[2/2] git commit: S2S VPN: CS-15882: Only allow VPN connection between same account's gateways

Tue, 07 Aug 2012 16:32:54 -0700 

S2S VPN: CS-15882: Only allow VPN connection between same account's gateways


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/5e0eb93f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/5e0eb93f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/5e0eb93f

Branch: refs/heads/vpc
Commit: 5e0eb93fe6add77c89e0a4cb0348131c2cbe5963
Parents: b5e1c53
Author: Sheng Yang <[email protected]>
Authored: Tue Aug 7 13:42:54 2012 -0700
Committer: Sheng Yang <[email protected]>
Committed: Tue Aug 7 16:27:04 2012 -0700

----------------------------------------------------------------------
 .../cloud/network/vpn/Site2SiteVpnManagerImpl.java |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/5e0eb93f/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java 
b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
index 8331428..73a73e4 100644
--- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
@@ -216,6 +216,10 @@ public class Site2SiteVpnManagerImpl implements 
Site2SiteVpnManager, Manager {
         }
         _accountMgr.checkAccess(caller, null, false, vpnGateway);
         
+        if (customerGateway.getAccountId() != vpnGateway.getAccountId() || 
customerGateway.getDomainId() != vpnGateway.getDomainId()) {
+            throw new InvalidParameterValueException("VPN connection can only 
be esitablished between same account's VPN gateway and customer gateway!");
+        }
+
         if 
(_vpnConnectionDao.findByVpnGatewayIdAndCustomerGatewayId(vpnGatewayId, 
customerGatewayId) != null) {
             throw new InvalidParameterValueException("The vpn connection with 
customer gateway id " + customerGatewayId + " or vpn gateway id " 
                     + vpnGatewayId + " already existed!");

Reply via email to