Permalink
Browse files

Merge branch 'team/clc-dev/MERGE_33_MARCH' into testing

  • Loading branch information...
2 parents dc6ec50 + 4f3d266 commit 43d4bbc045324e997ffe0bfaefc11da2b7899c2d @mspaulding06 mspaulding06 committed Mar 5, 2013
Showing with 2,855 additions and 380 deletions.
  1. +1 −0 clc/.classpath
  2. +12 −2 clc/modules/cluster-manager/src/main/java/com/eucalyptus/blockstorage/VolumeManager.java
  3. +8 −2 clc/modules/cluster-manager/src/main/java/com/eucalyptus/cluster/Cluster.java
  4. +22 −0 clc/modules/cluster-manager/src/main/java/com/eucalyptus/vm/VmInstances.java
  5. +5 −5 clc/modules/msgs/src/main/java/com/eucalyptus/auth/login/WalrusWrappedComponentCredentials.java
  6. +24 −0 clc/modules/msgs/src/main/java/com/eucalyptus/auth/util/X509CertHelper.java
  7. +2 −1 clc/modules/msgs/src/main/java/com/eucalyptus/component/Partition.java
  8. +8 −0 clc/modules/msgs/src/main/java/com/eucalyptus/component/auth/SystemCredentials.java
  9. +1 −1 clc/modules/msgs/src/main/java/com/eucalyptus/http/MappingHttpRequest.java
  10. +3 −3 clc/modules/storage-controller/src/main/java/com/eucalyptus/storage/OverlayManager.java
  11. +2 −1 clc/modules/storage-controller/src/main/java/edu/ucsb/eucalyptus/cloud/ws/HttpReader.java
  12. +203 −18 clc/modules/storage-controller/src/main/java/edu/ucsb/eucalyptus/cloud/ws/HttpTransfer.java
  13. +22 −5 clc/modules/storage-controller/src/main/java/edu/ucsb/eucalyptus/cloud/ws/HttpWriter.java
  14. +42 −36 clc/modules/walrus/src/main/java/com/eucalyptus/auth/login/WalrusComponentLoginModule.java
  15. +28 −4 clc/modules/walrus/src/main/java/edu/ucsb/eucalyptus/cloud/ws/WalrusImageManager.java
  16. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/BukkitImageTest.java
  17. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/BukkitTest.java
  18. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/ImageCacheTest.java
  19. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/ObjectTest.java
  20. +105 −0 clc/modules/walrus/src/test/java/edu/ucsb/eucalyptus/cloud/ws/tests/WalrusAuthenticationTest.java
  21. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/WalrusBucketTests.java
  22. +570 −193 clc/modules/wsstack/src/main/java/com/eucalyptus/ws/handlers/WalrusAuthenticationHandler.java
  23. +1 −1 clc/modules/wsstack/src/main/java/com/eucalyptus/ws/handlers/WalrusRESTBinding.java
  24. +1 −1 clc/modules/www/src/main/java/com/eucalyptus/webui/server/ConfigurationWebBackend.java
  25. +72 −75 storage/vbr.c
  26. +264 −4 storage/walrus.c
  27. +2 −0 tools/disconnect_iscsitarget_main.pl
  28. +0 −2 tools/iscsitarget_common.pl
  29. +4 −1 util/Makefile
  30. +1 −0 util/config.c
  31. +1,245 −14 util/euca_auth.c
  32. +198 −0 util/euca_auth.h
  33. +1 −1 util/ipc.c
  34. +7 −9 util/misc.c
  35. +1 −1 util/sensor.c
View
@@ -27,6 +27,7 @@
<classpathentry kind="src" path="modules/storage-controller/src/main/java"/>
<classpathentry kind="src" path="modules/walrus/src/main/java"/>
<classpathentry kind="src" path="modules/walrus/conf/drbd"/>
+ <classpathentry kind="src" path="modules/walrus/src/test/java"/>
<classpathentry kind="src" path="modules/wsstack/src/main/java"/>
<classpathentry kind="src" path="modules/wsstack/conf/scripts"/>
<classpathentry kind="src" path="modules/www/src/main/java"/>
@@ -67,6 +67,7 @@
import java.util.NoSuchElementException;
import java.util.Set;
import java.util.concurrent.ExecutionException;
+import javax.persistence.EntityTransaction;
import org.apache.log4j.Logger;
import com.eucalyptus.auth.AuthException;
import com.eucalyptus.auth.principal.AccountFullName;
@@ -284,6 +285,9 @@ public DescribeVolumesResponseType DescribeVolumes( DescribeVolumesType request
}
};
Set<String> allowedVolumeIds = Entities.asTransaction( Volume.class, lookupVolumeIds ).apply( volumeIds );
+ final EntityTransaction db = Entities.get( VmInstance.class );
+ try {
+ final List<VmInstance> vms = Entities.query( VmInstance.create( ) );
final Function<String, Volume> lookupVolume = new Function<String, Volume>( ) {
@Override
@@ -297,7 +301,7 @@ public Volume apply( String input ) {
} else if ( RestrictedTypes.filterPrivileged( ).apply( foundVol ) ) {
AttachedVolume attachedVolume = null;
try {
- VmVolumeAttachment attachment = VmInstances.lookupVolumeAttachment( input );
+ VmVolumeAttachment attachment = VmInstances.lookupVolumeAttachment( input , vms );
attachedVolume = VmVolumeAttachment.asAttachedVolume( attachment.getVmInstance( ) ).apply( attachment );
} catch ( NoSuchElementException ex ) {
if ( State.BUSY.equals( foundVol.getState( ) ) ) {
@@ -334,7 +338,13 @@ public Volume apply( String input ) {
for ( final edu.ucsb.eucalyptus.msgs.Volume volume : reply.getVolumeSet() ) {
Tags.addFromTags( volume.getTagSet(), ResourceTag.class, tagsMap.get( volume.getVolumeId() ) );
}
-
+ db.commit( );
+ } catch (Exception ex) {
+ Logs.extreme( ).error( ex , ex );
+ throw ex;
+ } finally {
+ if ( db.isActive() ) db.rollback();
+ }
return reply;
}
@@ -876,13 +876,19 @@ public void updateNodeInfo( final ArrayList<String> serviceTags ) {
public void updateNodeInfo( final List<NodeType> nodeTags ) {
NodeInfo ret = null;
+ boolean hasServiceTag = false;
for ( final String serviceTag : this.nodeMap.keySet( ) ) {
for ( final NodeType node : nodeTags ) {
- if ( !node.getServiceTag( ).equals( serviceTag ) ) {
- this.nodeMap.remove( serviceTag );
+ if ( node.getServiceTag( ).equals( serviceTag ) ) {
+ hasServiceTag = true;
}
}
+ if( !hasServiceTag ) {
+ this.nodeMap.remove( serviceTag );
+ } else {
+ hasServiceTag = false;
+ }
}
for ( final NodeType node : nodeTags ) {
@@ -373,6 +373,28 @@ public static VmVolumeAttachment lookupVolumeAttachment( final String volumeId )
}
}
+ public static VmVolumeAttachment lookupVolumeAttachment( final String volumeId , final List<VmInstance> vms ) {
+ VmVolumeAttachment ret = null;
+ try {
+ for ( VmInstance vm : vms ) {
+ try {
+ ret = vm.lookupVolumeAttachment( volumeId );
+ if ( ret.getVmInstance( ) == null ) {
+ ret.setVmInstance( vm );
+ }
+ } catch ( NoSuchElementException ex ) {
+ continue;
+ }
+ }
+ if ( ret == null ) {
+ throw new NoSuchElementException( "VmVolumeAttachment: no volume attachment for " + volumeId );
+ }
+ return ret;
+ } catch ( Exception ex ) {
+ throw new NoSuchElementException( ex.getMessage( ) );
+ }
+ }
+
public static VmInstance lookupByPublicIp( final String ip ) throws NoSuchElementException {
final EntityTransaction db = Entities.get( VmInstance.class );
try {
@@ -65,14 +65,14 @@
public class WalrusWrappedComponentCredentials extends WrappedCredentials<String> {
private String queryId;
private String signature;
- private String certString;
+ private String certMD5Fingerprint;
public WalrusWrappedComponentCredentials(String correlationId, String data,
- String accessKeyId, String signature, String certString) {
+ String accessKeyId, String signature, String certFingerprint) {
super( correlationId, data );
this.queryId = accessKeyId;
this.signature = signature;
- this.certString = certString;
+ this.certMD5Fingerprint = certFingerprint;
}
public String getQueryId() {
@@ -83,7 +83,7 @@ public String getSignature() {
return this.signature;
}
- public String getCertString() {
- return certString;
+ public String getCertMD5Fingerprint() {
+ return this.certMD5Fingerprint;
}
}
@@ -63,6 +63,7 @@
package com.eucalyptus.auth.util;
import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import com.eucalyptus.crypto.util.B64;
@@ -102,4 +103,27 @@ public static String privateKeyToPem( PrivateKey pk ) {
}
}
+ public static String calcFingerprint(X509Certificate cert) {
+ try {
+ MessageDigest md = MessageDigest.getInstance("MD5");
+ byte[] der = cert.getEncoded();
+ md.update(der);
+ byte[] digest = md.digest();
+ return hexify(digest);
+ } catch(Exception e) {
+ return null;
+ }
+ }
+
+ public static String hexify (byte bytes[]) {
+ StringBuilder builder = new StringBuilder(bytes.length * 2);
+ for (byte b : bytes) {
+ builder.append(Integer.toHexString((b & 0xf0) >> 4));
+ builder.append(Integer.toHexString(b & 0x0f));
+ }
+
+ return builder.toString();
+ }
+
+
}
@@ -82,6 +82,7 @@
import org.hibernate.annotations.Entity;
import org.hibernate.annotations.Type;
import org.hibernate.type.StringClobType;
+import com.eucalyptus.auth.util.X509CertHelper;
import com.eucalyptus.bootstrap.SystemIds;
import com.eucalyptus.component.auth.SystemCredentials;
import com.eucalyptus.component.id.Eucalyptus;
@@ -161,7 +162,7 @@ public PrivateKey getNodePrivateKey( ) {
public PrivateKey getPrivateKey( ) {
return PEMFiles.toKeyPair( this.getPemPrivateKey( ) ).getPrivate( );
}
-
+
@PrePersist
void prepareKeyDirectory( ) {
File keyDir = SubDirectory.KEYS.getChildFile( this.name );
@@ -73,6 +73,8 @@
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.apache.log4j.Logger;
+
+import com.eucalyptus.auth.util.X509CertHelper;
import com.eucalyptus.bootstrap.Bootstrap;
import com.eucalyptus.bootstrap.Bootstrapper;
import com.eucalyptus.bootstrap.DependsLocal;
@@ -121,12 +123,14 @@
private final String name;
private final X509Certificate cert;
private final KeyPair keyPair;
+ private final String certFingerprint;
private Credentials( ComponentId componentId ) throws Exception {
this.componentId = componentId;
this.name = componentId.name( );
this.cert = loadCertificate( componentId );
this.keyPair = loadKeyPair( componentId );
+ this.certFingerprint = X509CertHelper.calcFingerprint(this.cert);
EventRecord.here( SystemCredentials.class, EventType.COMPONENT_INFO, "initialized", this.name, this.cert.getSubjectDN( ).toString( ) ).info( );
SystemCredentials.providers.put( this.name, this );
}
@@ -209,6 +213,10 @@ public KeyPair getKeyPair( ) {
return this.keyPair;
}
+ public String getCertFingerprint() {
+ return this.certFingerprint;
+ }
+
}
static boolean checkKeystore( ComponentId name ) throws Exception {
@@ -87,7 +87,7 @@
private final String uri;
private String servicePath;
private String query;
- private final Map<String, String> parameters;
+ private final Map<String, String> parameters; //Parameters are URLDecoded when populated
private final Set<String> nonQueryParameterKeys;
private final Map<String, String> formFields;
private String restNamespace;
@@ -289,14 +289,14 @@ private int losetup(String absoluteFileName, String loDevName) {
}
private String duplicateLogicalVolume(String oldLvName, String newLvName) throws EucalyptusCloudException {
- return SystemUtil.run(new String[]{StorageProperties.EUCA_ROOT_WRAPPER, "dd", "if=" + oldLvName, "of=" + newLvName, "bs=" + StorageProperties.blockSize});
+ return SystemUtil.run(new String[]{ StorageProperties.EUCA_ROOT_WRAPPER, "dd", "if=" + oldLvName, "of=" + newLvName, "bs=" + StorageProperties.blockSize});
}
private String createFile(String fileName, long size) throws EucalyptusCloudException {
if(!DirectStorageInfo.getStorageInfo().getZeroFillVolumes())
- return SystemUtil.run(new String[]{StorageProperties.EUCA_ROOT_WRAPPER, "dd", "if=/dev/zero", "of=" + fileName, "count=1", "bs=" + StorageProperties.blockSize, "seek=" + (size -1)});
+ return SystemUtil.run(new String[]{"dd", "if=/dev/zero", "of=" + fileName, "count=1", "bs=" + StorageProperties.blockSize, "seek=" + (size -1)});
else
- return SystemUtil.run(new String[]{StorageProperties.EUCA_ROOT_WRAPPER, "dd", "if=/dev/zero", "of=" + fileName, "count=" + size, "bs=" + StorageProperties.blockSize});
+ return SystemUtil.run(new String[]{"dd", "if=/dev/zero", "of=" + fileName, "count=" + size, "bs=" + StorageProperties.blockSize});
}
private String createEmptyFile(String fileName, int size) throws EucalyptusCloudException {
@@ -101,7 +101,8 @@ public HttpReader(String path, LinkedBlockingQueue<WalrusDataMessage> getQueue,
String httpVerb = "GET";
String addr = StorageProperties.WALRUS_URL + "/" + path;
- method = constructHttpMethod(httpVerb, addr, eucaOperation, eucaHeader);
+ method = constructHttpMethod(httpVerb, addr, eucaOperation, eucaHeader,true);
+ //signEucaInternal(method);
}
public HttpReader(String path, LinkedBlockingQueue<WalrusDataMessage> getQueue, File file, String eucaOperation, String eucaHeader, boolean compressed, String tempPath) {
Oops, something went wrong.

0 comments on commit 43d4bbc

Please sign in to comment.