diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade302to40.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade302to40.java index 11e560859e3..45f5f1bc2b8 100644 --- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade302to40.java +++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade302to40.java @@ -74,6 +74,7 @@ public class Upgrade302to40 extends Upgrade30xBase implements DbUpgrade { setupExternalNetworkDevices(conn); fixZoneUsingExternalDevices(conn); encryptConfig(conn); + encryptClusterDetails(conn); } @Override @@ -1072,4 +1073,42 @@ public class Upgrade302to40 extends Upgrade30xBase implements DbUpgrade { } s_logger.debug("Done encrypting Config values"); } + + private void encryptClusterDetails(Connection conn) { + s_logger.debug("Encrypting cluster details"); + PreparedStatement pstmt = null; + ResultSet rs = null; + try { + pstmt = conn.prepareStatement("select id, value from `cloud`.`cluster_details` where name = 'password'"); + rs = pstmt.executeQuery(); + while (rs.next()) { + long id = rs.getLong(1); + String value = rs.getString(2); + if (value == null) { + continue; + } + String encryptedValue = DBEncryptionUtil.encrypt(value); + pstmt = conn.prepareStatement("update `cloud`.`cluster_details` set value=? where id=?"); + pstmt.setBytes(1, encryptedValue.getBytes("UTF-8")); + pstmt.setLong(2, id); + pstmt.executeUpdate(); + } + } catch (SQLException e) { + throw new CloudRuntimeException("Unable encrypt cluster_details values ", e); + } catch (UnsupportedEncodingException e) { + throw new CloudRuntimeException("Unable encrypt cluster_details values ", e); + } finally { + try { + if (rs != null) { + rs.close(); + } + + if (pstmt != null) { + pstmt.close(); + } + } catch (SQLException e) { + } + } + s_logger.debug("Done encrypting cluster_details"); + } } diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade304to305.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade304to305.java index 3e8db4a8a49..bfbce898540 100644 --- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade304to305.java +++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade304to305.java @@ -19,6 +19,7 @@ package com.cloud.upgrade.dao; import java.io.File; +import java.io.UnsupportedEncodingException; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; @@ -27,6 +28,7 @@ import java.util.ArrayList; import java.util.List; import java.util.UUID; +import com.cloud.utils.crypt.DBEncryptionUtil; import org.apache.log4j.Logger; import com.cloud.utils.exception.CloudRuntimeException; @@ -68,6 +70,7 @@ public class Upgrade304to305 extends Upgrade30xBase implements DbUpgrade { fixZoneUsingExternalDevices(conn); // updateSystemVms(conn); fixForeignKeys(conn); + encryptClusterDetails(conn); } @Override @@ -455,4 +458,42 @@ public class Upgrade304to305 extends Upgrade30xBase implements DbUpgrade { throw new CloudRuntimeException("Unable to execute ssh_keypairs table update for adding domain_id foreign key", e); } } + + private void encryptClusterDetails(Connection conn) { + s_logger.debug("Encrypting cluster details"); + PreparedStatement pstmt = null; + ResultSet rs = null; + try { + pstmt = conn.prepareStatement("select id, value from `cloud`.`cluster_details` where name = 'password'"); + rs = pstmt.executeQuery(); + while (rs.next()) { + long id = rs.getLong(1); + String value = rs.getString(2); + if (value == null) { + continue; + } + String encryptedValue = DBEncryptionUtil.encrypt(value); + pstmt = conn.prepareStatement("update `cloud`.`cluster_details` set value=? where id=?"); + pstmt.setBytes(1, encryptedValue.getBytes("UTF-8")); + pstmt.setLong(2, id); + pstmt.executeUpdate(); + } + } catch (SQLException e) { + throw new CloudRuntimeException("Unable encrypt cluster_details values ", e); + } catch (UnsupportedEncodingException e) { + throw new CloudRuntimeException("Unable encrypt cluster_details values ", e); + } finally { + try { + if (rs != null) { + rs.close(); + } + + if (pstmt != null) { + pstmt.close(); + } + } catch (SQLException e) { + } + } + s_logger.debug("Done encrypting cluster_details"); + } }