diff --git a/api/src/main/java/com/cloud/network/vpn/RemoteAccessVpnService.java b/api/src/main/java/com/cloud/network/vpn/RemoteAccessVpnService.java index 5426d181e70..bbb9771d27a 100644 --- a/api/src/main/java/com/cloud/network/vpn/RemoteAccessVpnService.java +++ b/api/src/main/java/com/cloud/network/vpn/RemoteAccessVpnService.java @@ -43,6 +43,8 @@ public interface RemoteAccessVpnService { List listVpnUsers(long vpnOwnerId, String userName); + boolean applyVpnUsers(long vpnOwnerId, String userName, boolean forRemove) throws ResourceUnavailableException; + boolean applyVpnUsers(long vpnOwnerId, String userName) throws ResourceUnavailableException; Pair, Integer> searchForRemoteAccessVpns(ListRemoteAccessVpnsCmd cmd); diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/ssh/ListSSHKeyPairsCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/ssh/ListSSHKeyPairsCmd.java index 1a77a660dcd..560974937ef 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/user/ssh/ListSSHKeyPairsCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/user/ssh/ListSSHKeyPairsCmd.java @@ -40,6 +40,8 @@ public class ListSSHKeyPairsCmd extends BaseListProjectAndAccountResourcesCmd { ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// ///////////////////////////////////////////////////// + @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = SSHKeyPairResponse.class, description = "the ID of the ssh keypair") + private Long id; @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "A key pair name to look for") private String name; @@ -50,6 +52,9 @@ public class ListSSHKeyPairsCmd extends BaseListProjectAndAccountResourcesCmd { ///////////////////////////////////////////////////// /////////////////// Accessors /////////////////////// ///////////////////////////////////////////////////// + public Long getId() { + return id; + } public String getName() { return name; diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/vpn/RemoveVpnUserCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/vpn/RemoveVpnUserCmd.java index 33cbb46485c..caeb0608b6a 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/user/vpn/RemoveVpnUserCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/user/vpn/RemoveVpnUserCmd.java @@ -120,9 +120,8 @@ public class RemoveVpnUserCmd extends BaseAsyncCmd { } boolean appliedVpnUsers = false; - try { - appliedVpnUsers = _ravService.applyVpnUsers(ownerId, userName); + appliedVpnUsers = _ravService.applyVpnUsers(ownerId, userName, true); } catch (ResourceUnavailableException ex) { String errorMessage = String.format("Failed to refresh VPN user=[%s] due to resource unavailable. VPN owner id=[%s].", userName, ownerId); s_logger.error(errorMessage, ex); diff --git a/api/src/main/java/org/apache/cloudstack/api/response/SSHKeyPairResponse.java b/api/src/main/java/org/apache/cloudstack/api/response/SSHKeyPairResponse.java index 5a4d69b76cc..7bd423910be 100644 --- a/api/src/main/java/org/apache/cloudstack/api/response/SSHKeyPairResponse.java +++ b/api/src/main/java/org/apache/cloudstack/api/response/SSHKeyPairResponse.java @@ -21,8 +21,12 @@ import com.google.gson.annotations.SerializedName; import org.apache.cloudstack.api.ApiConstants; import com.cloud.serializer.Param; -import org.apache.cloudstack.api.BaseResponseWithAnnotations; +import com.cloud.user.SSHKeyPair; +import org.apache.cloudstack.api.BaseResponseWithAnnotations; +import org.apache.cloudstack.api.EntityReference; + +@EntityReference(value = SSHKeyPair.class) public class SSHKeyPairResponse extends BaseResponseWithAnnotations { @SerializedName(ApiConstants.ID) diff --git a/client/pom.xml b/client/pom.xml index eea178b9e1f..14dc737dd17 100644 --- a/client/pom.xml +++ b/client/pom.xml @@ -564,6 +564,11 @@ bcpkix-jdk15on ${cs.bcprov.version} + + org.bouncycastle + bctls-jdk15on + ${cs.bcprov.version} + @@ -751,6 +756,12 @@ false ${project.build.directory}/lib + + org.bouncycastle + bctls-jdk15on + false + ${project.build.directory}/lib + @@ -786,6 +797,7 @@ org.apache.geronimo.specs:geronimo-javamail_1.4_spec org.bouncycastle:bcprov-jdk15on org.bouncycastle:bcpkix-jdk15on + org.bouncycastle:bctls-jdk15on mysql:mysql-connector-java diff --git a/framework/db/src/main/java/com/cloud/utils/db/GenericDaoBase.java b/framework/db/src/main/java/com/cloud/utils/db/GenericDaoBase.java index 5c304a37cb6..85e1d03cbc9 100644 --- a/framework/db/src/main/java/com/cloud/utils/db/GenericDaoBase.java +++ b/framework/db/src/main/java/com/cloud/utils/db/GenericDaoBase.java @@ -56,6 +56,7 @@ import javax.persistence.Enumerated; import javax.persistence.Table; import javax.persistence.TableGenerator; +import org.apache.commons.lang3.StringUtils; import org.apache.log4j.Logger; import com.cloud.utils.DateUtil; @@ -878,7 +879,7 @@ public abstract class GenericDaoBase extends Compone for (final Field field : clazz.getDeclaredFields()) { sql.append(_table).append(".").append(DbUtil.getColumnName(field, overrides)).append(" = ? AND "); } - sql.delete(sql.length() - 4, sql.length()); + removeAndClause(sql); } return sql.toString(); @@ -1262,10 +1263,11 @@ public abstract class GenericDaoBase extends Compone @DB() protected void addJoins(StringBuilder str, Collection>> joins) { + boolean hasWhereClause = true; int fromIndex = str.lastIndexOf("WHERE"); if (fromIndex == -1) { fromIndex = str.length(); - str.append(" WHERE "); + hasWhereClause = false; } else { str.append(" AND "); } @@ -1287,13 +1289,19 @@ public abstract class GenericDaoBase extends Compone .append(" "); str.insert(fromIndex, onClause); String whereClause = join.getT().getWhereClause(); - if ((whereClause != null) && !"".equals(whereClause)) { + if (StringUtils.isNotEmpty(whereClause)) { + if (!hasWhereClause) { + str.append(" WHERE "); + hasWhereClause = true; + } str.append(" (").append(whereClause).append(") AND"); } fromIndex += onClause.length(); } - str.delete(str.length() - 4, str.length()); + if (hasWhereClause) { + removeAndClause(str); + } for (JoinBuilder> join : joins) { if (join.getT().getJoins() != null) { @@ -1302,6 +1310,10 @@ public abstract class GenericDaoBase extends Compone } } + private void removeAndClause(StringBuilder sql) { + sql.delete(sql.length() - 4, sql.length()); + } + @Override @DB() public List search(final SearchCriteria sc, final Filter filter) { diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/DirectVifDriver.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/DirectVifDriver.java index 86a45ecc8aa..5037ad1aec7 100644 --- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/DirectVifDriver.java +++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/DirectVifDriver.java @@ -19,6 +19,7 @@ package com.cloud.hypervisor.kvm.resource; +import org.apache.commons.compress.utils.Sets; import org.apache.log4j.Logger; import org.libvirt.LibvirtException; @@ -47,12 +48,8 @@ public class DirectVifDriver extends VifDriverBase { public LibvirtVMDef.InterfaceDef plug(NicTO nic, String guestOsType, String nicAdapter, Map extraConfig) throws InternalErrorException, LibvirtException { LibvirtVMDef.InterfaceDef intf = new LibvirtVMDef.InterfaceDef(); - if (nic.getType() == Networks.TrafficType.Guest) { - Integer networkRateKBps = (nic.getNetworkRateMbps() != null && nic.getNetworkRateMbps().intValue() != -1) ? nic.getNetworkRateMbps().intValue() * 128 : 0; - intf.defDirectNet(_libvirtComputingResource.getNetworkDirectDevice(), null, nic.getMac(), getGuestNicModel(guestOsType, nicAdapter), - _libvirtComputingResource.getNetworkDirectSourceMode(), networkRateKBps); - - } else if (nic.getType() == Networks.TrafficType.Public) { + if (Sets.newHashSet(Networks.TrafficType.Guest, + Networks.TrafficType.Public).contains(nic.getType())) { Integer networkRateKBps = (nic.getNetworkRateMbps() != null && nic.getNetworkRateMbps().intValue() != -1) ? nic.getNetworkRateMbps().intValue() * 128 : 0; intf.defDirectNet(_libvirtComputingResource.getNetworkDirectDevice(), null, nic.getMac(), getGuestNicModel(guestOsType, nicAdapter), _libvirtComputingResource.getNetworkDirectSourceMode(), networkRateKBps); diff --git a/plugins/integrations/kubernetes-service/pom.xml b/plugins/integrations/kubernetes-service/pom.xml index 9fa0fd76fa5..2df274e8399 100644 --- a/plugins/integrations/kubernetes-service/pom.xml +++ b/plugins/integrations/kubernetes-service/pom.xml @@ -126,6 +126,11 @@ bcprov-jdk15on ${cs.bcprov.version} + + org.bouncycastle + bctls-jdk15on + ${cs.bcprov.version} + joda-time joda-time diff --git a/pom.xml b/pom.xml index 86a423ddb7d..1a89830c07d 100644 --- a/pom.xml +++ b/pom.xml @@ -123,7 +123,7 @@ 1.2.8 1.4 1.14 - 1.64 + 1.70 3.3.0 8.18 3.2.14 @@ -145,7 +145,7 @@ 2.3.0 2.3.2-1 2.26 - 9.4.36.v20210114 + 9.4.44.v20210927 9.4.27.v20200227 5.5.0 2.10.9 @@ -554,6 +554,11 @@ bcprov-jdk15on ${cs.bcprov.version} + + org.bouncycastle + bctls-jdk15on + ${cs.bcprov.version} + org.codehaus.groovy groovy-all @@ -664,7 +669,7 @@ xerces xercesimpl - 2.12.0 + ${cs.xercesImpl.version} xml-apis diff --git a/scripts/storage/secondary/setup-sysvm-tmplt b/scripts/storage/secondary/setup-sysvm-tmplt index fa33f33f040..89195e406e6 100755 --- a/scripts/storage/secondary/setup-sysvm-tmplt +++ b/scripts/storage/secondary/setup-sysvm-tmplt @@ -45,6 +45,8 @@ if [[ ! $@ =~ ^\-.+ ]]; then fi OPTERR=0 +DISKSPACE=2120000 #free disk space required in kilobytes + while getopts 'h:f:d:u::'# OPTION do case $OPTION in diff --git a/server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java b/server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java index 74b53f14f07..61d247d7b8a 100644 --- a/server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java +++ b/server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java @@ -16,16 +16,16 @@ // under the License. package com.cloud.network.vpn; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.stream.Collectors; import javax.inject.Inject; import javax.naming.ConfigurationException; -import org.apache.log4j.Logger; - import org.apache.cloudstack.acl.SecurityChecker.AccessType; import org.apache.cloudstack.api.command.user.vpn.ListRemoteAccessVpnsCmd; import org.apache.cloudstack.api.command.user.vpn.ListVpnUsersCmd; @@ -33,6 +33,8 @@ import org.apache.cloudstack.context.CallContext; import org.apache.cloudstack.framework.config.ConfigKey; import org.apache.cloudstack.framework.config.Configurable; import org.apache.cloudstack.framework.config.dao.ConfigurationDao; +import org.apache.commons.collections.CollectionUtils; +import org.apache.log4j.Logger; import com.cloud.configuration.Config; import com.cloud.domain.DomainVO; @@ -91,9 +93,6 @@ import com.cloud.utils.db.TransactionCallbackWithException; import com.cloud.utils.db.TransactionStatus; import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; -import java.lang.reflect.InvocationTargetException; -import java.util.stream.Collectors; -import org.apache.commons.collections.CollectionUtils; public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAccessVpnService, Configurable { private final static Logger s_logger = Logger.getLogger(RemoteAccessVpnManagerImpl.class); @@ -138,6 +137,24 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc int _pskLength; SearchBuilder VpnSearch; + private List getValidRemoteAccessVpnForAccount(long accountId) { + List vpns = _remoteAccessVpnDao.findByAccount(accountId); + if (CollectionUtils.isNotEmpty(vpns)) { + List validVpns = new ArrayList<>(); + for (RemoteAccessVpnVO vpn : vpns) { + if (vpn.getNetworkId() != null) { + Network network = _networkMgr.getNetwork(vpn.getNetworkId()); + if (!Network.State.Implemented.equals(network.getState())) { + continue; + } + } + validVpns.add(vpn); + } + vpns = validVpns; + } + return vpns; + } + @Override @DB public RemoteAccessVpn createRemoteAccessVpn(final long publicIpId, String ipRange, boolean openFirewall, final Boolean forDisplay) throws NetworkRuleConflictException { @@ -499,19 +516,36 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc } } + @DB + private boolean removeVpnUserWithoutRemoteAccessVpn(long vpnOwnerId, String userName) { + VpnUserVO vpnUser = _vpnUsersDao.findByAccountAndUsername(vpnOwnerId, userName); + if (vpnUser == null) { + s_logger.error(String.format("VPN user not found with ownerId: %d and username: %s", vpnOwnerId, userName)); + return false; + } + if (!State.Revoke.equals(vpnUser.getState())) { + s_logger.error(String.format("VPN user with ownerId: %d and username: %s is not in revoked state, current state: %s", vpnOwnerId, userName, vpnUser.getState())); + return false; + } + return _vpnUsersDao.remove(vpnUser.getId()); + } + @DB @Override - public boolean applyVpnUsers(long vpnOwnerId, String userName) throws ResourceUnavailableException { + public boolean applyVpnUsers(long vpnOwnerId, String userName, boolean forRemove) throws ResourceUnavailableException { Account caller = CallContext.current().getCallingAccount(); Account owner = _accountDao.findById(vpnOwnerId); _accountMgr.checkAccess(caller, null, true, owner); s_logger.debug(String.format("Applying VPN users for %s.", owner.toString())); - List vpns = _remoteAccessVpnDao.findByAccount(vpnOwnerId); + List vpns = getValidRemoteAccessVpnForAccount(vpnOwnerId); if (CollectionUtils.isEmpty(vpns)) { - s_logger.debug(String.format("Unable to add VPN user due to there are no remote access VPNs configured on %s to apply VPN user.", owner.toString())); - return false; + if (forRemove) { + return removeVpnUserWithoutRemoteAccessVpn(vpnOwnerId, userName); + } + s_logger.warn(String.format("Unable to apply VPN user due to there are no remote access VPNs configured on %s to apply VPN user.", owner.toString())); + return true; } RemoteAccessVpnVO vpnTemp = null; @@ -597,6 +631,12 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc return success; } + @DB + @Override + public boolean applyVpnUsers(long vpnOwnerId, String userName) throws ResourceUnavailableException { + return applyVpnUsers(vpnOwnerId, userName, false); + } + @Override public Pair, Integer> searchForVpnUsers(ListVpnUsersCmd cmd) { String username = cmd.getUsername(); diff --git a/server/src/main/java/com/cloud/projects/ProjectManagerImpl.java b/server/src/main/java/com/cloud/projects/ProjectManagerImpl.java index eb8c58b3060..02d371aa981 100644 --- a/server/src/main/java/com/cloud/projects/ProjectManagerImpl.java +++ b/server/src/main/java/com/cloud/projects/ProjectManagerImpl.java @@ -17,10 +17,10 @@ package com.cloud.projects; import java.io.UnsupportedEncodingException; +import java.security.SecureRandom; import java.util.List; import java.util.Map; import java.util.Optional; -import java.util.Random; import java.util.TimeZone; import java.util.UUID; import java.util.concurrent.Executors; @@ -106,6 +106,8 @@ import org.apache.commons.lang3.BooleanUtils; public class ProjectManagerImpl extends ManagerBase implements ProjectManager, Configurable { public static final Logger s_logger = Logger.getLogger(ProjectManagerImpl.class); + private static final SecureRandom secureRandom = new SecureRandom(); + @Inject private DomainDao _domainDao; @Inject @@ -1349,10 +1351,9 @@ public class ProjectManagerImpl extends ManagerBase implements ProjectManager, C public static String generateToken(int length) { String charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; - Random rand = new Random(System.currentTimeMillis()); StringBuffer sb = new StringBuffer(); for (int i = 0; i < length; i++) { - int pos = rand.nextInt(charset.length()); + int pos = secureRandom.nextInt(charset.length()); sb.append(charset.charAt(pos)); } return sb.toString(); diff --git a/server/src/main/java/com/cloud/server/ManagementServerImpl.java b/server/src/main/java/com/cloud/server/ManagementServerImpl.java index 2780a0dd7a3..f4e1bfc20fc 100644 --- a/server/src/main/java/com/cloud/server/ManagementServerImpl.java +++ b/server/src/main/java/com/cloud/server/ManagementServerImpl.java @@ -4189,6 +4189,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe @Override public Pair, Integer> listSSHKeyPairs(final ListSSHKeyPairsCmd cmd) { + final Long id = cmd.getId(); final String name = cmd.getName(); final String fingerPrint = cmd.getFingerprint(); final String keyword = cmd.getKeyword(); @@ -4208,6 +4209,10 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe final SearchCriteria sc = sb.create(); _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); + if (id != null) { + sc.addAnd("id", SearchCriteria.Op.EQ, id); + } + if (name != null) { sc.addAnd("name", SearchCriteria.Op.EQ, name); } diff --git a/server/src/main/java/com/cloud/storage/StorageManagerImpl.java b/server/src/main/java/com/cloud/storage/StorageManagerImpl.java index 502cc2cc544..3522bb093df 100644 --- a/server/src/main/java/com/cloud/storage/StorageManagerImpl.java +++ b/server/src/main/java/com/cloud/storage/StorageManagerImpl.java @@ -2819,6 +2819,9 @@ public class StorageManagerImpl extends ManagerBase implements StorageManager, C Pair storeUrlAndId = new Pair<>(url, store.getId()); for (HypervisorType hypervisorType : hypSet) { try { + if (HypervisorType.Simulator == hypervisorType) { + continue; + } String templateName = getValidTemplateName(zoneId, hypervisorType); Pair hypervisorAndTemplateName = new Pair<>(hypervisorType, templateName); diff --git a/server/src/main/java/com/cloud/storage/snapshot/SnapshotManagerImpl.java b/server/src/main/java/com/cloud/storage/snapshot/SnapshotManagerImpl.java index f7ec977c911..c96f6517864 100755 --- a/server/src/main/java/com/cloud/storage/snapshot/SnapshotManagerImpl.java +++ b/server/src/main/java/com/cloud/storage/snapshot/SnapshotManagerImpl.java @@ -308,11 +308,12 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement } } - DataStoreRole dataStoreRole = getDataStoreRole(snapshot, _snapshotStoreDao, dataStoreMgr); + DataStoreRole dataStoreRole = getDataStoreRole(snapshot); SnapshotInfo snapshotInfo = snapshotFactory.getSnapshot(snapshotId, dataStoreRole); + if (snapshotInfo == null) { - throw new CloudRuntimeException("snapshot:" + snapshotId + " not exist in data store"); + throw new CloudRuntimeException(String.format("snapshot %s [%s] does not exists in data store", snapshot.getName(), snapshot.getUuid())); } SnapshotStrategy snapshotStrategy = _storageStrategyFactory.getSnapshotStrategy(snapshot, SnapshotOperation.REVERT); @@ -587,7 +588,7 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement return false; } - DataStoreRole dataStoreRole = getDataStoreRole(snapshotCheck, _snapshotStoreDao, dataStoreMgr); + DataStoreRole dataStoreRole = getDataStoreRole(snapshotCheck); SnapshotDataStoreVO snapshotStoreRef = _snapshotStoreDao.findBySnapshot(snapshotId, dataStoreRole); @@ -1238,15 +1239,11 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement try { postCreateSnapshot(volume.getId(), snapshotId, payload.getSnapshotPolicyId()); - DataStoreRole dataStoreRole = getDataStoreRole(snapshot, _snapshotStoreDao, dataStoreMgr); + DataStoreRole dataStoreRole = getDataStoreRole(snapshot); SnapshotDataStoreVO snapshotStoreRef = _snapshotStoreDao.findBySnapshot(snapshotId, dataStoreRole); if (snapshotStoreRef == null) { - // The snapshot was not backed up to secondary. Find the snap on primary - snapshotStoreRef = _snapshotStoreDao.findBySnapshot(snapshotId, DataStoreRole.Primary); - if (snapshotStoreRef == null) { - throw new CloudRuntimeException("Could not find snapshot"); - } + throw new CloudRuntimeException(String.format("Could not find snapshot %s [%s] on [%s]", snapshot.getName(), snapshot.getUuid(), snapshot.getLocationType())); } UsageEventUtils.publishUsageEvent(EventTypes.EVENT_SNAPSHOT_CREATE, snapshot.getAccountId(), snapshot.getDataCenterId(), snapshotId, snapshot.getName(), null, null, snapshotStoreRef.getPhysicalSize(), volume.getSize(), snapshot.getClass().getName(), snapshot.getUuid()); @@ -1332,8 +1329,8 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement } } - private DataStoreRole getDataStoreRole(Snapshot snapshot, SnapshotDataStoreDao snapshotStoreDao, DataStoreManager dataStoreMgr) { - SnapshotDataStoreVO snapshotStore = snapshotStoreDao.findBySnapshot(snapshot.getId(), DataStoreRole.Primary); + private DataStoreRole getDataStoreRole(Snapshot snapshot) { + SnapshotDataStoreVO snapshotStore = _snapshotStoreDao.findBySnapshot(snapshot.getId(), DataStoreRole.Primary); if (snapshotStore == null) { return DataStoreRole.Image; @@ -1346,7 +1343,7 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement if (mapCapabilities != null) { String value = mapCapabilities.get(DataStoreCapabilities.STORAGE_SYSTEM_SNAPSHOT.toString()); - Boolean supportsStorageSystemSnapshots = new Boolean(value); + Boolean supportsStorageSystemSnapshots = Boolean.valueOf(value); if (supportsStorageSystemSnapshots) { return DataStoreRole.Primary; @@ -1354,7 +1351,7 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement } StoragePoolVO storagePoolVO = _storagePoolDao.findById(storagePoolId); - if ((storagePoolVO.getPoolType() == StoragePoolType.RBD || storagePoolVO.getPoolType() == StoragePoolType.PowerFlex) && !BackupSnapshotAfterTakingSnapshot.value()) { + if (storagePoolVO.getPoolType() == StoragePoolType.RBD) { return DataStoreRole.Primary; } diff --git a/services/console-proxy/rdpconsole/pom.xml b/services/console-proxy/rdpconsole/pom.xml index 1f3b13541b5..89ce5d8bc52 100644 --- a/services/console-proxy/rdpconsole/pom.xml +++ b/services/console-proxy/rdpconsole/pom.xml @@ -48,6 +48,10 @@ org.bouncycastle bcprov-jdk15on + + org.bouncycastle + bctls-jdk15on + com.sun.xml.security xml-security-impl diff --git a/services/console-proxy/rdpconsole/src/main/java/streamer/bco/BcoSocketWrapperImpl.java b/services/console-proxy/rdpconsole/src/main/java/streamer/bco/BcoSocketWrapperImpl.java index 3d6635c7f5e..39aaba9e340 100644 --- a/services/console-proxy/rdpconsole/src/main/java/streamer/bco/BcoSocketWrapperImpl.java +++ b/services/console-proxy/rdpconsole/src/main/java/streamer/bco/BcoSocketWrapperImpl.java @@ -17,12 +17,13 @@ package streamer.bco; import org.apache.log4j.Logger; -import org.bouncycastle.crypto.tls.Certificate; -import org.bouncycastle.crypto.tls.DefaultTlsClient; -import org.bouncycastle.crypto.tls.ServerOnlyTlsAuthentication; -import org.bouncycastle.crypto.tls.TlsAuthentication; -import org.bouncycastle.crypto.tls.TlsClientProtocol; import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.tls.DefaultTlsClient; +import org.bouncycastle.tls.ServerOnlyTlsAuthentication; +import org.bouncycastle.tls.TlsAuthentication; +import org.bouncycastle.tls.TlsClientProtocol; +import org.bouncycastle.tls.TlsServerCertificate; +import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto; import streamer.Direction; import streamer.Event; import streamer.SocketWrapperImpl; @@ -60,18 +61,18 @@ public class BcoSocketWrapperImpl extends SocketWrapperImpl { try { - SecureRandom secureRandom = new SecureRandom(); - bcoSslSocket = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream(), secureRandom); + bcoSslSocket = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream()); - bcoSslSocket.connect(new DefaultTlsClient() { + bcoSslSocket.connect(new DefaultTlsClient(new BcTlsCrypto(new SecureRandom())) { @Override public TlsAuthentication getAuthentication() throws IOException { return new ServerOnlyTlsAuthentication() { @Override - public void notifyServerCertificate(final Certificate certificate) throws IOException { + public void notifyServerCertificate(final TlsServerCertificate certificate) throws IOException { try { if (sslState != null) { - sslState.serverCertificateSubjectPublicKeyInfo = certificate.getCertificateAt(0).getSubjectPublicKeyInfo().getEncoded(); + sslState.serverCertificateSubjectPublicKeyInfo = + certificate.getCertificate().getCertificateAt(0).getEncoded(); } } catch (IOException e) { throw new RuntimeException("Cannot get server public key.", e); diff --git a/test/integration/smoke/test_kubernetes_supported_versions.py b/test/integration/smoke/test_kubernetes_supported_versions.py index a6e47866673..52fb2d8752d 100644 --- a/test/integration/smoke/test_kubernetes_supported_versions.py +++ b/test/integration/smoke/test_kubernetes_supported_versions.py @@ -94,7 +94,9 @@ class TestKubernetesSupportedVersion(cloudstackTestCase): #Waits for management to come up in 5 mins, when it's up it will continue timeout = time.time() + 300 while time.time() < timeout: - if cls.isManagementUp() is True: return + if cls.isManagementUp() is True: + time.sleep(30) + return time.sleep(5) return cls.fail("Management server did not come up, failing") diff --git a/ui/src/components/view/InfoCard.vue b/ui/src/components/view/InfoCard.vue index 6347c4c3a89..6b61dad2c13 100644 --- a/ui/src/components/view/InfoCard.vue +++ b/ui/src/components/view/InfoCard.vue @@ -605,7 +605,7 @@
+ :to="{ path: '/' + item.name + '?' + item.param + '=' + (item.value ? resource[item.value] : item.param === 'account' ? resource.name + '&domainid=' + resource.domainid : item.param === 'keypair' ? resource.name : resource.id) }"> {{ $t('label.view') + ' ' + $t(item.title) }} diff --git a/ui/src/views/network/CreateIsolatedNetworkForm.vue b/ui/src/views/network/CreateIsolatedNetworkForm.vue index 1f717710b85..761d8128dad 100644 --- a/ui/src/views/network/CreateIsolatedNetworkForm.vue +++ b/ui/src/views/network/CreateIsolatedNetworkForm.vue @@ -344,7 +344,6 @@ export default { var params = { zoneid: this.selectedZone.id, guestiptype: 'Isolated', - supportedServices: 'SourceNat', state: 'Enabled' } if (isAdminOrDomainAdmin() && this.selectedDomain.id !== '-1') { // domain is visible only for admins diff --git a/ui/src/views/network/CreateNetwork.vue b/ui/src/views/network/CreateNetwork.vue index 56c144932cf..ababc337394 100644 --- a/ui/src/views/network/CreateNetwork.vue +++ b/ui/src/views/network/CreateNetwork.vue @@ -17,7 +17,7 @@