mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
Bug 12771 - management-server.log displays ipmi related credentials in plain text
status 12771: resolved fixed
This commit is contained in:
frank
parent
adaea570e4
commit
f449cd7350
@ -54,6 +54,8 @@ import com.cloud.resource.UnableDeleteHostException;
|
||||
import com.cloud.utils.component.Inject;
|
||||
import com.cloud.utils.exception.CloudRuntimeException;
|
||||
import com.cloud.utils.script.Script;
|
||||
import com.cloud.utils.script.Script2;
|
||||
import com.cloud.utils.script.Script2.ParamType;
|
||||
import com.cloud.vm.VMInstanceVO;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
import com.cloud.vm.dao.VMInstanceDao;
|
||||
@ -127,14 +129,14 @@ public class BareMetalDiscoverer extends DiscovererBase implements Discoverer, R
|
||||
+ injectScript);
|
||||
}
|
||||
|
||||
final Script command = new Script(scriptPath, s_logger);
|
||||
final Script2 command = new Script2(scriptPath, s_logger);
|
||||
command.add("ping");
|
||||
command.add("hostname="+ipmiIp);
|
||||
command.add("usrname="+username);
|
||||
command.add("password="+password);
|
||||
command.add("password="+password, ParamType.PASSWORD);
|
||||
final String result = command.execute();
|
||||
if (result != null) {
|
||||
s_logger.warn(String.format("Can not set up ipmi connection(ip=%1$s, username=%2$s, password=%3$s, args) because %4$s", ipmiIp, username, password, result));
|
||||
s_logger.warn(String.format("Can not set up ipmi connection(ip=%1$s, username=%2$s, password=%3$s, args) because %4$s", ipmiIp, username, "******", result));
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -180,7 +182,7 @@ public class BareMetalDiscoverer extends DiscovererBase implements Discoverer, R
|
||||
_dcDao.update(zone.getId(), zone);
|
||||
|
||||
s_logger.debug(String.format("Discover Bare Metal host successfully(ip=%1$s, username=%2$s, password=%3%s," +
|
||||
"cpuNum=%4$s, cpuCapacity-%5$s, memCapacity=%6$s)", ipmiIp, username, password, cpuNum, cpuCapacity, memCapacity));
|
||||
"cpuNum=%4$s, cpuCapacity-%5$s, memCapacity=%6$s)", ipmiIp, username, "******", cpuNum, cpuCapacity, memCapacity));
|
||||
return resources;
|
||||
} catch (Exception e) {
|
||||
s_logger.warn("Can not set up bare metal agent", e);
|
||||
|
||||
@ -63,6 +63,8 @@ import com.cloud.resource.ServerResource;
|
||||
import com.cloud.utils.exception.CloudRuntimeException;
|
||||
import com.cloud.utils.script.OutputInterpreter;
|
||||
import com.cloud.utils.script.Script;
|
||||
import com.cloud.utils.script.Script2;
|
||||
import com.cloud.utils.script.Script2.ParamType;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
|
||||
@ -83,15 +85,15 @@ public class BareMetalResourceBase implements ServerResource {
|
||||
protected String _password;
|
||||
protected String _ip;
|
||||
protected IAgentControl _agentControl;
|
||||
protected Script _pingCommand;
|
||||
protected Script _setPxeBootCommand;
|
||||
protected Script _setDiskBootCommand;
|
||||
protected Script _rebootCommand;
|
||||
protected Script _getStatusCommand;
|
||||
protected Script _powerOnCommand;
|
||||
protected Script _powerOffCommand;
|
||||
protected Script _forcePowerOffCommand;
|
||||
protected Script _bootOrRebootCommand;
|
||||
protected Script2 _pingCommand;
|
||||
protected Script2 _setPxeBootCommand;
|
||||
protected Script2 _setDiskBootCommand;
|
||||
protected Script2 _rebootCommand;
|
||||
protected Script2 _getStatusCommand;
|
||||
protected Script2 _powerOnCommand;
|
||||
protected Script2 _powerOffCommand;
|
||||
protected Script2 _forcePowerOffCommand;
|
||||
protected Script2 _bootOrRebootCommand;
|
||||
protected String _vmName;
|
||||
|
||||
private void changeVmState(String vmName, VirtualMachine.State state) {
|
||||
@ -158,64 +160,64 @@ public class BareMetalResourceBase implements ServerResource {
|
||||
if (scriptPath == null) {
|
||||
throw new ConfigurationException("Cannot find ping script " + scriptPath);
|
||||
}
|
||||
_pingCommand = new Script(scriptPath, s_logger);
|
||||
_pingCommand = new Script2(scriptPath, s_logger);
|
||||
_pingCommand.add("ping");
|
||||
_pingCommand.add("hostname="+_ip);
|
||||
_pingCommand.add("usrname="+_username);
|
||||
_pingCommand.add("password="+_password);
|
||||
_pingCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
|
||||
_setPxeBootCommand = new Script(scriptPath, s_logger);
|
||||
_setPxeBootCommand = new Script2(scriptPath, s_logger);
|
||||
_setPxeBootCommand.add("boot_dev");
|
||||
_setPxeBootCommand.add("hostname="+_ip);
|
||||
_setPxeBootCommand.add("usrname="+_username);
|
||||
_setPxeBootCommand.add("password="+_password);
|
||||
_setPxeBootCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
_setPxeBootCommand.add("dev=pxe");
|
||||
|
||||
_setDiskBootCommand = new Script(scriptPath, s_logger);
|
||||
_setDiskBootCommand = new Script2(scriptPath, s_logger);
|
||||
_setDiskBootCommand.add("boot_dev");
|
||||
_setDiskBootCommand.add("hostname="+_ip);
|
||||
_setDiskBootCommand.add("usrname="+_username);
|
||||
_setDiskBootCommand.add("password="+_password);
|
||||
_setDiskBootCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
_setDiskBootCommand.add("dev=disk");
|
||||
|
||||
_rebootCommand = new Script(scriptPath, s_logger);
|
||||
_rebootCommand = new Script2(scriptPath, s_logger);
|
||||
_rebootCommand.add("reboot");
|
||||
_rebootCommand.add("hostname="+_ip);
|
||||
_rebootCommand.add("usrname="+_username);
|
||||
_rebootCommand.add("password="+_password);
|
||||
_rebootCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
|
||||
_getStatusCommand = new Script(scriptPath, s_logger);
|
||||
_getStatusCommand = new Script2(scriptPath, s_logger);
|
||||
_getStatusCommand.add("ping");
|
||||
_getStatusCommand.add("hostname="+_ip);
|
||||
_getStatusCommand.add("usrname="+_username);
|
||||
_getStatusCommand.add("password="+_password);
|
||||
_getStatusCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
|
||||
_powerOnCommand = new Script(scriptPath, s_logger);
|
||||
_powerOnCommand = new Script2(scriptPath, s_logger);
|
||||
_powerOnCommand.add("power");
|
||||
_powerOnCommand.add("hostname="+_ip);
|
||||
_powerOnCommand.add("usrname="+_username);
|
||||
_powerOnCommand.add("password="+_password);
|
||||
_powerOnCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
_powerOnCommand.add("action=on");
|
||||
|
||||
_powerOffCommand = new Script(scriptPath, s_logger);
|
||||
_powerOffCommand = new Script2(scriptPath, s_logger);
|
||||
_powerOffCommand.add("power");
|
||||
_powerOffCommand.add("hostname="+_ip);
|
||||
_powerOffCommand.add("usrname="+_username);
|
||||
_powerOffCommand.add("password="+_password);
|
||||
_powerOffCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
_powerOffCommand.add("action=soft");
|
||||
|
||||
_forcePowerOffCommand = new Script(scriptPath, s_logger);
|
||||
_forcePowerOffCommand = new Script2(scriptPath, s_logger);
|
||||
_forcePowerOffCommand.add("power");
|
||||
_forcePowerOffCommand.add("hostname=" + _ip);
|
||||
_forcePowerOffCommand.add("usrname=" + _username);
|
||||
_forcePowerOffCommand.add("password=" + _password);
|
||||
_forcePowerOffCommand.add("password=" + _password, ParamType.PASSWORD);
|
||||
_forcePowerOffCommand.add("action=off");
|
||||
|
||||
_bootOrRebootCommand = new Script(scriptPath, s_logger);
|
||||
_bootOrRebootCommand = new Script2(scriptPath, s_logger);
|
||||
_bootOrRebootCommand.add("boot_or_reboot");
|
||||
_bootOrRebootCommand.add("hostname="+_ip);
|
||||
_bootOrRebootCommand.add("usrname="+_username);
|
||||
_bootOrRebootCommand.add("password="+_password);
|
||||
_bootOrRebootCommand.add("password="+_password, ParamType.PASSWORD);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
4
server/src/com/cloud/baremetal/DhcpdResource.java
Normal file → Executable file
4
server/src/com/cloud/baremetal/DhcpdResource.java
Normal file → Executable file
@ -40,11 +40,11 @@ public class DhcpdResource extends ExternalDhcpResourceBase {
|
||||
com.trilead.ssh2.Connection sshConnection = null;
|
||||
try {
|
||||
super.configure(name, params);
|
||||
s_logger.debug(String.format("Trying to connect to DHCP server(IP=%1$s, username=%2$s, password=%3$s)", _ip, _username, _password));
|
||||
s_logger.debug(String.format("Trying to connect to DHCP server(IP=%1$s, username=%2$s, password=%3$s)", _ip, _username, "******"));
|
||||
sshConnection = SSHCmdHelper.acquireAuthorizedConnection(_ip, _username, _password);
|
||||
if (sshConnection == null) {
|
||||
throw new ConfigurationException(
|
||||
String.format("Cannot connect to DHCP server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
String.format("Cannot connect to DHCP server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, "******"));
|
||||
}
|
||||
|
||||
if (!SSHCmdHelper.sshExecuteCmd(sshConnection, "[ -f '/usr/sbin/dhcpd' ]")) {
|
||||
|
||||
4
server/src/com/cloud/baremetal/PingPxeServerResource.java
Normal file → Executable file
4
server/src/com/cloud/baremetal/PingPxeServerResource.java
Normal file → Executable file
@ -87,13 +87,13 @@ public class PingPxeServerResource extends PxeServerResourceBase {
|
||||
|
||||
com.trilead.ssh2.Connection sshConnection = new com.trilead.ssh2.Connection(_ip, 22);
|
||||
|
||||
s_logger.debug(String.format("Trying to connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, _password));
|
||||
s_logger.debug(String.format("Trying to connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username, "******"));
|
||||
try {
|
||||
sshConnection.connect(null, 60000, 60000);
|
||||
if (!sshConnection.authenticateWithPassword(_username, _password)) {
|
||||
s_logger.debug("SSH Failed to authenticate");
|
||||
throw new ConfigurationException(String.format("Cannot connect to PING PXE server(IP=%1$s, username=%2$s, password=%3$s", _ip, _username,
|
||||
_password));
|
||||
"******"));
|
||||
}
|
||||
|
||||
String cmd = String.format("[ -f /%1$s/pxelinux.0 ] && [ -f /%2$s/kernel ] && [ -f /%3$s/initrd.gz ] ", _tftpDir, _tftpDir, _tftpDir);
|
||||
|
||||
53
utils/src/com/cloud/utils/script/Script2.java
Executable file
53
utils/src/com/cloud/utils/script/Script2.java
Executable file
@ -0,0 +1,53 @@
|
||||
package com.cloud.utils.script;
|
||||
|
||||
|
||||
import java.util.HashMap;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
|
||||
public class Script2 extends Script {
|
||||
HashMap<String, ParamType> _params = new HashMap<String, ParamType>();
|
||||
|
||||
public static enum ParamType {
|
||||
NORMAL,
|
||||
PASSWORD,
|
||||
}
|
||||
|
||||
public Script2(String command, Logger logger) {
|
||||
this(command, 0, logger);
|
||||
}
|
||||
|
||||
public Script2(String command, long timeout, Logger logger) {
|
||||
super(command, timeout, logger);
|
||||
}
|
||||
|
||||
public void add(String param, ParamType type) {
|
||||
_params.put(param, type);
|
||||
super.add(param);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void add(String param) {
|
||||
add(param, ParamType.NORMAL);
|
||||
}
|
||||
|
||||
private ParamType getType(String cmd) {
|
||||
return _params.get(cmd);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String buildCommandLine(String[] command) {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
for (int i = 0; i < command.length; i++) {
|
||||
String cmd = command[i];
|
||||
ParamType type = getType(cmd);
|
||||
if (type == ParamType.PASSWORD) {
|
||||
builder.append("******").append(" ");
|
||||
} else {
|
||||
builder.append(command[i]).append(" ");
|
||||
}
|
||||
}
|
||||
|
||||
return builder.toString();
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user