apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 11:52:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,229 Commits 307 Branches 324 Tags
Commit Graph

369 Commits

Author SHA1 Message Date
frank
f449cd7350 Bug 12771 - management-server.log displays ipmi related credentials in plain text 
status 12771: resolved fixed
 2012-01-09 14:42:01 -08:00
Kelven Yang
323a07d7e2 bug 12709: incremental fix - profiling management server clustering heartbeat activities 2012-01-05 14:59:45 -08:00
Alena Prokharchyk
0731dac370 bug 12399: introduced periodic thread that expires Project invitations 
status 12399: resolved fixed
 2011-12-09 12:21:41 -08:00
Edison Su
08ae2bc9ff fix loading agent in ssvm 2011-12-07 15:02:57 -08:00
frank
88e4cdc458 Bug 11939 - unify components.xml and components-premium.xml into components.xml 
status 11939: resolved fixed
 2011-12-07 11:34:57 -08:00
prachi
0769a3b3f3 API Server changes needed to read a properties file present within a jar provided in classpath. 2011-11-29 18:02:19 -08:00
Alena Prokharchyk
ecd7004f15 bug 11978: don't allow passing -, + and spaces for instance.name config param 
status 11978: resolved fixed
 2011-11-28 11:52:46 -08:00
kishan
e86b03c2e6 bug 12187 : Handle empty strings while encrypting and decrypting 
status 12187 : resolved fixed
reviewed-by: Abhi
 2011-11-28 22:20:44 +05:30
Alex Huang
3d6a87867a print out the statement on closing for better debugging output 2011-11-18 14:29:05 -08:00
Sheng Yang
257836284a bug 11904: Fix regression caused by OpenJDK 1.6.0 security fix 
It’s due to an security fix of OpenJDK 1.6.0 added by Redhat. Here is excerpt
of [RHSA-2011:1380-01] Critical: java-1.6.0-openjdk security update(
https://www.redhat.com/archives/rhsa-announce/2011-October/msg00011.html)

    A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block
    ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a
    chosen plain text attack against a connection mixing trusted and untrusted
    data could use this flaw to recover portions of the trusted data sent over
    the connection. (CVE-2011-3389)

    Note: This update mitigates the CVE-2011-3389 issue by splitting the first
    application data record byte to a separate SSL/TLS protocol record. This
    mitigation may cause compatibility issues with some SSL/TLS implementations
    and can be disabled using the jsse.enableCBCProtection boolean property.
    This can be done on the command line by appending the flag
    "-Djsse.enableCBCProtection=false" to the java command.

To our knowledge, there are two condition need to be met to trigger this bug:
1.    Using old keystore generated by mgmt. server 2.2.8, which is signed with
SHA1withDSA. Any version later than 2.2.8 would generate keystore signed with
SHA1withRSA. RSA one seems fine with us so far.
2.    Use OpenJDK >=1.6.0.

The reason is, due to the security fix above, the assumption that one packet
would contain only one SSL record is broken. The decrypted data maybe only
contained the first byte of original application data. Then result in buffer
underflow when mgmt server want to read more from it.

To workaround it, according to the message above, add
"-Djsse.enableCBCProtection=false" to tomcat6.conf JAVA_OPTS line would work.
Notice the parameter would only work with latest version of OpenJDK, so simply
add it to the all setup would not work.

This patch provided a fix for it.

status 11904: resolved fixed
 2011-11-16 18:40:14 -08:00
Kelven Yang
bf4076b559 Fix the problem in retrieving default host IP on windows platform 2011-11-14 11:33:51 -08:00
Alex Huang
ddbcd01f56 fixed up unit test 2011-11-11 14:15:13 -08:00
Alex Huang
f6fcaa49ec Merge complete except for virtualnetworkappliancemanager 2011-11-10 15:18:16 -08:00
alena
a32c4f1ec6 Fixed unit tests 2011-11-03 14:02:53 -07:00
Kelven Yang
924e556c95 bug 6745: Using UUID instead of integers - for all commands 2011-11-03 07:34:00 -07:00
frank
cef30956e9 Merge branch 'newagentmgr' 
Conflicts:
	agent-simulator/src/com/cloud/api/commands/ConfigureSimulator.java
	ovm/src/com/cloud/ovm/hypervisor/OvmDiscoverer.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/capacity/CapacityManagerImpl.java
	server/src/com/cloud/network/F5BigIpManagerImpl.java
	server/src/com/cloud/network/JuniperSrxManagerImpl.java
	server/src/com/cloud/resource/ResourceManagerImpl.java
	server/src/com/cloud/server/ManagementServerImpl.java
	server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	utils/src/com/cloud/utils/db/GenericDao.java
 2011-10-27 11:09:56 -07:00
Edison Su
92eaf49f29 Add storage migration 2011-10-24 15:59:47 -07:00
kishan
8487803f5a bug 5822, 10783: Security enhancements initial checkin. Added encryption support to db.properties and some DB values. 2011-10-24 18:02:31 +05:30
Abhinandan Prateek
ed2816051a bug 11354: enabled cache for listBy Dao calls and specifically for listBySecurityGroup 2011-10-24 10:50:44 +05:30
kishan
83b4d2f7f9 bug 5822, 10783: Security enhancements initial checkin. Added encryption support to db.properties and some DB values. 2011-10-24 10:26:02 +05:30
Abhinandan Prateek
bd774ab7a7 bug 11354: query cache option is being enabled at DAO level. To use the cache sql paramter query_cache_type should be set to 2 and query_cache_size should be set to a value greated than 40kb. These can be set in my.ini. There are more tuning paramters which can be fine tuned and they are mentioned here http://dev.mysql.com/doc/refman/5.5/en/query-cache-configuration.html 2011-10-20 13:23:14 +05:30
prachi
8570b25506 NAAS: APIServer changes to introduce framework to read commands from pluggable components having separate commands.properties file 
Changes:
- Added a new interface 'PluggableService'
- Any component that can be packaged separately from cloudstack, can implement this interface and provide its own property file listing the API commands the component supports
- As an example have made VirtualNetworkApplianceService pluggable and a new configureRouter command is added
- ComponentLocator reads all the pluggable service from componentLibrary or from components.xml and instantiates the services.
- As an example, DefaultComponentLibrary adds the pluggable service 'VirtualNetworkApplianceService'
- Also components.xml.in has an entry to show how a pluggable service can be added, but it is commented out.
- APIServer now reads the commands for each pluggable service and when a command for such a service is called, APIServer sets the required instance of the pluggable service in the coomand.
- To do this a new annotation '@PlugService' is added that is processed by APIServer. This eliminates the dependency on the BaseCmd to instantiate the service instances.
 2011-10-11 17:34:57 -07:00
alena
1c02374708 Fixed the bug in random seq allocator code - always do "+1" because .netxInt(10) method can return 0, and the id in this case will be equal the id already present in the DB. 2011-10-11 12:40:51 +05:30
kishan
7de5153d74 bug 11561: Added new Dao RandomlyIncreasing, which will increase the Vm Id by 1-10 randomly 
status 11561: resolved fixed
 2011-10-11 12:40:50 +05:30
frank
88b863d6e3 Bug 11522 - New agent manager 
Initialize unit test case for resource manager
 2011-10-07 15:51:24 -07:00
frank
0f5384d086 Bug 11522 - New agent manager 
move findxxx interface from HostDao to Managers
 2011-10-06 11:56:17 -07:00
frank
24b82a7a89 Bug 11522 - New agent manager 
call SearchCriteriaService interface instead of SearchCriteria2 instance
 2011-10-06 10:32:07 -07:00
frank
2b0afe505d Bug 11522 - New agent manager 
refine SearchCirteria2
 2011-10-05 16:49:47 -07:00
frank
89e04458b6 Bug 11522 - New agent manager 
move all listxxx interface from HostDao to managers(ResourceManager, SecondaryStorageVmManager etc) with decent name using SearchCriteria2
or direct call SearchCriteria2 on demand
 2011-10-04 14:35:26 -07:00
Edison Su
ae83246acb bug 11600: aquirelock before deleting a volume, which can be aquired by snapshot manager 
status 11600: resolved fixed
 2011-10-03 16:43:47 -07:00
frank
683113cc38 Bug 11522 - New agent manager 
get rid of all secondary storage interface from HostDao, instead, put them in
SecondaryStorageVmManager using SearchCriteria2 with decent name
 2011-10-03 11:21:34 -07:00
frank
3947c9a126 Bug 11522 - New agent manager 
Initailize SearchCriteria2 in order to replace search interface of DAO
 2011-10-03 10:32:27 -07:00
frank
e8c13e10c7 Bug 11522 - New agent manager 
able to compile besides mycloud stuff
 2011-09-26 16:55:20 -07:00
Kelven Yang
2a6de104e2 bug 11531: while taking snapshot on volume, if volume is attached to a VM instance and under VMware, check if there are other ongoing snapshot tasks for the VM instance. 2011-09-22 16:22:12 -07:00
kishan
3dce7ebd03 bug 10782: Add SSL properties in db.properties. Modified JDBC URL to use SSL properties when enabled 2011-09-07 19:52:10 +05:30
Abhinandan Prateek
3c6a0efa29 bug 11181: adding a param so that mysql can cache the listVM prepared statement sql effectively 2011-09-07 05:50:33 +05:30
alena
b5b695b82a bug 11262: validate public key before processing it 
status 11262: resolved fixed
 2011-08-29 11:07:01 -07:00
alena
9544d42908 bug 11060: use lockTable instead of rowLock when createDomR/createDhcp 
status 11060: resolved fixed
 2011-08-24 11:01:23 -07:00
alena
8a7feb8ec1 Merge branch '2.2.y' 
Conflicts:
	agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java
	api/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
	api/src/com/cloud/agent/api/to/FirewallRuleTO.java
	api/src/com/cloud/agent/api/to/IpAddressTO.java
	api/src/com/cloud/agent/api/to/PortForwardingRuleTO.java
	api/src/com/cloud/api/ApiConstants.java
	api/src/com/cloud/api/BaseCmd.java
	api/src/com/cloud/api/ResponseGenerator.java
	api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java
	api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
	api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
	api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
	api/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java
	api/src/com/cloud/api/commands/ListCapabilitiesCmd.java
	api/src/com/cloud/api/commands/UpdateNetworkCmd.java
	api/src/com/cloud/api/response/CapabilitiesResponse.java
	api/src/com/cloud/network/Network.java
	api/src/com/cloud/network/NetworkService.java
	api/src/com/cloud/network/firewall/FirewallService.java
	api/src/com/cloud/network/lb/LoadBalancingRule.java
	api/src/com/cloud/network/lb/LoadBalancingRulesService.java
	api/src/com/cloud/network/rules/FirewallRule.java
	api/src/com/cloud/network/rules/RulesService.java
	api/src/com/cloud/offering/NetworkOffering.java
	client/tomcatconf/commands.properties.in
	cloud.spec
	core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
	core/src/com/cloud/hypervisor/xen/resource/CitrixHelper.java
	core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
	core/src/com/cloud/storage/template/DownloadManagerImpl.java
	core/src/com/cloud/vm/DomainRouterVO.java
	debian/cloud-deps.install
	patches/systemvm/debian/config/etc/init.d/cloud-early-config
	patches/systemvm/debian/config/root/ipassoc.sh
	patches/systemvm/debian/config/root/loadbalancer.sh
	scripts/vm/hypervisor/kvm/rundomrpre.sh
	scripts/vm/hypervisor/xenserver/vmops
	server/src/com/cloud/agent/manager/AgentAttache.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/agent/manager/AgentMonitor.java
	server/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
	server/src/com/cloud/alert/ClusterAlertAdapter.java
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/cluster/ClusterManagerImpl.java
	server/src/com/cloud/configuration/Config.java
	server/src/com/cloud/configuration/ConfigurationManager.java
	server/src/com/cloud/configuration/ConfigurationManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/deploy/FirstFitPlanner.java
	server/src/com/cloud/ha/HighAvailabilityManagerImpl.java
	server/src/com/cloud/host/dao/HostDaoImpl.java
	server/src/com/cloud/hypervisor/xen/discoverer/XcpServerDiscoverer.java
	server/src/com/cloud/network/LoadBalancerVO.java
	server/src/com/cloud/network/NetworkManager.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/dao/FirewallRulesDao.java
	server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java
	server/src/com/cloud/network/element/DhcpElement.java
	server/src/com/cloud/network/element/VirtualRouterElement.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/rules/FirewallManager.java
	server/src/com/cloud/network/rules/FirewallRuleVO.java
	server/src/com/cloud/network/rules/PortForwardingRuleVO.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/src/com/cloud/network/rules/StaticNatRuleImpl.java
	server/src/com/cloud/network/security/SecurityGroupListener.java
	server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
	server/src/com/cloud/offerings/NetworkOfferingVO.java
	server/src/com/cloud/server/ConfigurationServerImpl.java
	server/src/com/cloud/server/ManagementServerImpl.java
	server/src/com/cloud/storage/StorageManager.java
	server/src/com/cloud/storage/StorageManagerImpl.java
	server/src/com/cloud/storage/dao/VMTemplateHostDaoImpl.java
	server/src/com/cloud/storage/download/DownloadMonitorImpl.java
	server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
	server/src/com/cloud/upgrade/dao/Upgrade228to229.java
	server/src/com/cloud/upgrade/dao/Upgrade229to2210.java
	server/src/com/cloud/user/AccountManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	server/src/com/cloud/vm/dao/DomainRouterDao.java
	server/src/com/cloud/vm/dao/DomainRouterDaoImpl.java
	setup/db/create-index-fk.sql
	setup/db/create-schema.sql
	setup/db/db/schema-222to224.sql
	setup/db/db/schema-227to228.sql
	setup/db/db/schema-228to229.sql
	setup/db/db/schema-229to2210.sql
	tools/testClient/README
	ui/scripts/cloud.core.instance.js
	utils/src/com/cloud/utils/SerialVersionUID.java
	utils/src/com/cloud/utils/db/ConnectionConcierge.java
	utils/src/com/cloud/utils/db/Merovingian2.java
	utils/src/com/cloud/utils/db/Transaction.java
	utils/src/com/cloud/utils/nio/Link.java
	utils/src/com/cloud/utils/nio/NioConnection.java
	utils/src/com/cloud/utils/time/InaccurateClock.java
 2011-08-22 20:28:30 -07:00
Alex Huang
009e60266d fix for the problem of locking connection being gone 2011-08-22 10:08:22 -07:00
Alex Huang
40dac77872 fix for the problem of locking connection being gone 2011-08-22 10:05:37 -07:00
frank
18f87c2108 Merge branch 'cvm' into 2.2.y 
Conflicts:
	api/src/com/cloud/api/BaseCmd.java
	cloud.spec
	core/src/com/cloud/storage/template/DownloadManagerImpl.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/deploy/FirstFitPlanner.java
	server/src/com/cloud/host/dao/HostDao.java
	server/src/com/cloud/network/security/SecurityGroupListener.java
	server/src/com/cloud/storage/StorageManagerImpl.java
	server/src/com/cloud/storage/listener/StoragePoolMonitor.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	utils/src/com/cloud/utils/SerialVersionUID.java
 2011-08-19 16:08:35 -07:00
Alex Huang
6e7ad8830f bug 11043: Propagating fix 2011-08-11 10:30:03 -07:00
Alex Huang
15f86d3d93 bug 11043: rverted the bad fix 2011-08-11 10:25:31 -07:00
alena
6b9603bc4c bug 10561: intermidiate checkin for FirewallRuleFeature 
1) Added new apis: createFirewallRule, deleteFirewallRule, listFirewallRules
2) Modified existing apis - added boolean openFirewall parameter to createPortForwardingRule/createIpForwardingRule/createRemoteAccessVpn. If parameter is set to true, open firewall on the domR before creating an actual PF rule there
Modified backend calls appropriately.
3) Schema changes for firewall_rules table:
* startPort/endPort can be null now
* added icmp_type, icmp_code fields (can be not null only when protocol is icmp)
4) Added new manager - FirewallManagerImpl

Conflicts:

	api/src/com/cloud/api/BaseCmd.java
	client/tomcatconf/commands.properties.in
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2011-08-09 15:51:56 -07:00
Alex Huang
a0ea38eb24 Added a method to tell if the inaccurate clock is keeping up with the current time 2011-08-09 10:53:12 -07:00
Alex Huang
5fc13a63b1 There's no background thread working on maintaining the connections 2011-08-09 10:51:13 -07:00
alena
06d007337a bug 10561: intermidiate checkin for FirewallRuleFeature 
1) Added new apis: createFirewallRule, deleteFirewallRule, listFirewallRules
2) Modified existing apis - added boolean openFirewall parameter to createPortForwardingRule/createIpForwardingRule/createRemoteAccessVpn. If parameter is set to true, open firewall on the domR before creating an actual PF rule there
Modified backend calls appropriately.
3) Schema changes for firewall_rules table:
* startPort/endPort can be null now
* added icmp_type, icmp_code fields (can be not null only when protocol is icmp)
4) Added new manager - FirewallManagerImpl
 2011-08-08 20:59:40 -07:00
frank
6aaf3d5ae0 Merge branch 'cvm' 
Conflicts:
	api/src/com/cloud/api/BaseCmd.java
	api/src/com/cloud/storage/Storage.java
	cloud.spec
	core/src/com/cloud/storage/template/DownloadManagerImpl.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/deploy/FirstFitPlanner.java
	server/src/com/cloud/host/dao/HostDao.java
	server/src/com/cloud/storage/StorageManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	utils/src/com/cloud/utils/SerialVersionUID.java
 2011-08-08 14:14:09 -07:00
Kelven Yang
e4a1d491c1 bug 10976: NPE fix to avoid blocking shutdown process 2011-08-05 14:10:15 -07:00