Updated Branches: refs/heads/4.2 f3a2fc22b -> b2a077dff
CLOUDSTACK-3362: use POST instead of GET and encode/decode cert/key in uploadCustomCertificate Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/838cfa2b Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/838cfa2b Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/838cfa2b Branch: refs/heads/4.2 Commit: 838cfa2bb6dadf848cf4f3090ef0ce338d0443c2 Parents: f3a2fc2 Author: Wei Zhou <[email protected]> Authored: Thu Jul 11 16:06:21 2013 +0200 Committer: Wei Zhou <[email protected]> Committed: Fri Jul 12 10:43:38 2013 +0200 ---------------------------------------------------------------------- .../com/cloud/server/ManagementServerImpl.java | 24 ++++++++++++++++---- ui/scripts/ui-custom/physicalResources.js | 5 ++-- 2 files changed, 23 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/838cfa2b/server/src/com/cloud/server/ManagementServerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index a0b9daa..36b3879 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -16,7 +16,9 @@ // under the License. package com.cloud.server; +import java.io.UnsupportedEncodingException; import java.lang.reflect.Field; +import java.net.URLDecoder; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.ArrayList; @@ -3301,18 +3303,32 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe } } - if (cmd.getPrivateKey() != null && !_ksMgr.validateCertificate(cmd.getCertificate(), cmd.getPrivateKey(), cmd.getDomainSuffix())) { + String certificate = cmd.getCertificate(); + String key = cmd.getPrivateKey(); + try { + if (certificate != null) + certificate = URLDecoder.decode(certificate, "UTF-8"); + if (key != null) + key = URLDecoder.decode(key, "UTF-8"); + } catch (UnsupportedEncodingException e) { + } finally { + } + + if (cmd.getPrivateKey() != null && !_ksMgr.validateCertificate(certificate, key, cmd.getDomainSuffix())) { throw new InvalidParameterValueException("Failed to pass certificate validation check"); } if (cmd.getPrivateKey() != null) { - _ksMgr.saveCertificate(ConsoleProxyManager.CERTIFICATE_NAME, cmd.getCertificate(), cmd.getPrivateKey(), cmd.getDomainSuffix()); + _ksMgr.saveCertificate(ConsoleProxyManager.CERTIFICATE_NAME, certificate, key, cmd.getDomainSuffix()); } else { - _ksMgr.saveCertificate(cmd.getAlias(), cmd.getCertificate(), cmd.getCertIndex(), cmd.getDomainSuffix()); + _ksMgr.saveCertificate(cmd.getAlias(), certificate, cmd.getCertIndex(), cmd.getDomainSuffix()); } _consoleProxyMgr.setManagementState(ConsoleProxyManagementState.ResetSuspending); - return "Certificate has been updated, we will stop all running console proxy VMs to propagate the new certificate, please give a few minutes for console access service to be up again"; + List<SecondaryStorageVmVO> alreadyRunning = _secStorageVmDao.getSecStorageVmListInStates(null, State.Running, State.Migrating, State.Starting); + for (SecondaryStorageVmVO ssVmVm : alreadyRunning) + _secStorageVmMgr.rebootSecStorageVm(ssVmVm.getId()); + return "Certificate has been updated, we will stop all running console proxy VMs and secondary storage VMs to propagate the new certificate, please give a few minutes for console access service to be up again"; } @Override http://git-wip-us.apache.org/repos/asf/cloudstack/blob/838cfa2b/ui/scripts/ui-custom/physicalResources.js ---------------------------------------------------------------------- diff --git a/ui/scripts/ui-custom/physicalResources.js b/ui/scripts/ui-custom/physicalResources.js index 529adcf..5173172 100644 --- a/ui/scripts/ui-custom/physicalResources.js +++ b/ui/scripts/ui-custom/physicalResources.js @@ -80,10 +80,11 @@ var $loading = $('<div>').addClass('loading-overlay'); $('.system-dashboard-view:visible').prepend($loading); $.ajax({ + type: "POST", url: createURL('uploadCustomCertificate'), data: { - certificate: args.data.certificate, - privatekey: args.data.privatekey, + certificate: encodeURIComponent(args.data.certificate), + privatekey: encodeURIComponent(args.data.privatekey), domainsuffix: args.data.domainsuffix }, dataType: 'json',
