[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16314801#comment-16314801
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


rhtyd closed pull request #2386: CLOUDSTACK-9632: Upgrade bountycastle to v1.59
URL: https://github.com/apache/cloudstack/pull/2386
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/pom.xml b/pom.xml
index bc76817c0d8..24060499e06 100644
--- a/pom.xml
+++ b/pom.xml
@@ -61,7 +61,7 @@
 4.12
 1.3
 1.13.1
-1.58
+1.59
 0.1.54
 2.2.0
 1.9.2


 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16314800#comment-16314800
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


rhtyd commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355765998
 
 
   The failure `AssertionError: Failed to SSH into VM - 10.1.35.30` was due to 
env issues not related to bountycastle change, I'll investigate them separately.
   Merging this based on two code reviews and test results.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16314802#comment-16314802
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit 1ade09575e1f1457c8a0e54c722fadc158635af6 in cloudstack's branch 
refs/heads/master from [~bhaisaab]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=1ade095 ]

CLOUDSTACK-9632: Upgrade bountycastle to v1.59 (#2386)

Upgrades bountycastle to v1.59.

Signed-off-by: Rohit Yadav 

> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16314799#comment-16314799
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


blueorangutan commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle 
to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355765416
 
 
   Trillian test result (tid-2038)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 30122 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2386-t2038-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Smoke tests completed. 66 look OK, 1 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_05_rvpc_multi_tiers | `Failure` | 364.84 | test_vpc_redundant.py
   test_05_rvpc_multi_tiers | `Error` | 410.97 | test_vpc_redundant.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16314485#comment-16314485
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


blueorangutan commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle 
to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355736574
 
 
   @DaanHoogland a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has 
been kicked to run smoke tests


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16314484#comment-16314484
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


DaanHoogland commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle to 
v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355736538
 
 
   don't think the failures are relevant, restarting tests
   @blueorangutan test


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16313930#comment-16313930
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


blueorangutan commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle 
to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355670621
 
 
   Trillian test result (tid-2029)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 36392 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2386-t2029-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_accounts.py
   Intermitten failure detected: /marvin/tests/smoke/test_volumes.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Smoke tests completed. 65 look OK, 2 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_07_resize_fail | `Failure` | 15.33 | test_volumes.py
   test_05_rvpc_multi_tiers | `Failure` | 387.56 | test_vpc_redundant.py
   test_05_rvpc_multi_tiers | `Error` | 438.44 | test_vpc_redundant.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16312979#comment-16312979
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


blueorangutan commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle 
to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355533041
 
 
   @rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been 
kicked to run smoke tests


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16312978#comment-16312978
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


rhtyd commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355532869
 
 
   @blueorangutan test


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16312972#comment-16312972
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


blueorangutan commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle 
to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355531471
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1595


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16312929#comment-16312929
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


rhtyd opened a new pull request #2386: CLOUDSTACK-9632: Upgrade bountycastle to 
v1.59
URL: https://github.com/apache/cloudstack/pull/2386
 
 
   This upgrades bountycastle dependency to latest v1.59.
   Pinging for review @DaanHoogland @borisstoyanov @rafaelweingartner 
@marcaurele @wido  and others
   @blueorangutan package


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2018-01-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16312933#comment-16312933
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


blueorangutan commented on issue #2386: CLOUDSTACK-9632: Upgrade bountycastle 
to v1.59
URL: https://github.com/apache/cloudstack/pull/2386#issuecomment-355526440
 
 
   @rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted 
as I make progress.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.1.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-07 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15729522#comment-15729522
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user asfgit closed the pull request at:

https://github.com/apache/cloudstack/pull/1799


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726555#comment-15726555
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit abfcd5b95f90fde7b8ae07f4673fb84e1d9f1520 in cloudstack's branch 
refs/heads/master from [~rohit.ya...@shapeblue.com]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=abfcd5b ]

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Fixes servlet issue, uses servlet 3.1.0
- Downgrade javassist used by reflections to fix annotation process errors
- Make console-proxy-rdp bc dependency same as rest of the codebase
- Picks up PR #1510 by Daan

Signed-off-by: Rohit Yadav 


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726557#comment-15726557
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit decb2e4d2d8b35dbe4566a32f66b4d3a19871364 in cloudstack's branch 
refs/heads/master from [~rohit.ya...@shapeblue.com]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=decb2e4 ]

Merge pull request #1799 from shapeblue/bcprov-upgrade

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55- Upgrades Maven 
dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

* pr/1799:
  CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

Signed-off-by: Rohit Yadav 


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726562#comment-15726562
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit decb2e4d2d8b35dbe4566a32f66b4d3a19871364 in cloudstack's branch 
refs/heads/4.9 from [~rohit.ya...@shapeblue.com]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=decb2e4 ]

Merge pull request #1799 from shapeblue/bcprov-upgrade

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55- Upgrades Maven 
dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

* pr/1799:
  CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

Signed-off-by: Rohit Yadav 


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726556#comment-15726556
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit decb2e4d2d8b35dbe4566a32f66b4d3a19871364 in cloudstack's branch 
refs/heads/master from [~rohit.ya...@shapeblue.com]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=decb2e4 ]

Merge pull request #1799 from shapeblue/bcprov-upgrade

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55- Upgrades Maven 
dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

* pr/1799:
  CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

Signed-off-by: Rohit Yadav 


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726563#comment-15726563
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit decb2e4d2d8b35dbe4566a32f66b4d3a19871364 in cloudstack's branch 
refs/heads/4.9 from [~rohit.ya...@shapeblue.com]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=decb2e4 ]

Merge pull request #1799 from shapeblue/bcprov-upgrade

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55- Upgrades Maven 
dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

* pr/1799:
  CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

Signed-off-by: Rohit Yadav 


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726561#comment-15726561
 ] 

ASF subversion and git services commented on CLOUDSTACK-9632:
-

Commit abfcd5b95f90fde7b8ae07f4673fb84e1d9f1520 in cloudstack's branch 
refs/heads/4.9 from [~rohit.ya...@shapeblue.com]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=abfcd5b ]

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Fixes servlet issue, uses servlet 3.1.0
- Downgrade javassist used by reflections to fix annotation process errors
- Make console-proxy-rdp bc dependency same as rest of the codebase
- Picks up PR #1510 by Daan

Signed-off-by: Rohit Yadav 


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726551#comment-15726551
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
We've enough code review, and test results. Test LGTM, some failures with 
vpc/rvr are known intermittent failures. The Travis failure is caused by 
`component/test_volumes`, which I found is failing for last two days and will 
be fixed separately. With this I'll proceed with merging this.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726538#comment-15726538
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Trillian test result (tid-596)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 25569 seconds
Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr1799-t596-kvm-centos7.zip
Test completed. 46 look ok, 2 have error(s)


Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Failure` | 393.75 
| test_vpc_redundant.py
test_10_attachAndDetach_iso | `Failure` | 683.93 | test_vm_life_cycle.py
test_01_vpc_site2site_vpn | Success | 145.25 | test_vpc_vpn.py
test_01_vpc_remote_access_vpn | Success | 66.21 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | Success | 236.73 | test_vpc_vpn.py
test_02_VPC_default_routes | Success | 269.51 | test_vpc_router_nics.py
test_01_VPC_nics_after_destroy | Success | 551.91 | test_vpc_router_nics.py
test_05_rvpc_multi_tiers | Success | 516.74 | test_vpc_redundant.py
test_04_rvpc_network_garbage_collector_nics | Success | 1305.65 | 
test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
Success | 554.34 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 765.78 | 
test_vpc_redundant.py
test_09_delete_detached_volume | Success | 15.46 | test_volumes.py
test_08_resize_volume | Success | 15.40 | test_volumes.py
test_07_resize_fail | Success | 20.48 | test_volumes.py
test_06_download_detached_volume | Success | 15.29 | test_volumes.py
test_05_detach_volume | Success | 100.29 | test_volumes.py
test_04_delete_attached_volume | Success | 10.20 | test_volumes.py
test_03_download_attached_volume | Success | 15.28 | test_volumes.py
test_02_attach_volume | Success | 44.02 | test_volumes.py
test_01_create_volume | Success | 620.94 | test_volumes.py
test_deploy_vm_multiple | Success | 247.83 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.03 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.02 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 125.25 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 61.02 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.13 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 125.83 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 125.85 | test_vm_life_cycle.py
test_02_start_vm | Success | 5.16 | test_vm_life_cycle.py
test_01_stop_vm | Success | 45.37 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 80.70 | test_templates.py
test_08_list_system_templates | Success | 0.03 | test_templates.py
test_07_list_public_templates | Success | 0.04 | test_templates.py
test_05_template_permissions | Success | 0.06 | test_templates.py
test_04_extract_template | Success | 5.15 | test_templates.py
test_03_delete_template | Success | 5.13 | test_templates.py
test_02_edit_template | Success | 90.12 | test_templates.py
test_01_create_template | Success | 70.58 | test_templates.py
test_10_destroy_cpvm | Success | 161.71 | test_ssvm.py
test_09_destroy_ssvm | Success | 163.83 | test_ssvm.py
test_08_reboot_cpvm | Success | 131.53 | test_ssvm.py
test_07_reboot_ssvm | Success | 103.51 | test_ssvm.py
test_06_stop_cpvm | Success | 131.49 | test_ssvm.py
test_05_stop_ssvm | Success | 133.32 | test_ssvm.py
test_04_cpvm_internals | Success | 0.98 | test_ssvm.py
test_03_ssvm_internals | Success | 3.04 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.13 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.13 | test_ssvm.py
test_01_snapshot_root_disk | Success | 11.49 | test_snapshots.py
test_04_change_offering_small | Success | 237.86 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.04 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.06 | test_service_offerings.py
test_01_create_service_offering | Success | 0.11 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.13 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.18 | test_secondary_storage.py
test_09_reboot_router | Success | 35.32 | test_routers.py
test_08_start_router | Success | 25.27 | test_routers.py
test_07_stop_router | Success | 10.19 | test_routers.py
test_06_router_advanced | Success | 0.06 | test_routers.py
test_05_router_basic | Success | 0.04 | test_routers.py
test_04_restart_network_wo_cleanup | Success | 5.61 | test_routers.py

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15726048#comment-15726048
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Trillian test result (tid-594)
Environment: xenserver-65sp1 (x2), Advanced Networking with Mgmt server 6
Total time taken: 34189 seconds
Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr1799-t594-xenserver-65sp1.zip
Test completed. 47 look ok, 1 have error(s)


Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_05_rvpc_multi_tiers | `Failure` | 562.08 | test_vpc_redundant.py
test_04_rvpc_network_garbage_collector_nics | `Failure` | 1376.86 | 
test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Failure` | 585.60 
| test_vpc_redundant.py
test_01_vpc_site2site_vpn | Success | 308.24 | test_vpc_vpn.py
test_01_vpc_remote_access_vpn | Success | 162.17 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | Success | 538.28 | test_vpc_vpn.py
test_02_VPC_default_routes | Success | 386.18 | test_vpc_router_nics.py
test_01_VPC_nics_after_destroy | Success | 787.50 | test_vpc_router_nics.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
Success | 907.43 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 1049.82 | 
test_vpc_redundant.py
test_09_delete_detached_volume | Success | 20.79 | test_volumes.py
test_08_resize_volume | Success | 106.17 | test_volumes.py
test_07_resize_fail | Success | 111.36 | test_volumes.py
test_06_download_detached_volume | Success | 25.44 | test_volumes.py
test_05_detach_volume | Success | 100.33 | test_volumes.py
test_04_delete_attached_volume | Success | 15.34 | test_volumes.py
test_03_download_attached_volume | Success | 20.43 | test_volumes.py
test_02_attach_volume | Success | 10.75 | test_volumes.py
test_01_create_volume | Success | 394.97 | test_volumes.py
test_03_delete_vm_snapshots | Success | 280.31 | test_vm_snapshots.py
test_02_revert_vm_snapshots | Success | 186.84 | test_vm_snapshots.py
test_01_create_vm_snapshots | Success | 101.07 | test_vm_snapshots.py
test_deploy_vm_multiple | Success | 248.16 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.03 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.03 | test_vm_life_cycle.py
test_10_attachAndDetach_iso | Success | 27.40 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 185.28 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 61.28 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.15 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 10.19 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 10.22 | test_vm_life_cycle.py
test_02_start_vm | Success | 20.28 | test_vm_life_cycle.py
test_01_stop_vm | Success | 30.33 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 141.93 | test_templates.py
test_08_list_system_templates | Success | 0.04 | test_templates.py
test_07_list_public_templates | Success | 0.04 | test_templates.py
test_05_template_permissions | Success | 0.06 | test_templates.py
test_04_extract_template | Success | 5.20 | test_templates.py
test_03_delete_template | Success | 5.13 | test_templates.py
test_02_edit_template | Success | 90.18 | test_templates.py
test_01_create_template | Success | 60.66 | test_templates.py
test_10_destroy_cpvm | Success | 226.94 | test_ssvm.py
test_09_destroy_ssvm | Success | 229.19 | test_ssvm.py
test_08_reboot_cpvm | Success | 181.73 | test_ssvm.py
test_07_reboot_ssvm | Success | 179.27 | test_ssvm.py
test_06_stop_cpvm | Success | 136.98 | test_ssvm.py
test_05_stop_ssvm | Success | 170.86 | test_ssvm.py
test_04_cpvm_internals | Success | 1.10 | test_ssvm.py
test_03_ssvm_internals | Success | 3.40 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.14 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.15 | test_ssvm.py
test_01_snapshot_root_disk | Success | 21.67 | test_snapshots.py
test_04_change_offering_small | Success | 119.16 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.05 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.11 | test_service_offerings.py
test_01_create_service_offering | Success | 0.10 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.14 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.18 | test_secondary_storage.py
test_01_scale_vm | Success | 5.26 | test_scale_vm.py
test_09_reboot_router | Success | 60.66 | test_routers.py
test_08_start_router | Success | 50.50 | test_routers.py

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725415#comment-15725415
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been 
kicked to run smoke tests


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725414#comment-15725414
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725404#comment-15725404
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd unsupported parameters provided. Supported mgmt server os are: 
`centos6, centos7, ubuntu`. Supported hypervisors are: `kvm-centos6, 
kvm-centos7, kvm-ubuntu, xenserver-65sp1, xenserver-62sp1, vmware-60u2, 
vmware-55u3, vmware-51u1, vmware-50u1`


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725402#comment-15725402
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test



On 6 Dec 2016 18:11, "Blue Orangutan Build Things" 

wrote:

Packaging result: ✔centos6 ✔centos7 ✔debian. JID-330

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
,
or mute
the thread


.



> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725370#comment-15725370
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-330


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725300#comment-15725300
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you 
posted as I make progress.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15725298#comment-15725298
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan package


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-06 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15724861#comment-15724861
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user murali-reddy commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
code change LGTM


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15724577#comment-15724577
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


GitHub user rhtyd reopened a pull request:

https://github.com/apache/cloudstack/pull/1799

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/shapeblue/cloudstack bcprov-upgrade

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/cloudstack/pull/1799.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1799






> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15724578#comment-15724578
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd closed the pull request at:

https://github.com/apache/cloudstack/pull/1799


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15724559#comment-15724559
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + vmware-55u3) has been 
kicked to run smoke tests


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15724557#comment-15724557
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test centos7 vmware-55u3



> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15721890#comment-15721890
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-325


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15721606#comment-15721606
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you 
posted as I make progress.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-05 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15721604#comment-15721604
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan package


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714785#comment-15714785
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + vmware-55u3) has been 
kicked to run smoke tests


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714783#comment-15714783
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test centos7 vmware-55u3


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714769#comment-15714769
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-314


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714695#comment-15714695
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan package


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714694#comment-15714694
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@jlk thanks for the pointers, I've fixed them. I checked and found the 
sha-1 usage is only for verification/listing. I also checked the bountycastle 
is indeed added as a security provider in most places where `SecureRandom` is 
created and used.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-02 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714696#comment-15714696
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you 
posted as I make progress.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714144#comment-15714144
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Tests look good so far, I'm waiting for a vmware specific test run to 
complete. Some failures in kvm, xen are known intermittent failures.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714087#comment-15714087
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd closed the pull request at:

https://github.com/apache/cloudstack/pull/1799


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15714088#comment-15714088
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


GitHub user rhtyd reopened a pull request:

https://github.com/apache/cloudstack/pull/1799

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/shapeblue/cloudstack bcprov-upgrade

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/cloudstack/pull/1799.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1799


commit 81fb8af81f3e4731f9423d1cd806323068795ce3
Author: Rohit Yadav 
Date:   2016-11-30T09:31:28Z

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Fixes servlet issue, uses servlet 3.1.0
- Picks up PR #1510 by Daan

Signed-off-by: Rohit Yadav 




> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15713777#comment-15713777
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Trillian test result (tid-534)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 26155 seconds
Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr1799-t534-kvm-centos7.zip
Test completed. 46 look ok, 2 have error(s)


Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Failure` | 379.95 
| test_vpc_redundant.py
test_03_vpc_privategw_restart_vpc_cleanup | `Failure` | 173.70 | 
test_privategw_acl.py
test_02_vpc_privategw_static_routes | `Failure` | 154.11 | 
test_privategw_acl.py
test_01_vpc_site2site_vpn | Success | 170.07 | test_vpc_vpn.py
test_01_vpc_remote_access_vpn | Success | 66.22 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | Success | 256.30 | test_vpc_vpn.py
test_02_VPC_default_routes | Success | 277.63 | test_vpc_router_nics.py
test_01_VPC_nics_after_destroy | Success | 556.61 | test_vpc_router_nics.py
test_05_rvpc_multi_tiers | Success | 517.70 | test_vpc_redundant.py
test_04_rvpc_network_garbage_collector_nics | Success | 1453.95 | 
test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
Success | 565.63 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 671.02 | 
test_vpc_redundant.py
test_09_delete_detached_volume | Success | 15.66 | test_volumes.py
test_08_resize_volume | Success | 15.47 | test_volumes.py
test_07_resize_fail | Success | 20.52 | test_volumes.py
test_06_download_detached_volume | Success | 15.32 | test_volumes.py
test_05_detach_volume | Success | 100.29 | test_volumes.py
test_04_delete_attached_volume | Success | 10.24 | test_volumes.py
test_03_download_attached_volume | Success | 15.44 | test_volumes.py
test_02_attach_volume | Success | 44.43 | test_volumes.py
test_01_create_volume | Success | 711.72 | test_volumes.py
test_deploy_vm_multiple | Success | 278.16 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.03 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.03 | test_vm_life_cycle.py
test_10_attachAndDetach_iso | Success | 26.72 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 125.20 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 41.09 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.13 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 125.89 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 125.92 | test_vm_life_cycle.py
test_02_start_vm | Success | 10.18 | test_vm_life_cycle.py
test_01_stop_vm | Success | 40.34 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 60.64 | test_templates.py
test_08_list_system_templates | Success | 0.03 | test_templates.py
test_07_list_public_templates | Success | 0.04 | test_templates.py
test_05_template_permissions | Success | 0.06 | test_templates.py
test_04_extract_template | Success | 5.32 | test_templates.py
test_03_delete_template | Success | 5.16 | test_templates.py
test_02_edit_template | Success | 90.16 | test_templates.py
test_01_create_template | Success | 40.66 | test_templates.py
test_10_destroy_cpvm | Success | 166.76 | test_ssvm.py
test_09_destroy_ssvm | Success | 193.79 | test_ssvm.py
test_08_reboot_cpvm | Success | 131.66 | test_ssvm.py
test_07_reboot_ssvm | Success | 133.69 | test_ssvm.py
test_06_stop_cpvm | Success | 131.87 | test_ssvm.py
test_05_stop_ssvm | Success | 134.66 | test_ssvm.py
test_04_cpvm_internals | Success | 1.25 | test_ssvm.py
test_03_ssvm_internals | Success | 3.49 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.13 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.15 | test_ssvm.py
test_01_snapshot_root_disk | Success | 16.40 | test_snapshots.py
test_04_change_offering_small | Success | 239.96 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.07 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.10 | test_service_offerings.py
test_01_create_service_offering | Success | 0.14 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.15 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.23 | test_secondary_storage.py
test_09_reboot_router | Success | 40.35 | test_routers.py
test_08_start_router | Success | 30.33 | test_routers.py
test_07_stop_router | Success | 10.22 | test_routers.py
test_06_router_advanced | Success | 0.06 |

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15713094#comment-15713094
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Trillian test result (tid-525)
Environment: xenserver-65sp1 (x2), Advanced Networking with Mgmt server 6
Total time taken: 34869 seconds
Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr1799-t525-xenserver-65sp1.zip
Test completed. 46 look ok, 2 have error(s)


Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_04_rvpc_network_garbage_collector_nics | `Failure` | 1458.32 | 
test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Failure` | 621.42 
| test_vpc_redundant.py
test_01_vpc_site2site_vpn | `Error` | 910.77 | test_vpc_vpn.py
test_05_rvpc_multi_tiers | `Error` | 87.08 | test_vpc_redundant.py
test_01_vpc_remote_access_vpn | Success | 178.02 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | Success | 640.99 | test_vpc_vpn.py
test_02_VPC_default_routes | Success | 478.60 | test_vpc_router_nics.py
test_01_VPC_nics_after_destroy | Success | 614.90 | test_vpc_router_nics.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
Success | 1003.67 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 1061.20 | 
test_vpc_redundant.py
test_09_delete_detached_volume | Success | 21.11 | test_volumes.py
test_08_resize_volume | Success | 116.48 | test_volumes.py
test_07_resize_fail | Success | 121.76 | test_volumes.py
test_06_download_detached_volume | Success | 35.62 | test_volumes.py
test_05_detach_volume | Success | 105.43 | test_volumes.py
test_04_delete_attached_volume | Success | 15.44 | test_volumes.py
test_03_download_attached_volume | Success | 20.70 | test_volumes.py
test_02_attach_volume | Success | 21.13 | test_volumes.py
test_01_create_volume | Success | 438.17 | test_volumes.py
test_03_delete_vm_snapshots | Success | 280.37 | test_vm_snapshots.py
test_02_revert_vm_snapshots | Success | 222.04 | test_vm_snapshots.py
test_01_create_vm_snapshots | Success | 101.38 | test_vm_snapshots.py
test_deploy_vm_multiple | Success | 319.05 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.03 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.03 | test_vm_life_cycle.py
test_10_attachAndDetach_iso | Success | 27.16 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 125.21 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 67.59 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.23 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 15.71 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 20.33 | test_vm_life_cycle.py
test_02_start_vm | Success | 25.37 | test_vm_life_cycle.py
test_01_stop_vm | Success | 30.73 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 136.27 | test_templates.py
test_08_list_system_templates | Success | 0.04 | test_templates.py
test_07_list_public_templates | Success | 0.04 | test_templates.py
test_05_template_permissions | Success | 0.07 | test_templates.py
test_04_extract_template | Success | 5.21 | test_templates.py
test_03_delete_template | Success | 5.14 | test_templates.py
test_02_edit_template | Success | 90.20 | test_templates.py
test_01_create_template | Success | 65.80 | test_templates.py
test_10_destroy_cpvm | Success | 196.78 | test_ssvm.py
test_09_destroy_ssvm | Success | 229.46 | test_ssvm.py
test_08_reboot_cpvm | Success | 121.83 | test_ssvm.py
test_07_reboot_ssvm | Success | 154.08 | test_ssvm.py
test_06_stop_cpvm | Success | 166.87 | test_ssvm.py
test_05_stop_ssvm | Success | 169.08 | test_ssvm.py
test_04_cpvm_internals | Success | 1.12 | test_ssvm.py
test_03_ssvm_internals | Success | 3.48 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.17 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.15 | test_ssvm.py
test_01_snapshot_root_disk | Success | 31.68 | test_snapshots.py
test_04_change_offering_small | Success | 96.22 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.05 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.10 | test_service_offerings.py
test_01_create_service_offering | Success | 0.10 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.14 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.48 | test_secondary_storage.py
test_01_scale_vm | Success | 5.28 | test_scale_vm.py
test_09_reboot_router | Success | 65.57 | test_routers.py
test_08_start_router | Success | 50.51 | test_routers.py

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15713093#comment-15713093
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-302


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712766#comment-15712766
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been 
kicked to run smoke tests


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712764#comment-15712764
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712759#comment-15712759
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-301


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712685#comment-15712685
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Thanks @jburwell I'll get this re-tested against both Travis and Trillian.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712669#comment-15712669
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you 
posted as I make progress.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712666#comment-15712666
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


GitHub user rhtyd reopened a pull request:

https://github.com/apache/cloudstack/pull/1799

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/shapeblue/cloudstack bcprov-upgrade

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/cloudstack/pull/1799.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #1799


commit 056f6e6b5e77ad0d6fa9fc98e8795f845b2c5bb0
Author: Rohit Yadav 
Date:   2016-11-30T09:31:28Z

CLOUDSTACK-9632: Upgrade bouncy castle to version 1.55

- Upgrades Maven dependency version to v1.55
- Fixes bountycastle usages and issues
- Adds timeout to jetty/annotation scanning
- Picks up PR #1510 by Daan

Signed-off-by: Rohit Yadav 




> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712668#comment-15712668
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan package


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712665#comment-15712665
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd closed the pull request at:

https://github.com/apache/cloudstack/pull/1799


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712345#comment-15712345
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd the Travis build failed due a timeout on one of the workers.  Could 
you please do a force push to trigger a new build?


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711719#comment-15711719
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Trillian-Jenkins matrix job (centos6 mgmt + xs65sp1, centos7 mgmt 
+ vmware55u3, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711715#comment-15711715
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test matrix


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711590#comment-15711590
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-297


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711490#comment-15711490
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you 
posted as I make progress.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711487#comment-15711487
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@jburwell I've fixed couple of more issues, and the issues from your code 
review. Thanks for your comments.
@blueorangutan package



> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711401#comment-15711401
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90405628
  
--- Diff: server/test/org/apache/cloudstack/network/lb/CertServiceTest.java 
---
@@ -245,48 +245,48 @@ public void runUploadSslCertSelfSignedNoPassword() 
throws Exception {
 public void runUploadSslCertBadChain() throws IOException, 
IllegalAccessException, NoSuchFieldException {
 Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
 
-String certFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
-String keyFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
-String chainFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
+final String certFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
+final String keyFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
+final String chainFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
 
-String cert = readFileToString(new File(certFile));
-String key = readFileToString(new File(keyFile));
-String chain = readFileToString(new File(chainFile));
+final String cert = readFileToString(new File(certFile));
+final String key = readFileToString(new File(keyFile));
+final String chain = readFileToString(new File(chainFile));
 
-CertServiceImpl certService = new CertServiceImpl();
+final CertServiceImpl certService = new CertServiceImpl();
 
 //setting mock objects
 certService._accountMgr = Mockito.mock(AccountManager.class);
-Account account = new AccountVO("testaccount", 1, "networkdomain", 
(short)0, UUID.randomUUID().toString());
+final Account account = new AccountVO("testaccount", 1, 
"networkdomain", (short)0, UUID.randomUUID().toString());
 
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
 
 certService._domainDao = Mockito.mock(DomainDao.class);
-DomainVO domain = new DomainVO("networkdomain", 1L, 1L, 
"networkdomain");
+final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, 
"networkdomain");
 
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
 
 certService._sslCertDao = Mockito.mock(SslCertDao.class);
 
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new 
SslCertVO());
 
 //creating the command
-UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
-Class _class = uploadCmd.getClass().getSuperclass();
+final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+final Class klazz = uploadCmd.getClass().getSuperclass();
 
-Field certField = _class.getDeclaredField("cert");
+final Field certField = klazz.getDeclaredField("cert");
 certField.setAccessible(true);
 certField.set(uploadCmd, cert);
 
-Field keyField = _class.getDeclaredField("key");
+final Field keyField = klazz.getDeclaredField("key");
 keyField.setAccessible(true);
 keyField.set(uploadCmd, key);
 
-Field chainField = _class.getDeclaredField("chain");
+final Field chainField = klazz.getDeclaredField("chain");
 chainField.setAccessible(true);
 chainField.set(uploadCmd, chain);
 
 try {
 certService.uploadSslCert(uploadCmd);
 fail("The chain given is not the correct chain for the 
certificate");
-} catch (Exception e) {
+} catch (final Exception e) {
--- End diff --

`@Test` annotation does not allow for validating the exception message 
without using any `Rule`.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
>

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711402#comment-15711402
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90405645
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -111,37 +116,37 @@ public CertServiceImpl() {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_UPLOAD, 
eventDescription = "Uploading a certificate to cloudstack", async = false)
-public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
+public SslCertResponse uploadSslCert(final UploadSslCertCmd certCmd) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711383#comment-15711383
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404501
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711380#comment-15711380
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404400
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711377#comment-15711377
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404197
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711375#comment-15711375
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404003
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711372#comment-15711372
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403899
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711374#comment-15711374
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403957
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711369#comment-15711369
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403775
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711359#comment-15711359
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403174
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711354#comment-15711354
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402863
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711349#comment-15711349
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402626
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711347#comment-15711347
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402608
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711342#comment-15711342
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402383
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -240,68 +245,71 @@ public void deleteSslCert(DeleteSslCertCmd 
deleteSslCertCmd) {
 }
 
 if (projectId != null) {
-Project project = _projectMgr.getProject(projectId);
+final Project project = _projectMgr.getProject(projectId);
 
 if (project == null) {
 throw new InvalidParameterValueException("Found no project 
with id: " + projectId);
 }
 
-List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
-if (projectCertVOList == null || projectCertVOList.isEmpty())
+final List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
+if (projectCertVOList == null || projectCertVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, projectCertVOList.get(0));
 
-for (SslCertVO cert : projectCertVOList) {
+for (final SslCertVO cert : projectCertVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
 //reached here look by accountId
-List certVOList = 
_sslCertDao.listByAccountId(accountId);
-if (certVOList == null || certVOList.isEmpty())
+final List certVOList = 
_sslCertDao.listByAccountId(accountId);
+if (certVOList == null || certVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, certVOList.get(0));
 
-for (SslCertVO cert : certVOList) {
+for (final SslCertVO cert : certVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
-private void validate(String certInput, String keyInput, String 
password, String chainInput) {
+private void validate(final String certInput, final String keyInput, 
final String password, final String chainInput) {
 Certificate cert;
 PrivateKey key;
 List chain = null;
 
 try {
 cert = parseCertificate(certInput);
-key = parsePrivateKey(keyInput, password);
+key = parsePrivateKey(keyInput);
 
 if (chainInput != null) {
-chain = parseChain(chainInput);
+chain = CertificateHelper.parseChain(chainInput);
 }
 
-} catch (IOException e) {
+} catch (final IOException | CertificateException e) {
 throw new IllegalArgumentException("Parsing certificate/key 
failed: " + e.getMessage(), e);
 }
 
 validateCert(cert, chainInput != null ? true : false);
 validateKeys(cert.getPublicKey(), key);
 
-if (chainInput != null)
+if (chainInput != null) {
 validateChain(chain, cert);
+}
 }
 
-public SslCertResponse createCertResponse(SslCertVO cert, 
List lbCertMap) {
-SslCertResponse response = new SslCertResponse();
+public SslCertResponse createCertResponse(final SslCertVO cert, final 
List lbCertMap) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711326#comment-15711326
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90401765
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -150,26 +155,26 @@ public SslCertResponse uploadSslCert(UploadSslCertCmd 
certCmd) {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_DELETE, 
eventDescription = "Deleting a certificate to cloudstack", async = false)
-public void deleteSslCert(DeleteSslCertCmd deleteSslCertCmd) {
+public void deleteSslCert(final DeleteSslCertCmd deleteSslCertCmd) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711284#comment-15711284
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90399606
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -111,37 +116,37 @@ public CertServiceImpl() {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_UPLOAD, 
eventDescription = "Uploading a certificate to cloudstack", async = false)
-public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
+public SslCertResponse uploadSslCert(final UploadSslCertCmd certCmd) {
 try {
-String cert = certCmd.getCert();
-String key = certCmd.getKey();
-String password = certCmd.getPassword();
-String chain = certCmd.getChain();
+final String cert = certCmd.getCert();
+final String key = certCmd.getKey();
+final String password = certCmd.getPassword();
+final String chain = certCmd.getChain();
 
 validate(cert, key, password, chain);
 s_logger.debug("Certificate Validation succeeded");
 
-String fingerPrint = 
generateFingerPrint(parseCertificate(cert));
+final String fingerPrint = 
generateFingerPrint(parseCertificate(cert));
 
-CallContext ctx = CallContext.current();
-Account caller = ctx.getCallingAccount();
+final CallContext ctx = CallContext.current();
+final Account caller = ctx.getCallingAccount();
 
 Account owner = null;
-if ((certCmd.getAccountName() != null && certCmd.getDomainId() 
!= null) || certCmd.getProjectId() != null) {
+if (certCmd.getAccountName() != null && certCmd.getDomainId() 
!= null || certCmd.getProjectId() != null) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711272#comment-15711272
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90399065
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711270#comment-15711270
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90399018
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711267#comment-15711267
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90398972
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711261#comment-15711261
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90398722
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711258#comment-15711258
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90398614
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711245#comment-15711245
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90397919
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711241#comment-15711241
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90397788
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key:

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711232#comment-15711232
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90397502
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
--- End diff --

Fixed


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710061#comment-15710061
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90339269
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710064#comment-15710064
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90340513
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
--- End diff --

Please add a check for the return of the `add` method to ensure that the 
element was added to `anchors`.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710057#comment-15710057
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90339078
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710073#comment-15710073
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90341780
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710060#comment-15710060
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90338425
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -240,68 +245,71 @@ public void deleteSslCert(DeleteSslCertCmd 
deleteSslCertCmd) {
 }
 
 if (projectId != null) {
-Project project = _projectMgr.getProject(projectId);
+final Project project = _projectMgr.getProject(projectId);
 
 if (project == null) {
 throw new InvalidParameterValueException("Found no project 
with id: " + projectId);
 }
 
-List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
-if (projectCertVOList == null || projectCertVOList.isEmpty())
+final List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
+if (projectCertVOList == null || projectCertVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, projectCertVOList.get(0));
 
-for (SslCertVO cert : projectCertVOList) {
+for (final SslCertVO cert : projectCertVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
 //reached here look by accountId
-List certVOList = 
_sslCertDao.listByAccountId(accountId);
-if (certVOList == null || certVOList.isEmpty())
+final List certVOList = 
_sslCertDao.listByAccountId(accountId);
+if (certVOList == null || certVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, certVOList.get(0));
 
-for (SslCertVO cert : certVOList) {
+for (final SslCertVO cert : certVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
-private void validate(String certInput, String keyInput, String 
password, String chainInput) {
+private void validate(final String certInput, final String keyInput, 
final String password, final String chainInput) {
 Certificate cert;
 PrivateKey key;
 List chain = null;
 
 try {
 cert = parseCertificate(certInput);
-key = parsePrivateKey(keyInput, password);
+key = parsePrivateKey(keyInput);
--- End diff --

Please consider consolidating the declaration of the `cert` and `key` 
variables into the `try` block, as well as, pulling lines 298-303 into the 
`try` block.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710071#comment-15710071
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90341385
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
--- End diff --

Please consider adding a `Precondition.checkArgument` to check that `key` 
is not blank.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710066#comment-15710066
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90341157
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
--- End diff --

Please consider consolidating lines 434-439 into a multi-catch.  Also, 
`IllegalArgumentException` seems inappropriate as it indicates that the 
preconditions of the method were violated.  `IllegalStateException` seems more 
appropriate.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710068#comment-15710068
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90341553
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710062#comment-15710062
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90340642
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
--- End diff --

What is the purpose of these two lines?   Information is being retrieved, 
but not used.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710055#comment-15710055
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90338636
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -240,68 +245,71 @@ public void deleteSslCert(DeleteSslCertCmd 
deleteSslCertCmd) {
 }
 
 if (projectId != null) {
-Project project = _projectMgr.getProject(projectId);
+final Project project = _projectMgr.getProject(projectId);
 
 if (project == null) {
 throw new InvalidParameterValueException("Found no project 
with id: " + projectId);
 }
 
-List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
-if (projectCertVOList == null || projectCertVOList.isEmpty())
+final List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
+if (projectCertVOList == null || projectCertVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, projectCertVOList.get(0));
 
-for (SslCertVO cert : projectCertVOList) {
+for (final SslCertVO cert : projectCertVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
 //reached here look by accountId
-List certVOList = 
_sslCertDao.listByAccountId(accountId);
-if (certVOList == null || certVOList.isEmpty())
+final List certVOList = 
_sslCertDao.listByAccountId(accountId);
+if (certVOList == null || certVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, certVOList.get(0));
 
-for (SslCertVO cert : certVOList) {
+for (final SslCertVO cert : certVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
-private void validate(String certInput, String keyInput, String 
password, String chainInput) {
+private void validate(final String certInput, final String keyInput, 
final String password, final String chainInput) {
 Certificate cert;
 PrivateKey key;
 List chain = null;
 
 try {
 cert = parseCertificate(certInput);
-key = parsePrivateKey(keyInput, password);
+key = parsePrivateKey(keyInput);
 
 if (chainInput != null) {
-chain = parseChain(chainInput);
+chain = CertificateHelper.parseChain(chainInput);
 }
 
-} catch (IOException e) {
+} catch (final IOException | CertificateException e) {
 throw new IllegalArgumentException("Parsing certificate/key 
failed: " + e.getMessage(), e);
 }
 
 validateCert(cert, chainInput != null ? true : false);
 validateKeys(cert.getPublicKey(), key);
 
-if (chainInput != null)
+if (chainInput != null) {
 validateChain(chain, cert);
+}
 }
 
-public SslCertResponse createCertResponse(SslCertVO cert, 
List lbCertMap) {
-SslCertResponse response = new SslCertResponse();
+public SslCertResponse createCertResponse(final SslCertVO cert, final 
List lbCertMap) {
--- End diff --

Please consider adding the following `Preconditions.checkArgument` checks:

* `cert` is not `null`
* `lbCertMap` is not `null`



> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710065#comment-15710065
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90339611
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710053#comment-15710053
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90315176
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -111,37 +116,37 @@ public CertServiceImpl() {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_UPLOAD, 
eventDescription = "Uploading a certificate to cloudstack", async = false)
-public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
+public SslCertResponse uploadSslCert(final UploadSslCertCmd certCmd) {
 try {
-String cert = certCmd.getCert();
-String key = certCmd.getKey();
-String password = certCmd.getPassword();
-String chain = certCmd.getChain();
+final String cert = certCmd.getCert();
+final String key = certCmd.getKey();
+final String password = certCmd.getPassword();
+final String chain = certCmd.getChain();
 
 validate(cert, key, password, chain);
 s_logger.debug("Certificate Validation succeeded");
 
-String fingerPrint = 
generateFingerPrint(parseCertificate(cert));
+final String fingerPrint = 
generateFingerPrint(parseCertificate(cert));
 
-CallContext ctx = CallContext.current();
-Account caller = ctx.getCallingAccount();
+final CallContext ctx = CallContext.current();
+final Account caller = ctx.getCallingAccount();
 
 Account owner = null;
-if ((certCmd.getAccountName() != null && certCmd.getDomainId() 
!= null) || certCmd.getProjectId() != null) {
+if (certCmd.getAccountName() != null && certCmd.getDomainId() 
!= null || certCmd.getProjectId() != null) {
--- End diff --

Should `certCmd.getAccountName()` be checked that is not blank?


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-11-30 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15710069#comment-15710069
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90341649
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new

  1   2   >