apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '4.16' into main

Browse Source
This commit is contained in:
Suresh Kumar Anaparti 2022-02-10 10:57:29 +05:30
commit 850714c1fc
No known key found for this signature in database
GPG Key ID: D7CEAE3A9E71D0AA
22 changed files with 159 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/src/main/java/com/cloud/network/vpn/RemoteAccessVpnService.java
View File

@ -43,6 +43,8 @@ public interface RemoteAccessVpnService {
List<? extends VpnUser> listVpnUsers(long vpnOwnerId, String userName);
boolean applyVpnUsers(long vpnOwnerId, String userName, boolean forRemove) throws ResourceUnavailableException;
boolean applyVpnUsers(long vpnOwnerId, String userName) throws ResourceUnavailableException;
Pair<List<? extends RemoteAccessVpn>, Integer> searchForRemoteAccessVpns(ListRemoteAccessVpnsCmd cmd);

5
api/src/main/java/org/apache/cloudstack/api/command/user/ssh/ListSSHKeyPairsCmd.java
View File

@ -40,6 +40,8 @@ public class ListSSHKeyPairsCmd extends BaseListProjectAndAccountResourcesCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = SSHKeyPairResponse.class, description = "the ID of the ssh keypair")
private Long id;
@Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "A key pair name to look for")
private String name;
@ -50,6 +52,9 @@ public class ListSSHKeyPairsCmd extends BaseListProjectAndAccountResourcesCmd {
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
public String getName() {
return name;

3
api/src/main/java/org/apache/cloudstack/api/command/user/vpn/RemoveVpnUserCmd.java
View File

@ -120,9 +120,8 @@ public class RemoveVpnUserCmd extends BaseAsyncCmd {
}
boolean appliedVpnUsers = false;
try {
appliedVpnUsers = _ravService.applyVpnUsers(ownerId, userName);
appliedVpnUsers = _ravService.applyVpnUsers(ownerId, userName, true);
} catch (ResourceUnavailableException ex) {
String errorMessage = String.format("Failed to refresh VPN user=[%s] due to resource unavailable. VPN owner id=[%s].", userName, ownerId);
s_logger.error(errorMessage, ex);

6
api/src/main/java/org/apache/cloudstack/api/response/SSHKeyPairResponse.java
View File

@ -21,8 +21,12 @@ import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.api.ApiConstants;
import com.cloud.serializer.Param;
import org.apache.cloudstack.api.BaseResponseWithAnnotations;
import com.cloud.user.SSHKeyPair;
import org.apache.cloudstack.api.BaseResponseWithAnnotations;
import org.apache.cloudstack.api.EntityReference;
@EntityReference(value = SSHKeyPair.class)
public class SSHKeyPairResponse extends BaseResponseWithAnnotations {
@SerializedName(ApiConstants.ID)

12
client/pom.xml
View File

@ -564,6 +564,11 @@
<artifactId>bcpkix-jdk15on</artifactId>
<version>${cs.bcprov.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
<version>${cs.bcprov.version}</version>
</dependency>
</dependencies>
<configuration>
<supportedPackagings>
@ -751,6 +756,12 @@
<overWrite>false</overWrite>
<outputDirectory>${project.build.directory}/lib</outputDirectory>
</artifactItem>
<artifactItem>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
<overWrite>false</overWrite>
<outputDirectory>${project.build.directory}/lib</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
@ -786,6 +797,7 @@
<exclude>org.apache.geronimo.specs:geronimo-javamail_1.4_spec</exclude>
<exclude>org.bouncycastle:bcprov-jdk15on</exclude>
<exclude>org.bouncycastle:bcpkix-jdk15on</exclude>
<exclude>org.bouncycastle:bctls-jdk15on</exclude>
<exclude>mysql:mysql-connector-java</exclude>
</excludes>
</artifactSet>

20
framework/db/src/main/java/com/cloud/utils/db/GenericDaoBase.java
View File

@ -56,6 +56,7 @@ import javax.persistence.Enumerated;
import javax.persistence.Table;
import javax.persistence.TableGenerator;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import com.cloud.utils.DateUtil;
@ -878,7 +879,7 @@ public abstract class GenericDaoBase<T, ID extends Serializable> extends Compone
for (final Field field : clazz.getDeclaredFields()) {
sql.append(_table).append(".").append(DbUtil.getColumnName(field, overrides)).append(" = ? AND ");
}
sql.delete(sql.length() - 4, sql.length());
removeAndClause(sql);
}
return sql.toString();
@ -1262,10 +1263,11 @@ public abstract class GenericDaoBase<T, ID extends Serializable> extends Compone
@DB()
protected void addJoins(StringBuilder str, Collection<JoinBuilder<SearchCriteria<?>>> joins) {
boolean hasWhereClause = true;
int fromIndex = str.lastIndexOf("WHERE");
if (fromIndex == -1) {
fromIndex = str.length();
str.append(" WHERE ");
hasWhereClause = false;
} else {
str.append(" AND ");
}
@ -1287,13 +1289,19 @@ public abstract class GenericDaoBase<T, ID extends Serializable> extends Compone
.append(" ");
str.insert(fromIndex, onClause);
String whereClause = join.getT().getWhereClause();
if ((whereClause != null) && !"".equals(whereClause)) {
if (StringUtils.isNotEmpty(whereClause)) {
if (!hasWhereClause) {
str.append(" WHERE ");
hasWhereClause = true;
}
str.append(" (").append(whereClause).append(") AND");
}
fromIndex += onClause.length();
}
str.delete(str.length() - 4, str.length());
if (hasWhereClause) {
removeAndClause(str);
}
for (JoinBuilder<SearchCriteria<?>> join : joins) {
if (join.getT().getJoins() != null) {
@ -1302,6 +1310,10 @@ public abstract class GenericDaoBase<T, ID extends Serializable> extends Compone
}
}
private void removeAndClause(StringBuilder sql) {
sql.delete(sql.length() - 4, sql.length());
}
@Override
@DB()
public List<T> search(final SearchCriteria<T> sc, final Filter filter) {

9
plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/DirectVifDriver.java
View File

@ -19,6 +19,7 @@
package com.cloud.hypervisor.kvm.resource;
import org.apache.commons.compress.utils.Sets;
import org.apache.log4j.Logger;
import org.libvirt.LibvirtException;
@ -47,12 +48,8 @@ public class DirectVifDriver extends VifDriverBase {
public LibvirtVMDef.InterfaceDef plug(NicTO nic, String guestOsType, String nicAdapter, Map<String, String> extraConfig) throws InternalErrorException, LibvirtException {
LibvirtVMDef.InterfaceDef intf = new LibvirtVMDef.InterfaceDef();
if (nic.getType() == Networks.TrafficType.Guest) {
Integer networkRateKBps = (nic.getNetworkRateMbps() != null && nic.getNetworkRateMbps().intValue() != -1) ? nic.getNetworkRateMbps().intValue() * 128 : 0;
intf.defDirectNet(_libvirtComputingResource.getNetworkDirectDevice(), null, nic.getMac(), getGuestNicModel(guestOsType, nicAdapter),
_libvirtComputingResource.getNetworkDirectSourceMode(), networkRateKBps);
} else if (nic.getType() == Networks.TrafficType.Public) {
if (Sets.newHashSet(Networks.TrafficType.Guest,
Networks.TrafficType.Public).contains(nic.getType())) {
Integer networkRateKBps = (nic.getNetworkRateMbps() != null && nic.getNetworkRateMbps().intValue() != -1) ? nic.getNetworkRateMbps().intValue() * 128 : 0;
intf.defDirectNet(_libvirtComputingResource.getNetworkDirectDevice(), null, nic.getMac(), getGuestNicModel(guestOsType, nicAdapter),
_libvirtComputingResource.getNetworkDirectSourceMode(), networkRateKBps);

5
plugins/integrations/kubernetes-service/pom.xml
View File

@ -126,6 +126,11 @@
<artifactId>bcprov-jdk15on</artifactId>
<version>${cs.bcprov.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
<version>${cs.bcprov.version}</version>
</dependency>
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>

11
pom.xml
View File

@ -123,7 +123,7 @@
<cs.axiom.version>1.2.8</cs.axiom.version>
<cs.axis.version>1.4</cs.axis.version>
<cs.batik.version>1.14</cs.batik.version>
<cs.bcprov.version>1.64</cs.bcprov.version>
<cs.bcprov.version>1.70</cs.bcprov.version>
<cs.cglib.version>3.3.0</cs.cglib.version>
<cs.checkstyle-lib.version>8.18</cs.checkstyle-lib.version>
<cs.cxf.version>3.2.14</cs.cxf.version>
@ -145,7 +145,7 @@
<cs.jaxb.version>2.3.0</cs.jaxb.version>
<cs.jaxws.version>2.3.2-1</cs.jaxws.version>
<cs.jersey-client.version>2.26</cs.jersey-client.version>
<cs.jetty.version>9.4.36.v20210114</cs.jetty.version>
<cs.jetty.version>9.4.44.v20210927</cs.jetty.version>
<cs.jetty-maven-plugin.version>9.4.27.v20200227</cs.jetty-maven-plugin.version>
<cs.jna.version>5.5.0</cs.jna.version>
<cs.joda-time.version>2.10.9</cs.joda-time.version>
@ -554,6 +554,11 @@
<artifactId>bcprov-jdk15on</artifactId>
<version>${cs.bcprov.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
<version>${cs.bcprov.version}</version>
</dependency>
<dependency>
<groupId>org.codehaus.groovy</groupId>
<artifactId>groovy-all</artifactId>
@ -664,7 +669,7 @@
<dependency>
<groupId>xerces</groupId>
<artifactId>xercesimpl</artifactId>
<version>2.12.0</version>
<version>${cs.xercesImpl.version}</version>
</dependency>
<dependency>
<groupId>xml-apis</groupId>

2
scripts/storage/secondary/setup-sysvm-tmplt
View File

@ -45,6 +45,8 @@ if [[ ! $@ =~ ^\-.+ ]]; then
fi
OPTERR=0
DISKSPACE=2120000 #free disk space required in kilobytes
while getopts 'h:f:d:u::'# OPTION
do
case $OPTION in

58
server/src/main/java/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
View File

@ -16,16 +16,16 @@
// under the License.
package com.cloud.network.vpn;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.inject.Inject;
import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import org.apache.cloudstack.api.command.user.vpn.ListRemoteAccessVpnsCmd;
import org.apache.cloudstack.api.command.user.vpn.ListVpnUsersCmd;
@ -33,6 +33,8 @@ import org.apache.cloudstack.context.CallContext;
import org.apache.cloudstack.framework.config.ConfigKey;
import org.apache.cloudstack.framework.config.Configurable;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
import org.apache.commons.collections.CollectionUtils;
import org.apache.log4j.Logger;
import com.cloud.configuration.Config;
import com.cloud.domain.DomainVO;
@ -91,9 +93,6 @@ import com.cloud.utils.db.TransactionCallbackWithException;
import com.cloud.utils.db.TransactionStatus;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.NetUtils;
import java.lang.reflect.InvocationTargetException;
import java.util.stream.Collectors;
import org.apache.commons.collections.CollectionUtils;
public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAccessVpnService, Configurable {
private final static Logger s_logger = Logger.getLogger(RemoteAccessVpnManagerImpl.class);
@ -138,6 +137,24 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc
int _pskLength;
SearchBuilder<RemoteAccessVpnVO> VpnSearch;
private List<RemoteAccessVpnVO> getValidRemoteAccessVpnForAccount(long accountId) {
List<RemoteAccessVpnVO> vpns = _remoteAccessVpnDao.findByAccount(accountId);
if (CollectionUtils.isNotEmpty(vpns)) {
List<RemoteAccessVpnVO> validVpns = new ArrayList<>();
for (RemoteAccessVpnVO vpn : vpns) {
if (vpn.getNetworkId() != null) {
Network network = _networkMgr.getNetwork(vpn.getNetworkId());
if (!Network.State.Implemented.equals(network.getState())) {
continue;
}
}
validVpns.add(vpn);
}
vpns = validVpns;
}
return vpns;
}
@Override
@DB
public RemoteAccessVpn createRemoteAccessVpn(final long publicIpId, String ipRange, boolean openFirewall, final Boolean forDisplay) throws NetworkRuleConflictException {
@ -499,19 +516,36 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc
}
}
@DB
private boolean removeVpnUserWithoutRemoteAccessVpn(long vpnOwnerId, String userName) {
VpnUserVO vpnUser = _vpnUsersDao.findByAccountAndUsername(vpnOwnerId, userName);
if (vpnUser == null) {
s_logger.error(String.format("VPN user not found with ownerId: %d and username: %s", vpnOwnerId, userName));
return false;
}
if (!State.Revoke.equals(vpnUser.getState())) {
s_logger.error(String.format("VPN user with ownerId: %d and username: %s is not in revoked state, current state: %s", vpnOwnerId, userName, vpnUser.getState()));
return false;
}
return _vpnUsersDao.remove(vpnUser.getId());
}
@DB
@Override
public boolean applyVpnUsers(long vpnOwnerId, String userName) throws ResourceUnavailableException {
public boolean applyVpnUsers(long vpnOwnerId, String userName, boolean forRemove) throws ResourceUnavailableException {
Account caller = CallContext.current().getCallingAccount();
Account owner = _accountDao.findById(vpnOwnerId);
_accountMgr.checkAccess(caller, null, true, owner);
s_logger.debug(String.format("Applying VPN users for %s.", owner.toString()));
List<RemoteAccessVpnVO> vpns = _remoteAccessVpnDao.findByAccount(vpnOwnerId);
List<RemoteAccessVpnVO> vpns = getValidRemoteAccessVpnForAccount(vpnOwnerId);
if (CollectionUtils.isEmpty(vpns)) {
s_logger.debug(String.format("Unable to add VPN user due to there are no remote access VPNs configured on %s to apply VPN user.", owner.toString()));
return false;
if (forRemove) {
return removeVpnUserWithoutRemoteAccessVpn(vpnOwnerId, userName);
}
s_logger.warn(String.format("Unable to apply VPN user due to there are no remote access VPNs configured on %s to apply VPN user.", owner.toString()));
return true;
}
RemoteAccessVpnVO vpnTemp = null;
@ -597,6 +631,12 @@ public class RemoteAccessVpnManagerImpl extends ManagerBase implements RemoteAcc
return success;
}
@DB
@Override
public boolean applyVpnUsers(long vpnOwnerId, String userName) throws ResourceUnavailableException {
return applyVpnUsers(vpnOwnerId, userName, false);
}
@Override
public Pair<List<? extends VpnUser>, Integer> searchForVpnUsers(ListVpnUsersCmd cmd) {
String username = cmd.getUsername();

7
server/src/main/java/com/cloud/projects/ProjectManagerImpl.java
View File

@ -17,10 +17,10 @@
package com.cloud.projects;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Random;
import java.util.TimeZone;
import java.util.UUID;
import java.util.concurrent.Executors;
@ -106,6 +106,8 @@ import org.apache.commons.lang3.BooleanUtils;
public class ProjectManagerImpl extends ManagerBase implements ProjectManager, Configurable {
public static final Logger s_logger = Logger.getLogger(ProjectManagerImpl.class);
private static final SecureRandom secureRandom = new SecureRandom();
@Inject
private DomainDao _domainDao;
@Inject
@ -1349,10 +1351,9 @@ public class ProjectManagerImpl extends ManagerBase implements ProjectManager, C
public static String generateToken(int length) {
String charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
Random rand = new Random(System.currentTimeMillis());
StringBuffer sb = new StringBuffer();
for (int i = 0; i < length; i++) {
int pos = rand.nextInt(charset.length());
int pos = secureRandom.nextInt(charset.length());
sb.append(charset.charAt(pos));
}
return sb.toString();

5
server/src/main/java/com/cloud/server/ManagementServerImpl.java
View File

@ -4189,6 +4189,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Pair<List<? extends SSHKeyPair>, Integer> listSSHKeyPairs(final ListSSHKeyPairsCmd cmd) {
final Long id = cmd.getId();
final String name = cmd.getName();
final String fingerPrint = cmd.getFingerprint();
final String keyword = cmd.getKeyword();
@ -4208,6 +4209,10 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
final SearchCriteria<SSHKeyPairVO> sc = sb.create();
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (id != null) {
sc.addAnd("id", SearchCriteria.Op.EQ, id);
}
if (name != null) {
sc.addAnd("name", SearchCriteria.Op.EQ, name);
}

3
server/src/main/java/com/cloud/storage/StorageManagerImpl.java
View File

@ -2819,6 +2819,9 @@ public class StorageManagerImpl extends ManagerBase implements StorageManager, C
Pair<String, Long> storeUrlAndId = new Pair<>(url, store.getId());
for (HypervisorType hypervisorType : hypSet) {
try {
if (HypervisorType.Simulator == hypervisorType) {
continue;
}
String templateName = getValidTemplateName(zoneId, hypervisorType);
Pair<Hypervisor.HypervisorType, String> hypervisorAndTemplateName =
new Pair<>(hypervisorType, templateName);

23
server/src/main/java/com/cloud/storage/snapshot/SnapshotManagerImpl.java
View File

@ -308,11 +308,12 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement
}
}
DataStoreRole dataStoreRole = getDataStoreRole(snapshot, _snapshotStoreDao, dataStoreMgr);
DataStoreRole dataStoreRole = getDataStoreRole(snapshot);
SnapshotInfo snapshotInfo = snapshotFactory.getSnapshot(snapshotId, dataStoreRole);
if (snapshotInfo == null) {
throw new CloudRuntimeException("snapshot:" + snapshotId + " not exist in data store");
throw new CloudRuntimeException(String.format("snapshot %s [%s] does not exists in data store", snapshot.getName(), snapshot.getUuid()));
}
SnapshotStrategy snapshotStrategy = _storageStrategyFactory.getSnapshotStrategy(snapshot, SnapshotOperation.REVERT);
@ -587,7 +588,7 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement
return false;
}
DataStoreRole dataStoreRole = getDataStoreRole(snapshotCheck, _snapshotStoreDao, dataStoreMgr);
DataStoreRole dataStoreRole = getDataStoreRole(snapshotCheck);
SnapshotDataStoreVO snapshotStoreRef = _snapshotStoreDao.findBySnapshot(snapshotId, dataStoreRole);
@ -1238,15 +1239,11 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement
try {
postCreateSnapshot(volume.getId(), snapshotId, payload.getSnapshotPolicyId());
DataStoreRole dataStoreRole = getDataStoreRole(snapshot, _snapshotStoreDao, dataStoreMgr);
DataStoreRole dataStoreRole = getDataStoreRole(snapshot);
SnapshotDataStoreVO snapshotStoreRef = _snapshotStoreDao.findBySnapshot(snapshotId, dataStoreRole);
if (snapshotStoreRef == null) {
// The snapshot was not backed up to secondary. Find the snap on primary
snapshotStoreRef = _snapshotStoreDao.findBySnapshot(snapshotId, DataStoreRole.Primary);
if (snapshotStoreRef == null) {
throw new CloudRuntimeException("Could not find snapshot");
}
throw new CloudRuntimeException(String.format("Could not find snapshot %s [%s] on [%s]", snapshot.getName(), snapshot.getUuid(), snapshot.getLocationType()));
}
UsageEventUtils.publishUsageEvent(EventTypes.EVENT_SNAPSHOT_CREATE, snapshot.getAccountId(), snapshot.getDataCenterId(), snapshotId, snapshot.getName(), null, null,
snapshotStoreRef.getPhysicalSize(), volume.getSize(), snapshot.getClass().getName(), snapshot.getUuid());
@ -1332,8 +1329,8 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement
}
}
private DataStoreRole getDataStoreRole(Snapshot snapshot, SnapshotDataStoreDao snapshotStoreDao, DataStoreManager dataStoreMgr) {
SnapshotDataStoreVO snapshotStore = snapshotStoreDao.findBySnapshot(snapshot.getId(), DataStoreRole.Primary);
private DataStoreRole getDataStoreRole(Snapshot snapshot) {
SnapshotDataStoreVO snapshotStore = _snapshotStoreDao.findBySnapshot(snapshot.getId(), DataStoreRole.Primary);
if (snapshotStore == null) {
return DataStoreRole.Image;
@ -1346,7 +1343,7 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement
if (mapCapabilities != null) {
String value = mapCapabilities.get(DataStoreCapabilities.STORAGE_SYSTEM_SNAPSHOT.toString());
Boolean supportsStorageSystemSnapshots = new Boolean(value);
Boolean supportsStorageSystemSnapshots = Boolean.valueOf(value);
if (supportsStorageSystemSnapshots) {
return DataStoreRole.Primary;
@ -1354,7 +1351,7 @@ public class SnapshotManagerImpl extends MutualExclusiveIdsManagerBase implement
}
StoragePoolVO storagePoolVO = _storagePoolDao.findById(storagePoolId);
if ((storagePoolVO.getPoolType() == StoragePoolType.RBD || storagePoolVO.getPoolType() == StoragePoolType.PowerFlex) && !BackupSnapshotAfterTakingSnapshot.value()) {
if (storagePoolVO.getPoolType() == StoragePoolType.RBD) {
return DataStoreRole.Primary;
}

4
services/console-proxy/rdpconsole/pom.xml
View File

@ -48,6 +48,10 @@
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>com.sun.xml.security</groupId>
<artifactId>xml-security-impl</artifactId>

21
services/console-proxy/rdpconsole/src/main/java/streamer/bco/BcoSocketWrapperImpl.java
View File

@ -17,12 +17,13 @@
package streamer.bco;
import org.apache.log4j.Logger;
import org.bouncycastle.crypto.tls.Certificate;
import org.bouncycastle.crypto.tls.DefaultTlsClient;
import org.bouncycastle.crypto.tls.ServerOnlyTlsAuthentication;
import org.bouncycastle.crypto.tls.TlsAuthentication;
import org.bouncycastle.crypto.tls.TlsClientProtocol;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.tls.DefaultTlsClient;
import org.bouncycastle.tls.ServerOnlyTlsAuthentication;
import org.bouncycastle.tls.TlsAuthentication;
import org.bouncycastle.tls.TlsClientProtocol;
import org.bouncycastle.tls.TlsServerCertificate;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import streamer.Direction;
import streamer.Event;
import streamer.SocketWrapperImpl;
@ -60,18 +61,18 @@ public class BcoSocketWrapperImpl extends SocketWrapperImpl {
try {
SecureRandom secureRandom = new SecureRandom();
bcoSslSocket = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream(), secureRandom);
bcoSslSocket = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream());
bcoSslSocket.connect(new DefaultTlsClient() {
bcoSslSocket.connect(new DefaultTlsClient(new BcTlsCrypto(new SecureRandom())) {
@Override
public TlsAuthentication getAuthentication() throws IOException {
return new ServerOnlyTlsAuthentication() {
@Override
public void notifyServerCertificate(final Certificate certificate) throws IOException {
public void notifyServerCertificate(final TlsServerCertificate certificate) throws IOException {
try {
if (sslState != null) {
sslState.serverCertificateSubjectPublicKeyInfo = certificate.getCertificateAt(0).getSubjectPublicKeyInfo().getEncoded();
sslState.serverCertificateSubjectPublicKeyInfo =
certificate.getCertificate().getCertificateAt(0).getEncoded();
}
} catch (IOException e) {
throw new RuntimeException("Cannot get server public key.", e);

4
test/integration/smoke/test_kubernetes_supported_versions.py
View File

@ -94,7 +94,9 @@ class TestKubernetesSupportedVersion(cloudstackTestCase):
#Waits for management to come up in 5 mins, when it's up it will continue
timeout = time.time() + 300
while time.time() < timeout:
if cls.isManagementUp() is True: return
if cls.isManagementUp() is True:
time.sleep(30)
return
time.sleep(5)
return cls.fail("Management server did not come up, failing")

2
ui/src/components/view/InfoCard.vue
View File

@ -605,7 +605,7 @@
<div v-for="item in $route.meta.related" :key="item.path">
<router-link
v-if="$router.resolve('/' + item.name).route.name !== '404'"
:to="{ path: '/' + item.name + '?' + item.param + '=' + (item.value ? resource[item.value] : item.param === 'account' ? resource.name + '&domainid=' + resource.domainid : resource.id) }">
:to="{ path: '/' + item.name + '?' + item.param + '=' + (item.value ? resource[item.value] : item.param === 'account' ? resource.name + '&domainid=' + resource.domainid : item.param === 'keypair' ? resource.name : resource.id) }">
<a-button style="margin-right: 10px" :icon="$router.resolve('/' + item.name).route.meta.icon" >
{{ $t('label.view') + ' ' + $t(item.title) }}
</a-button>

1
ui/src/views/network/CreateIsolatedNetworkForm.vue
View File

@ -344,7 +344,6 @@ export default {
var params = {
zoneid: this.selectedZone.id,
guestiptype: 'Isolated',
supportedServices: 'SourceNat',
state: 'Enabled'
}
if (isAdminOrDomainAdmin() && this.selectedDomain.id !== '-1') { // domain is visible only for admins

9
ui/src/views/network/CreateNetwork.vue
View File

@ -17,7 +17,7 @@
<template>
<a-spin :spinning="loading" class="form-layout">
<a-tabs defaultActiveKey="1" :animated="false" v-if="!loading">
<a-tabs :default-active-key="defaultNetworkTypeTabKey" :animated="false" v-if="!loading">
<a-tab-pane :tab="$t('label.isolated')" key="1" v-if="isAdvancedZoneWithoutSGAvailable">
<CreateIsolatedNetworkForm
:loading="loading"
@ -68,7 +68,7 @@ export default {
},
data () {
return {
isAdvancedZoneWithoutSGAvailable: true,
isAdvancedZoneWithoutSGAvailable: false,
defaultNetworkTypeTabKey: '1',
loading: false,
actionZones: [],
@ -79,14 +79,17 @@ export default {
const promises = []
promises.push(this.fetchActionZoneData())
Promise.all(promises).then(() => {
this.isAdvancedZoneWithoutSGAvailable = false
this.defaultNetworkTypeTabKey = '2'
for (const i in this.actionZones) {
const zone = this.actionZones[i]
if (zone.networktype === 'Advanced' && zone.securitygroupsenabled !== true) {
this.isAdvancedZoneWithoutSGAvailable = true
this.defaultNetworkTypeTabKey = '1'
return
}
}
this.isAdvancedZoneWithoutSGAvailable = false
})
},
methods: {

4
utils/pom.xml
View File

@ -70,6 +70,10 @@
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>