Permalink
Browse files

incremental commit

  • Loading branch information...
decker
decker committed Aug 14, 2009
1 parent 53fefd6 commit 8b53879bd852dee41b4ffde870c4473522aa5329
Showing with 494 additions and 706 deletions.
  1. +51 −53 clc/build.xml
  2. +6 −48 clc/modules/authentication/build.xml
  3. +97 −18 clc/modules/authentication/src/main/java/com/eucalyptus/auth/Credentials.java
  4. +0 −44 clc/modules/authentication/src/main/java/com/eucalyptus/auth/CredentialsBootstrapper.java
  5. +2 −0 clc/modules/authentication/src/main/java/com/eucalyptus/auth/util/EucaKeyStore.java
  6. +7 −4 clc/modules/bootstrap/eucalyptus-bootstrap.c
  7. +3 −1 clc/modules/bootstrap/eucalyptus-bootstrap.h
  8. +7 −48 clc/modules/cloud/build.xml
  9. +1 −15 clc/modules/cloud/src/main/java/com/eucalyptus/bootstrap/HttpServerBootstrapper.java
  10. +1 −15 clc/modules/cluster-manager/build.xml
  11. +4 −46 clc/modules/core/build.xml
  12. +1 −15 clc/modules/dns/build.xml
  13. +1 −0 clc/modules/dns/src/main/java/com/eucalyptus/bootstrap/DNSBootstrapper.java
  14. +0 −2 clc/modules/dns/src/main/resources/META-INF/eucalyptus-bootstrap.properties
  15. +3 −1 clc/modules/dns/src/main/resources/com.eucalyptus.CloudServiceProvider
  16. 0 clc/modules/dns/src/main/resources/{META-INF → }/dns-model.xml
  17. 0 clc/modules/dns/src/main/resources/{META-INF → }/dns-services.xml
  18. +1 −15 clc/modules/group-manager/build.xml
  19. +1 −15 clc/modules/image-manager/build.xml
  20. +1 −15 clc/modules/interface/build.xml
  21. +1 −15 clc/modules/key-manager/build.xml
  22. +101 −107 clc/modules/module-inc.xml
  23. +32 −75 clc/modules/msgs/build.xml
  24. +5 −11 clc/modules/msgs/src/main/java/com/eucalyptus/bootstrap/BootstrapFactory.java
  25. +9 −3 clc/modules/msgs/src/main/java/com/eucalyptus/bootstrap/Bootstrapper.java
  26. +68 −25 clc/modules/msgs/src/main/java/com/eucalyptus/bootstrap/Resource.java
  27. +10 −4 clc/modules/msgs/src/main/java/com/eucalyptus/bootstrap/ResourceProvider.java
  28. +63 −52 clc/modules/msgs/src/main/java/com/eucalyptus/bootstrap/SystemBootstrapper.java
  29. +1 −1 clc/modules/msgs/src/main/java/com/eucalyptus/util/EucaLayout.java
  30. +1 −1 clc/modules/msgs/src/main/java/com/eucalyptus/util/LogUtils.java
  31. +5 −17 clc/modules/storage-controller/build.xml
  32. +0 −2 clc/modules/storage-controller/src/main/resources/META-INF/eucalyptus-bootstrap.properties
  33. +3 −1 clc/modules/storage-controller/src/main/resources/com.eucalyptus.CloudServiceProvider
  34. 0 clc/modules/storage-controller/src/main/resources/{META-INF → }/storage-model.xml
  35. 0 clc/modules/storage-controller/src/main/resources/{META-INF → }/storage-services.xml
  36. +1 −16 clc/modules/walrus/build.xml
  37. +0 −2 clc/modules/walrus/src/main/resources/META-INF/eucalyptus-bootstrap.properties
  38. +3 −1 clc/modules/walrus/src/main/resources/com.eucalyptus.CloudServiceProvider
  39. 0 clc/modules/walrus/src/main/resources/{META-INF → }/walrus-model.xml
  40. 0 clc/modules/walrus/src/main/resources/{META-INF → }/walrus-services.xml
  41. +2 −16 clc/modules/wsstack/build.xml
  42. +2 −2 clc/modules/www/build.xml
View
@@ -33,91 +33,85 @@
-->
<project name="eucalyptus" basedir=".">
- <import file="modules/module-inc.xml"/>
- <import file="cloud.xml"/>
- <!--================================== other vars ==================================-->
- <loadfile srcfile="../VERSION" property="euca.version">
+ <property environment="localenv"/>
+ <property name="euca.home.0" value="${localenv.EUCALYPTUS}"/>
+ <condition property="euca.home" value="/opt/eucalyptus" else="${localenv.EUCALYPTUS}">
+ <contains string="${euca.home.0}" substring="localenv"/>
+ </condition>
+ <property name="project.basedir" value="${user.dir}"/>
+ <loadfile srcfile="${project.basedir}/../VERSION" property="euca.version">
<filterchain>
<filterreader classname="org.apache.tools.ant.filters.StripLineBreaks"/>
</filterchain>
</loadfile>
+ <!--================================== other vars ==================================-->
<property name="jvm.heap" value="256m"/>
<property name="deps.url" value="http://open.eucalyptus.com/dependencies/${euca.version}"/>
<property name="deps.dir" value="deps"/>
<property name="deps.lib.dir" value="lib"/>
<property name="deps.lib" value="cloud-lib"/>
- <property name="deps.deploy" value="cloud-deploy"/>
<!--================================== build targets ==================================-->
<target name="build-msgs">
- <ant dir="modules/msgs" inheritall="false"/>
- <ant dir="modules/cloud" inheritall="false"/>
- <ant dir="modules/authentication" inheritall="false"/>
+ <ant dir="modules/msgs" inheritall="false" target="builder"/>
+ <ant dir="modules/cloud" inheritall="false" target="builder"/>
+ <ant dir="modules/authentication" inheritall="false" target="builder"/>
</target>
<target name="build-core" depends="build-msgs">
- <ant dir="modules/core" inheritall="false"/>
- <ant dir="modules/wsstack" inheritall="false"/>
- </target>
- <target name="build-www" depends="build-eucalyptus-ws">
- <ant dir="modules/www" inheritall="false"/>
- </target>
- <target name="build-eucalyptus-ws" depends="build-core">
- <ant dir="modules/interface" inheritall="false"/>
- <ant dir="modules/cluster-manager" inheritall="false"/>
- <ant dir="modules/image-manager" inheritall="false"/>
- <ant dir="modules/group-manager" inheritall="false"/>
- <ant dir="modules/key-manager" inheritall="false"/>
- </target>
- <target name="build-walrus-ws" depends="build-core">
- <ant dir="modules/walrus" inheritall="false"/>
- </target>
- <target name="build-ebs-ws" depends="build-walrus-ws">
- <ant dir="modules/storage-controller" inheritall="false"/>
- </target>
- <target name="build-dns-ws" depends="build-core">
- <ant dir="modules/dns" inheritall="false"/>
- </target>
- <target name="build-nogwt" depends="build-core,build-eucalyptus-ws"/>
- <target name="build-eucalyptus" depends="build-core,build-www,build-eucalyptus-ws"/>
- <target name="build-walrus" depends="build-walrus-ws"/>
- <target name="build-ebs" depends="build-ebs-ws"/>
- <target name="build-dns" depends="build-dns-ws"/>
- <target name="build" depends="deps,build-eucalyptus,build-walrus,build-ebs,build-dns"/>
+ <ant dir="modules/core" inheritall="false" target="builder"/>
+ <ant dir="modules/wsstack" inheritall="false" target="builder"/>
+ </target>
+ <target name="build-eucalyptus" depends="build-core">
+ <ant dir="modules/interface" inheritall="false" target="builder"/>
+ <ant dir="modules/cluster-manager" inheritall="false" target="builder"/>
+ <ant dir="modules/image-manager" inheritall="false" target="builder"/>
+ <ant dir="modules/group-manager" inheritall="false" target="builder"/>
+ <ant dir="modules/key-manager" inheritall="false" target="builder"/>
+ </target>
+ <target name="build-walrus" depends="build-core">
+ <ant dir="modules/walrus" inheritall="false" target="builder"/>
+ </target>
+ <target name="build-ebs" depends="build-walrus">
+ <ant dir="modules/storage-controller" inheritall="false" target="builder"/>
+ </target>
+ <target name="build-dns" depends="build-core">
+ <ant dir="modules/dns" inheritall="false" target="builder"/>
+ </target>
+ <target name="build-www">
+ <ant dir="modules/www" inheritall="false" target="builder"/>
+ </target>
+ <target name="build-nogwt" depends="build-eucalyptus,build-walrus,build-ebs,build-dns"/>
+ <target name="build" depends="deps,build-nogwt,build-www"/>
<!--================================== clean targets ==================================-->
<target name="clean-msgs">
<ant dir="modules/msgs" inheritall="false" target="clean"/>
<ant dir="modules/cloud" inheritall="false" target="clean"/>
- <ant dir="modules/authentication" inheritall="false" target="clean" />
+ <ant dir="modules/authentication" inheritall="false" target="clean"/>
</target>
<target name="clean-core" depends="clean-msgs">
- <ant dir="modules/core" inheritall="false" target="clean" />
+ <ant dir="modules/core" inheritall="false" target="clean"/>
<ant dir="modules/wsstack" inheritall="false" target="clean"/>
</target>
- <target name="clean-www" depends="clean-eucalyptus-ws">
- <ant dir="modules/www" inheritall="false" target="clean"/>
- </target>
- <target name="clean-eucalyptus-ws" depends="clean-core">
+ <target name="clean-eucalyptus" depends="clean-core">
<ant dir="modules/interface" inheritall="false" target="clean"/>
<ant dir="modules/cluster-manager" inheritall="false" target="clean"/>
<ant dir="modules/image-manager" inheritall="false" target="clean"/>
<ant dir="modules/group-manager" inheritall="false" target="clean"/>
<ant dir="modules/key-manager" inheritall="false" target="clean"/>
</target>
- <target name="clean-walrus-ws" depends="clean-core">
+ <target name="clean-walrus" depends="clean-core">
<ant dir="modules/walrus" inheritall="false" target="clean"/>
</target>
- <target name="clean-ebs-ws" depends="clean-core">
+ <target name="clean-ebs" depends="clean-walrus">
<ant dir="modules/storage-controller" inheritall="false" target="clean"/>
- <ant dir="modules/storage-controller" inheritall="false" target="clean-jni"/>
</target>
- <target name="clean-dns-ws" depends="clean-core">
+ <target name="clean-dns" depends="clean-core">
<ant dir="modules/dns" inheritall="false" target="clean"/>
</target>
- <target name="clean-eucalyptus" depends="clean-core,clean-www,clean-eucalyptus-ws"/>
- <target name="clean-walrus" depends="clean-walrus-ws"/>
- <target name="clean-ebs" depends="clean-ebs-ws"/>
- <target name="clean-dns" depends="clean-dns-ws"/>
- <target name="clean-nogwt" depends="clean-core,clean-www,clean-eucalyptus-ws,clean-walrus,clean-ebs,clean-dns"/>
- <target name="clean" depends="clean-eucalyptus,clean-walrus,clean-ebs,clean-dns">
+ <target name="clean-www">
+ <ant dir="modules/www" inheritall="false" target="clean" />
+ </target>
+ <target name="clean-nogwt" depends="clean-eucalyptus,clean-walrus,clean-ebs,clean-dns"/>
+ <target name="clean" depends="clean-nogwt,clean-www">
<delete dir="${target.dir}"/>
</target>
<target name="distclean" depends="clean">
@@ -129,6 +123,10 @@
<target name="install" depends="build">
<ant dir="modules/www" inheritall="false" target="install"/>
</target>
+ <property name="euca.conf.dir" value="${euca.home}/etc/eucalyptus/cloud.d"/>
+ <property name="euca.lib.dir" value="${euca.home}/usr/share/eucalyptus"/>
+ <property name="euca.var.dir" value="${euca.home}/var/lib/eucalyptus"/>
+ <property name="euca.log.dir" value="${euca.home}/var/log/eucalyptus"/>
<target name="install-nogwt" depends="build-nogwt">
<!-- copy libraries over -->
<mkdir dir="${euca.lib.dir}"/>
@@ -171,7 +169,7 @@
<condition property="needDownload">
<and>
<not>
- <available file="${deps.lib.dir}/jibx-run*.jar"/>
+ <available file="${deps.lib.dir}/bcprov.jar"/>
</not>
<and>
<not>
@@ -1,50 +1,8 @@
-<!--
- ~ Software License Agreement (BSD License)
- ~
- ~ Copyright (c) 2008, Regents of the University of California
- ~ All rights reserved.
- ~
- ~ Redistribution and use of this software in source and binary forms, with or
- ~ without modification, are permitted provided that the following conditions
- ~ are met:
- ~
- ~ * Redistributions of source code must retain the above
- ~ copyright notice, this list of conditions and the
- ~ following disclaimer.
- ~
- ~ * Redistributions in binary form must reproduce the above
- ~ copyright notice, this list of conditions and the
- ~ following disclaimer in the documentation and/or other
- ~ materials provided with the distribution.
- ~
- ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- ~ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- ~ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- ~ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- ~ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- ~ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- ~ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- ~ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- ~ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ~ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- ~ POSSIBILITY OF SUCH DAMAGE.
- ~
- ~ Author: Chris Grzegorczyk grze@cs.ucsb.edu
- -->
-
-<project name="eucalyptus-auth" basedir="." default="build">
- <import file="../module-inc.xml"/>
- <!--================================== BUILD TARGETS ==================================-->
- <target name="build" depends="init,compile-src,jar" description="--> build the jar file from source."/>
- <uptodate property="groovyc.notRequired" targetfile="${jar.file}">
- <srcfiles dir="${src.dir}" includes="**/*"/>
- </uptodate>
- <target name="install" depends="build,jar,copy-conf"/>
- <target name="compile-src" unless="groovyc.notRequired">
- <taskdef name="groovyc" classname="org.codehaus.groovy.ant.Groovyc" classpathref="classpath"/>
- <groovyc srcdir="${src.dir}" classpathref="classpath" sourcepathref="srcpath" destdir="${build.dir}" verbose="true" listfiles="true">
- <javac target="1.5"/>
- </groovyc>
- </target>
+<project name="eucalyptus-auth" basedir=".">
+ <property name="builder.suffix" value="groovy" />
+ <uptodate property="groovyc.notRequired" targetfile="${jar.file}">
+ <srcfiles dir="${src.dir}" includes="**/*" />
+ </uptodate>
+ <import file="../module-inc.xml"/>
</project>
@@ -1,12 +1,13 @@
package com.eucalyptus.auth;
-import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.List;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
import org.apache.log4j.Logger;
import org.apache.ws.security.WSSConfig;
@@ -17,9 +18,12 @@
import org.hibernate.criterion.Example;
import org.hibernate.criterion.MatchMode;
-import com.eucalyptus.auth.util.AbstractKeyStore;
import com.eucalyptus.auth.util.EucaKeyStore;
import com.eucalyptus.auth.util.KeyTool;
+import com.eucalyptus.bootstrap.Bootstrapper;
+import com.eucalyptus.bootstrap.Depends;
+import com.eucalyptus.bootstrap.Provides;
+import com.eucalyptus.bootstrap.Resource;
import com.eucalyptus.util.EntityWrapper;
import com.eucalyptus.util.EucalyptusCloudException;
import com.eucalyptus.util.EucalyptusProperties;
@@ -114,7 +118,9 @@ public static User addUser( String userName, Boolean isAdmin ) throws UserExists
return new EntityWrapper<T>( Credentials.DB_NAME );
}
- public static class Users {
+ @Provides(resource=Resource.UserCredentials)
+ @Depends(resources={Resource.Database})
+ public static class Users extends Bootstrapper {
public static boolean hasCertificate( final String alias ) {
X509Cert certInfo = null;
EntityWrapper<X509Cert> db = getEntityWrapper( );
@@ -262,25 +268,98 @@ public static void addCertificate( final String userName, final String alias, fi
}
return certAliases;
}
+
+ @Override
+ public boolean load( ) throws Exception {
+ return true;//TODO: check the DB connection here.
+ }
+
+ @Override
+ public boolean start( ) throws Exception {
+ return Credentials.checkAdmin( );
+ }
}
- protected static void createSystemKeys( ) throws IOException, GeneralSecurityException {
- AbstractKeyStore eucaKeyStore = EucaKeyStore.getInstance( );
- KeyTool keyTool = new KeyTool( );
- try {
- KeyPair sysKp = keyTool.getKeyPair( );
- X509Certificate sysX509 = keyTool.getCertificate( sysKp, EucalyptusProperties.getDName( EucalyptusProperties.NAME ) );
- KeyPair wwwKp = keyTool.getKeyPair( );
- X509Certificate wwwX509 = keyTool.getCertificate( wwwKp, EucalyptusProperties.getDName( EucalyptusProperties.WWW_NAME ) );
- eucaKeyStore.addKeyPair( EucalyptusProperties.NAME, sysX509, sysKp.getPrivate( ), EucalyptusProperties.NAME );
- eucaKeyStore.addKeyPair( EucalyptusProperties.WWW_NAME, wwwX509, wwwKp.getPrivate( ), EucalyptusProperties.NAME );
- eucaKeyStore.store( );
- } catch ( Exception e ) {
- EucaKeyStore.getInstance( ).remove( );
+ @Provides(resource=Resource.SystemCredentials)
+ public static class System extends Bootstrapper {
+ private static System singleton = new System();
+ private ConcurrentMap<CertAlias,X509Certificate> certs = new ConcurrentHashMap<CertAlias, X509Certificate>( );
+ private ConcurrentMap<CertAlias,KeyPair> keypairs = new ConcurrentHashMap<CertAlias, KeyPair>( );
+
+ private enum CertAlias {
+ eucalyptus, walrus, jetty, hsqldb;
+ public X509Certificate getCertificate() {
+ return System.singleton.certs.get( this );
+ }
+ public PrivateKey getPrivateKey() {
+ return System.singleton.keypairs.get( this ).getPrivate( );
+ }
+ public KeyPair getKeyPair() {
+ return System.singleton.keypairs.get( this );
+ }
+ private void init() throws Exception {
+ if(EucaKeyStore.getInstance( ).containsEntry( this.name( ) )) {
+ try {
+ System.singleton.certs.put( this, EucaKeyStore.getInstance( ).getCertificate( this.name( ) ) );
+ System.singleton.keypairs.put( this, EucaKeyStore.getInstance( ).getKeyPair( this.name( ),this.name( ) ) );
+ } catch ( Exception e ) {
+ System.singleton.certs.remove( this );
+ System.singleton.keypairs.remove( this );
+ LOG.fatal( "Failed to read keys from the keystore. Please repair the keystore by hand." );
+ LOG.fatal( e, e );
+ }
+ } else {
+ System.singleton.createSystemKey( this );
+ }
+ }
+ public boolean check() {
+ return (System.singleton.keypairs.containsKey( this ) && System.singleton.certs.containsKey( this ))&&EucaKeyStore.getInstance( ).containsEntry( this.name( ) );
+ }
+ }
+ private System( ) {}
+ private void loadSystemKey( String name ) throws Exception {
+ CertAlias alias = CertAlias.valueOf( name );
+ if( this.certs.containsKey( alias ) ) {
+ return;
+ } else {
+ createSystemKey( alias );
+ }
+ }
+ private void createSystemKey( CertAlias name ) throws Exception {
+ KeyTool keyTool = new KeyTool( );
+ try {
+ KeyPair sysKp = keyTool.getKeyPair( );
+ X509Certificate sysX509 = keyTool.getCertificate( sysKp, EucalyptusProperties.getDName( name.name( ) ) );
+ System.singleton.certs.put( name, sysX509 );
+ System.singleton.keypairs.put( name, sysKp );
+ //TODO: might need separate keystore for euca/hsqldb/ssl/jetty/etc.
+ EucaKeyStore.getInstance( ).addKeyPair( name.name( ), sysX509, sysKp.getPrivate( ), name.name( ));
+ EucaKeyStore.getInstance( ).store( );
+ } catch ( Exception e ) {
+ System.singleton.certs.remove( name );
+ System.singleton.keypairs.remove( name );
+ EucaKeyStore.getInstance( ).remove( );
+ throw e;
+ }
}
- if( !eucaKeyStore.check( ) ) {
- throw new GeneralSecurityException( "Created new keystore, but check still fails. eeek." );
+ @Override
+ public boolean load( ) throws Exception {
+ Credentials.init( );
+ for( CertAlias c : CertAlias.values( ) ) {
+ try {
+ if(!c.check( )) c.init( );
+ } catch ( Exception e ) {
+ LOG.error( e );
+ return false;
+ }
+ }
+ return true;
+ }
+ @Override
+ public boolean start( ) throws Exception {
+ return true;
}
}
+
}
Oops, something went wrong.

0 comments on commit 8b53879

Please sign in to comment.