Permalink
Browse files

Merge branch 'maint/3.2/master' into maint/3.2/testing

  • Loading branch information...
2 parents a15631d + 2e6b106 commit d186b3d2939bcb487efc7eab5cf51172a89e8109 @mspaulding06 mspaulding06 committed Feb 28, 2013
Showing with 2,554 additions and 290 deletions.
  1. +1 −0 clc/.classpath
  2. +5 −5 clc/modules/msgs/src/main/java/com/eucalyptus/auth/login/WalrusWrappedComponentCredentials.java
  3. +24 −0 clc/modules/msgs/src/main/java/com/eucalyptus/auth/util/X509CertHelper.java
  4. +2 −1 clc/modules/msgs/src/main/java/com/eucalyptus/component/Partition.java
  5. +8 −0 clc/modules/msgs/src/main/java/com/eucalyptus/component/auth/SystemCredentials.java
  6. +1 −1 clc/modules/msgs/src/main/java/com/eucalyptus/http/MappingHttpRequest.java
  7. +2 −1 clc/modules/storage-controller/src/main/java/edu/ucsb/eucalyptus/cloud/ws/HttpReader.java
  8. +203 −18 clc/modules/storage-controller/src/main/java/edu/ucsb/eucalyptus/cloud/ws/HttpTransfer.java
  9. +22 −5 clc/modules/storage-controller/src/main/java/edu/ucsb/eucalyptus/cloud/ws/HttpWriter.java
  10. +42 −36 clc/modules/walrus/src/main/java/com/eucalyptus/auth/login/WalrusComponentLoginModule.java
  11. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/BukkitImageTest.java
  12. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/BukkitTest.java
  13. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/ImageCacheTest.java
  14. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/ObjectTest.java
  15. +105 −0 clc/modules/walrus/src/test/java/edu/ucsb/eucalyptus/cloud/ws/tests/WalrusAuthenticationTest.java
  16. 0 clc/modules/walrus/src/{main → test}/java/edu/ucsb/eucalyptus/cloud/ws/tests/WalrusBucketTests.java
  17. +570 −193 clc/modules/wsstack/src/main/java/com/eucalyptus/ws/handlers/WalrusAuthenticationHandler.java
  18. +1 −1 clc/modules/wsstack/src/main/java/com/eucalyptus/ws/handlers/WalrusRESTBinding.java
  19. +74 −0 cluster/cc-client-policy.xml
  20. +74 −0 node/nc-client-policy.xml
  21. +248 −7 storage/walrus.c
  22. +3 −0 util/Makefile
  23. +990 −15 util/euca_auth.c
  24. +179 −7 util/euca_auth.h
View
@@ -27,6 +27,7 @@
<classpathentry kind="src" path="modules/storage-controller/src/main/java"/>
<classpathentry kind="src" path="modules/walrus/src/main/java"/>
<classpathentry kind="src" path="modules/walrus/conf/drbd"/>
+ <classpathentry kind="src" path="modules/walrus/src/test/java"/>
<classpathentry kind="src" path="modules/wsstack/src/main/java"/>
<classpathentry kind="src" path="modules/wsstack/conf/scripts"/>
<classpathentry kind="src" path="modules/www/src/main/java"/>
@@ -65,14 +65,14 @@
public class WalrusWrappedComponentCredentials extends WrappedCredentials<String> {
private String queryId;
private String signature;
- private String certString;
+ private String certMD5Fingerprint;
public WalrusWrappedComponentCredentials(String correlationId, String data,
- String accessKeyId, String signature, String certString) {
+ String accessKeyId, String signature, String certFingerprint) {
super( correlationId, data );
this.queryId = accessKeyId;
this.signature = signature;
- this.certString = certString;
+ this.certMD5Fingerprint = certFingerprint;
}
public String getQueryId() {
@@ -83,7 +83,7 @@ public String getSignature() {
return this.signature;
}
- public String getCertString() {
- return certString;
+ public String getCertMD5Fingerprint() {
+ return this.certMD5Fingerprint;
}
}
@@ -63,6 +63,7 @@
package com.eucalyptus.auth.util;
import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import com.eucalyptus.crypto.util.B64;
@@ -102,4 +103,27 @@ public static String privateKeyToPem( PrivateKey pk ) {
}
}
+ public static String calcFingerprint(X509Certificate cert) {
+ try {
+ MessageDigest md = MessageDigest.getInstance("MD5");
+ byte[] der = cert.getEncoded();
+ md.update(der);
+ byte[] digest = md.digest();
+ return hexify(digest);
+ } catch(Exception e) {
+ return null;
+ }
+ }
+
+ public static String hexify (byte bytes[]) {
+ StringBuilder builder = new StringBuilder(bytes.length * 2);
+ for (byte b : bytes) {
+ builder.append(Integer.toHexString((b & 0xf0) >> 4));
+ builder.append(Integer.toHexString(b & 0x0f));
+ }
+
+ return builder.toString();
+ }
+
+
}
@@ -82,6 +82,7 @@
import org.hibernate.annotations.Entity;
import org.hibernate.annotations.Type;
import org.hibernate.type.StringClobType;
+import com.eucalyptus.auth.util.X509CertHelper;
import com.eucalyptus.bootstrap.SystemIds;
import com.eucalyptus.component.auth.SystemCredentials;
import com.eucalyptus.component.id.Eucalyptus;
@@ -161,7 +162,7 @@ public PrivateKey getNodePrivateKey( ) {
public PrivateKey getPrivateKey( ) {
return PEMFiles.toKeyPair( this.getPemPrivateKey( ) ).getPrivate( );
}
-
+
@PrePersist
void prepareKeyDirectory( ) {
File keyDir = SubDirectory.KEYS.getChildFile( this.name );
@@ -71,6 +71,8 @@
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.apache.log4j.Logger;
+
+import com.eucalyptus.auth.util.X509CertHelper;
import com.eucalyptus.bootstrap.Bootstrap;
import com.eucalyptus.bootstrap.Bootstrapper;
import com.eucalyptus.bootstrap.DependsLocal;
@@ -118,12 +120,14 @@
private final String name;
private final X509Certificate cert;
private final KeyPair keyPair;
+ private final String certFingerprint;
private Credentials( ComponentId componentId ) throws Exception {
this.componentId = componentId;
this.name = componentId.name( );
this.cert = loadCertificate( componentId );
this.keyPair = loadKeyPair( componentId );
+ this.certFingerprint = X509CertHelper.calcFingerprint(this.cert);
EventRecord.here( SystemCredentials.class, EventType.COMPONENT_INFO, "initialized", this.name, this.cert.getSubjectDN( ).toString( ) ).info( );
SystemCredentials.providers.put( this.name, this );
}
@@ -206,6 +210,10 @@ public KeyPair getKeyPair( ) {
return this.keyPair;
}
+ public String getCertFingerprint() {
+ return this.certFingerprint;
+ }
+
}
static boolean checkKeystore( ComponentId name ) throws Exception {
@@ -85,7 +85,7 @@
private final String uri;
private String servicePath;
private String query;
- private final Map<String, String> parameters;
+ private final Map<String, String> parameters; //Parameters are URLDecoded when populated
private String restNamespace;
private final Map formFields;
@@ -101,7 +101,8 @@ public HttpReader(String path, LinkedBlockingQueue<WalrusDataMessage> getQueue,
String httpVerb = "GET";
String addr = StorageProperties.WALRUS_URL + "/" + path;
- method = constructHttpMethod(httpVerb, addr, eucaOperation, eucaHeader);
+ method = constructHttpMethod(httpVerb, addr, eucaOperation, eucaHeader,true);
+ //signEucaInternal(method);
}
public HttpReader(String path, LinkedBlockingQueue<WalrusDataMessage> getQueue, File file, String eucaOperation, String eucaHeader, boolean compressed, String tempPath) {
Oops, something went wrong.

0 comments on commit d186b3d

Please sign in to comment.