.getId()); + } + } + + private boolean deleteProviders() { // delete service providers List providers = _pNSPDao.listBy(physicalNetworkId); @@ -4426,11 +4431,25 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C return false; } } + return true; + } - // delete traffic types - _pNTrafficTypeDao.deleteTrafficTypes(physicalNetworkId); + private void deleteNetworks() { + // Delete networks + List networks = _networksDao.listByPhysicalNetwork(physicalNetworkId); + if (CollectionUtils.isNotEmpty(networks)) { + for (NetworkVO network : networks) { + _networksDao.remove(network.getId()); + } + } + } - return _physicalNetworkDao.remove(physicalNetworkId); + private void deleteVlans() { + // delete vlans for this zone + List vlans = _vlanDao.listVlansByPhysicalNetworkId(physicalNetworkId); + for (VlanVO vlan : vlans) { + _vlanDao.remove(vlan.getId()); + } } }); } diff --git a/server/src/main/java/com/cloud/servlet/ConsoleProxyPasswordBasedEncryptor.java b/server/src/main/java/com/cloud/servlet/ConsoleProxyPasswordBasedEncryptor.java index 9d874e0844a..8f469e40024 100644 --- a/server/src/main/java/com/cloud/servlet/ConsoleProxyPasswordBasedEncryptor.java +++ b/server/src/main/java/com/cloud/servlet/ConsoleProxyPasswordBasedEncryptor.java @@ -16,23 +16,15 @@ // under the License. package com.cloud.servlet; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; - import org.apache.commons.codec.binary.Base64; import org.apache.log4j.Logger; import com.google.gson.Gson; import com.google.gson.GsonBuilder; +import com.cloud.utils.crypt.AeadBase64Encryptor; +import com.cloud.utils.crypt.Base64Encryptor; + // To maintain independency of console proxy project, we duplicate this class from console proxy project public class ConsoleProxyPasswordBasedEncryptor { private static final Logger s_logger = Logger.getLogger(ConsoleProxyPasswordBasedEncryptor.class); @@ -51,65 +43,16 @@ public class ConsoleProxyPasswordBasedEncryptor { if (text == null || text.isEmpty()) return text; - try { - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - SecretKeySpec keySpec = new SecretKeySpec(keyIvPair.getKeyBytes(), "AES"); - - cipher.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(keyIvPair.getIvBytes())); - - byte[] encryptedBytes = cipher.doFinal(text.getBytes()); - return Base64.encodeBase64URLSafeString(encryptedBytes); - } catch (NoSuchAlgorithmException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (NoSuchPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (IllegalBlockSizeException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (BadPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidKeyException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidAlgorithmParameterException e) { - s_logger.error("Unexpected exception ", e); - return null; - } + Base64Encryptor encryptor = new AeadBase64Encryptor(keyIvPair.getKeyBytes(), keyIvPair.getIvBytes()); + return encryptor.encrypt(text); } public String decryptText(String encryptedText) { if (encryptedText == null || encryptedText.isEmpty()) return encryptedText; - try { - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - SecretKeySpec keySpec = new SecretKeySpec(keyIvPair.getKeyBytes(), "AES"); - cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(keyIvPair.getIvBytes())); - - byte[] encryptedBytes = Base64.decodeBase64(encryptedText); - return new String(cipher.doFinal(encryptedBytes)); - } catch (NoSuchAlgorithmException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (NoSuchPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (IllegalBlockSizeException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (BadPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidKeyException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidAlgorithmParameterException e) { - s_logger.error("Unexpected exception ", e); - return null; - } + Base64Encryptor encryptor = new AeadBase64Encryptor(keyIvPair.getKeyBytes(), keyIvPair.getIvBytes()); + return encryptor.decrypt(encryptedText); } public String encryptObject(Class clz, T obj) { diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyPasswordBasedEncryptor.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyPasswordBasedEncryptor.java index c623aff1aa2..4fc85607b79 100644 --- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyPasswordBasedEncryptor.java +++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyPasswordBasedEncryptor.java @@ -16,30 +16,15 @@ // under the License. package com.cloud.consoleproxy; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; - import org.apache.commons.codec.binary.Base64; import org.apache.log4j.Logger; import com.google.gson.Gson; import com.google.gson.GsonBuilder; -/** - * - * @author Kelven Yang - * A simple password based encyrptor based on AES/CBC. It can serialize simple POJO object into URL safe string - * and deserialize it back. - * - */ +import com.cloud.utils.crypt.AeadBase64Encryptor; +import com.cloud.utils.crypt.Base64Encryptor; + public class ConsoleProxyPasswordBasedEncryptor { private static final Logger s_logger = Logger.getLogger(ConsoleProxyPasswordBasedEncryptor.class); @@ -57,65 +42,16 @@ public class ConsoleProxyPasswordBasedEncryptor { if (text == null || text.isEmpty()) return text; - try { - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - SecretKeySpec keySpec = new SecretKeySpec(keyIvPair.getKeyBytes(), "AES"); - - cipher.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(keyIvPair.getIvBytes())); - - byte[] encryptedBytes = cipher.doFinal(text.getBytes()); - return Base64.encodeBase64URLSafeString(encryptedBytes); - } catch (NoSuchAlgorithmException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (NoSuchPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (IllegalBlockSizeException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (BadPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidKeyException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidAlgorithmParameterException e) { - s_logger.error("Unexpected exception ", e); - return null; - } + Base64Encryptor encryptor = new AeadBase64Encryptor(keyIvPair.getKeyBytes(), keyIvPair.getIvBytes()); + return encryptor.encrypt(text); } public String decryptText(String encryptedText) { if (encryptedText == null || encryptedText.isEmpty()) return encryptedText; - try { - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - SecretKeySpec keySpec = new SecretKeySpec(keyIvPair.getKeyBytes(), "AES"); - cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(keyIvPair.getIvBytes())); - - byte[] encryptedBytes = Base64.decodeBase64(encryptedText); - return new String(cipher.doFinal(encryptedBytes)); - } catch (NoSuchAlgorithmException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (NoSuchPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (IllegalBlockSizeException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (BadPaddingException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidKeyException e) { - s_logger.error("Unexpected exception ", e); - return null; - } catch (InvalidAlgorithmParameterException e) { - s_logger.error("Unexpected exception ", e); - return null; - } + Base64Encryptor encryptor = new AeadBase64Encryptor(keyIvPair.getKeyBytes(), keyIvPair.getIvBytes()); + return encryptor.decrypt(encryptedText); } public String encryptObject(Class clz, T obj) { diff --git a/utils/src/main/java/com/cloud/utils/crypt/AeadBase64Encryptor.java b/utils/src/main/java/com/cloud/utils/crypt/AeadBase64Encryptor.java index f62dff7c6fe..d836456513b 100644 --- a/utils/src/main/java/com/cloud/utils/crypt/AeadBase64Encryptor.java +++ b/utils/src/main/java/com/cloud/utils/crypt/AeadBase64Encryptor.java @@ -29,9 +29,9 @@ import java.util.Base64; public class AeadBase64Encryptor implements Base64Encryptor { Aead aead = null; - private final byte[] aad = new byte[]{}; + private byte[] aad = new byte[]{}; - public AeadBase64Encryptor(byte[] key) { + private void initEncryptor(byte[] key) { try { AeadConfig.register(); MessageDigest digest = MessageDigest.getInstance("SHA-256"); @@ -42,6 +42,15 @@ public class AeadBase64Encryptor implements Base64Encryptor { } } + public AeadBase64Encryptor(byte[] key) { + initEncryptor(key); + } + + public AeadBase64Encryptor(byte[] key, byte[] aad) { + initEncryptor(key); + this.aad = aad; + } + @Override public String encrypt(String plain) { try {