Merge remote-tracking branch 'apache/4.20'

api/src/main/java/org/apache/cloudstack/api/response/AccountResponse.java

@@ -569,7 +569,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
 
     @Override
     public void setVpcLimit(String vpcLimit) {
-        this.vpcLimit = networkLimit;
+        this.vpcLimit = vpcLimit;
     }
 
     @Override

plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtDeleteVMSnapshotCommandWrapper.java

@@ -40,6 +40,7 @@ import com.cloud.resource.CommandWrapper;
 import com.cloud.resource.ResourceWrapper;
 import com.cloud.storage.Storage.ImageFormat;
 import com.cloud.storage.Volume;
+import com.cloud.utils.StringUtils;
 import com.cloud.utils.script.Script;
 
 @ResourceWrapper(handles =  DeleteVMSnapshotCommand.class)
@@ -104,7 +105,7 @@ public final class LibvirtDeleteVMSnapshotCommandWrapper extends CommandWrapper<
                     commands.add(new String[]{Script.getExecutableAbsolutePath("awk"), "-F", " ", "{print $2}"});
                     commands.add(new String[]{Script.getExecutableAbsolutePath("grep"), "^" + sanitizeBashCommandArgument(cmd.getTarget().getSnapshotName()) + "$"});
                     String qemu_img_snapshot = Script.executePipedCommands(commands, 0).second();
-                    if (qemu_img_snapshot == null) {
+                    if (StringUtils.isEmpty(qemu_img_snapshot)) {
                         logger.info("Cannot find snapshot " + cmd.getTarget().getSnapshotName() + " in file " + rootDisk.getPath() + ", return true");
                         return new DeleteVMSnapshotAnswer(cmd, cmd.getVolumeTOs());
                     }

plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java

@@ -654,7 +654,7 @@ public class KVMStorageProcessor implements StorageProcessor {
         try {
             final String volumeName = UUID.randomUUID().toString();
 
-            final String destVolumeName = volumeName + "." + destFormat.getFileExtension();
+            final String destVolumeName = volumeName + "." + ImageFormat.QCOW2.getFileExtension();
             final KVMPhysicalDisk volume = storagePoolMgr.getPhysicalDisk(primaryStore.getPoolType(), primaryStore.getUuid(), srcVolumePath);
             volume.setFormat(PhysicalDiskFormat.valueOf(srcFormat.toString()));
 

plugins/storage/image/default/src/main/java/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java

@@ -23,7 +23,9 @@ import java.util.UUID;
 import javax.inject.Inject;
 
 import com.cloud.agent.api.storage.DeleteEntityDownloadURLCommand;
+import com.cloud.agent.api.to.DataObjectType;
 import com.cloud.host.dao.HostDao;
+import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.storage.Upload;
 import com.cloud.utils.StringUtils;
 
@@ -72,7 +74,14 @@ public class CloudStackImageStoreDriverImpl extends NfsImageStoreDriverImpl {
         }
 
         if (format != null) {
-            objectNameInUrl = objectNameInUrl + "." + format.getFileExtension();
+            if (dataObject.getTO() != null
+                    && DataObjectType.VOLUME.equals(dataObject.getTO().getObjectType())
+                    && HypervisorType.KVM.equals(dataObject.getTO().getHypervisorType())) {
+                // Fix: The format of KVM volumes on image store is qcow2
+                objectNameInUrl = objectNameInUrl + "." + ImageFormat.QCOW2.getFileExtension();
+            } else {
+                objectNameInUrl = objectNameInUrl + "." + format.getFileExtension();
+            }
         } else if (installPath.lastIndexOf(".") != -1) {
             objectNameInUrl = objectNameInUrl + "." + installPath.substring(installPath.lastIndexOf(".") + 1);
         }

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/ADLdapUserManagerImpl.java

@@ -93,10 +93,14 @@ public class ADLdapUserManagerImpl extends OpenLdapUserManagerImpl implements Ld
     }
 
     protected String getMemberOfAttribute(final Long domainId) {
+        String rc;
         if(_ldapConfiguration.isNestedGroupsEnabled(domainId)) {
-            return MICROSOFT_AD_NESTED_MEMBERS_FILTER;
+            rc = MICROSOFT_AD_NESTED_MEMBERS_FILTER;
         } else {
-            return MICROSOFT_AD_MEMBERS_FILTER;
+            rc = MICROSOFT_AD_MEMBERS_FILTER;
         }
+        logger.trace("using memberOf filter = {} for domain with id {}", rc, domainId);
+
+        return rc;
     }
 }

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapConfiguration.java

@@ -27,9 +27,12 @@ import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 
 import com.cloud.utils.Pair;
 import org.apache.cloudstack.ldap.dao.LdapConfigurationDao;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 
 public class LdapConfiguration implements Configurable{
     private final static String factory = "com.sun.jndi.ldap.LdapCtxFactory";
+    protected Logger logger = LogManager.getLogger(getClass());
 
     private static final ConfigKey<Long> ldapReadTimeout = new ConfigKey<Long>(
             Long.class,
@@ -325,7 +328,7 @@ public class LdapConfiguration implements Configurable{
         try {
             provider = LdapUserManager.Provider.valueOf(ldapProvider.valueIn(domainId).toUpperCase());
         } catch (IllegalArgumentException ex) {
-            //openldap is the default
+            logger.warn("no LDAP provider found for domain {}, using openldap as default", domainId);
             provider = LdapUserManager.Provider.OPENLDAP;
         }
         return provider;

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/OpenLdapUserManagerImpl.java

@@ -63,7 +63,7 @@ public class OpenLdapUserManagerImpl implements LdapUserManager {
         final String firstname = LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getFirstnameAttribute(domainId));
         final String lastname = LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getLastnameAttribute(domainId));
         final String principal = result.getNameInNamespace();
-        final List<String> memberships = LdapUtils.getAttributeValues(attributes, _ldapConfiguration.getUserMemberOfAttribute(domainId));
+        final List<String> memberships = LdapUtils.getAttributeValues(attributes, getMemberOfAttribute(domainId));
 
         String domain = principal.replace("cn=" + LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getCommonNameAttribute()) + ",", "");
         domain = domain.replace("," + _ldapConfiguration.getBaseDn(domainId), "");
@@ -87,7 +87,7 @@ public class OpenLdapUserManagerImpl implements LdapUserManager {
         usernameFilter.append((username == null ? "*" : LdapUtils.escapeLDAPSearchFilter(username)));
         usernameFilter.append(")");
 
-        String memberOfAttribute = _ldapConfiguration.getUserMemberOfAttribute(domainId);
+        String memberOfAttribute = getMemberOfAttribute(domainId);
         StringBuilder ldapGroupsFilter = new StringBuilder();
         // this should get the trustmaps for this domain
         List<String> ldapGroups = getMappedLdapGroups(domainId);

systemvm/patch-sysvms.sh

@@ -124,8 +124,10 @@ patch_systemvm() {
     echo "Restored keystore file and certs using backup" >> $logfile 2>&1
   fi
 
-  # Import global cacerts into 'cloud' service's keystore
+  if [ "$TYPE" = "consoleproxy" ] || [ "$TYPE" = "secstorage" ]; then
-  keytool -importkeystore -srckeystore /etc/ssl/certs/java/cacerts -destkeystore /usr/local/cloud/systemvm/certs/realhostip.keystore -srcstorepass changeit -deststorepass vmops.com -noprompt || true
+    # Import global cacerts into 'cloud' service's keystore
+    keytool -importkeystore -srckeystore /etc/ssl/certs/java/cacerts -destkeystore /usr/local/cloud/systemvm/certs/realhostip.keystore -srcstorepass changeit -deststorepass vmops.com -noprompt 2>/dev/null || true
+  fi
 
   update_checksum $newpath/cloud-scripts.tgz