Skip to content

Commit 57c4841

Browse files
author
Sheng Yang
committed
CLOUDSTACK-7814: Fix default passphrase for keystores
In upgrade case, the db.properties file is not changed, but the following commit would require passphrase for keystore in it, thus result in error(NPE in fact due to there is no such properity). commit 918c320 Author: Upendra Moturi <upendra.moturi@sungard.com> Date: Fri Jun 20 11:41:58 2014 +0530 CLOUDSTACK-6847.Link.java and console proxy files have hardcoded value This commit fix it by put default value for passphrases, also set correct passphrase if fail-safe keystore is used.
1 parent 4d06eef commit 57c4841

2 files changed

Lines changed: 22 additions & 19 deletions

File tree

services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -16,27 +16,24 @@
1616
// under the License.
1717
package com.cloud.consoleproxy;
1818

19-
import java.io.ByteArrayInputStream;
20-
import java.io.FileInputStream;
21-
import java.io.IOException;
22-
import java.net.InetSocketAddress;
23-
import java.security.KeyStore;
24-
import java.util.Properties;
19+
import com.cloud.utils.db.DbProperties;
20+
import com.sun.net.httpserver.HttpServer;
21+
import com.sun.net.httpserver.HttpsConfigurator;
22+
import com.sun.net.httpserver.HttpsParameters;
23+
import com.sun.net.httpserver.HttpsServer;
24+
import org.apache.log4j.Logger;
2525

2626
import javax.net.ssl.KeyManagerFactory;
2727
import javax.net.ssl.SSLContext;
2828
import javax.net.ssl.SSLParameters;
2929
import javax.net.ssl.SSLServerSocket;
3030
import javax.net.ssl.SSLServerSocketFactory;
3131
import javax.net.ssl.TrustManagerFactory;
32-
33-
import org.apache.log4j.Logger;
34-
35-
import com.cloud.utils.db.DbProperties;
36-
import com.sun.net.httpserver.HttpServer;
37-
import com.sun.net.httpserver.HttpsConfigurator;
38-
import com.sun.net.httpserver.HttpsParameters;
39-
import com.sun.net.httpserver.HttpsServer;
32+
import java.io.ByteArrayInputStream;
33+
import java.io.FileInputStream;
34+
import java.io.IOException;
35+
import java.net.InetSocketAddress;
36+
import java.security.KeyStore;
4037

4138
public class ConsoleProxySecureServerFactoryImpl implements ConsoleProxyServerFactory {
4239
private static final Logger s_logger = Logger.getLogger(ConsoleProxySecureServerFactoryImpl.class);
@@ -54,8 +51,11 @@ public void init(byte[] ksBits, String ksPassword) {
5451
try {
5552
s_logger.info("Initializing SSL from built-in default certificate");
5653

57-
final Properties dbProps = DbProperties.getDbProperties();
58-
char[] passphrase = dbProps.getProperty("db.cloud.keyStorePassphrase").toCharArray();
54+
final String pass = DbProperties.getDbProperties().getProperty("db.cloud.keyStorePassphrase");
55+
char[] passphrase = "vmops.com".toCharArray();
56+
if (pass != null) {
57+
passphrase = pass.toCharArray();
58+
}
5959
KeyStore ks = KeyStore.getInstance("JKS");
6060

6161
ks.load(new FileInputStream("certs/realhostip.keystore"), passphrase);

utils/src/com/cloud/utils/nio/Link.java

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,6 @@
3333
import java.nio.channels.SocketChannel;
3434
import java.security.GeneralSecurityException;
3535
import java.security.KeyStore;
36-
import java.util.Properties;
3736
import java.util.concurrent.ConcurrentLinkedQueue;
3837

3938
import javax.net.ssl.KeyManagerFactory;
@@ -418,15 +417,19 @@ public static SSLContext initSSLContext(boolean isClient) throws GeneralSecurity
418417

419418
File confFile = PropertiesUtil.findConfigFile("db.properties");
420419
if (null != confFile && !isClient) {
421-
final Properties dbProps = DbProperties.getDbProperties();
422-
char[] passphrase = dbProps.getProperty("db.cloud.keyStorePassphrase").toCharArray();
420+
final String pass = DbProperties.getDbProperties().getProperty("db.cloud.keyStorePassphrase");
421+
char[] passphrase = "vmops.com".toCharArray();
422+
if (pass != null) {
423+
passphrase = pass.toCharArray();
424+
}
423425
String confPath = confFile.getParent();
424426
String keystorePath = confPath + keystoreFile;
425427
if (new File(keystorePath).exists()) {
426428
stream = new FileInputStream(keystorePath);
427429
} else {
428430
s_logger.warn("SSL: Fail to find the generated keystore. Loading fail-safe one to continue.");
429431
stream = NioConnection.class.getResourceAsStream("/cloud.keystore");
432+
passphrase = "vmops.com".toCharArray();
430433
}
431434
ks.load(stream, passphrase);
432435
stream.close();

0 commit comments

Comments
 (0)