diff --git a/src/ozones/Server/lib/OZones.rb b/src/ozones/Server/lib/OZones.rb index af44f149c0..4241adedb0 100644 --- a/src/ozones/Server/lib/OZones.rb +++ b/src/ozones/Server/lib/OZones.rb @@ -28,7 +28,13 @@ require 'OZones/AggregatedImages' require 'OZones/AggregatedUsers' require 'OZones/AggregatedTemplates' +require 'openssl' +require 'digest/sha1' +require 'base64' + module OZones + + CIPHER="aes-256-cbc" # ------------------------------------------------------------------------- # The Error Class represents a generic error in the OZones # library. It contains a readable representation of the error. @@ -66,4 +72,37 @@ module OZones def self.str_to_json(str) return JSON.pretty_generate({:message => str}) end + + def self.readKey + begin + credentials = IO.read(ENV['OZONES_AUTH']).strip + return Digest::SHA1.hexdigest(credentials); + rescue + return ""; + end + end + + def self.encrypt(plain_txt) + #prepare cipher object + cipher = OpenSSL::Cipher.new(CIPHER) + cipher.encrypt + cipher.key = OZones.readKey + + enc_txt = cipher.update(plain_txt) + enc_txt << cipher.final + + Base64::encode64(enc_txt).strip.delete("\n") + end + + def self.decrypt(b64_txt) + #prepare cipher object + cipher = OpenSSL::Cipher.new(CIPHER) + cipher.decrypt + cipher.key = OZones.readKey + + enc_txt = Base64::decode64(b64_txt) + + plain_txt = cipher.update(enc_txt) + plain_txt << cipher.final + end end diff --git a/src/ozones/Server/lib/OZones/AggregatedPool.rb b/src/ozones/Server/lib/OZones/AggregatedPool.rb index 26c46b7fe6..59c111563e 100644 --- a/src/ozones/Server/lib/OZones/AggregatedPool.rb +++ b/src/ozones/Server/lib/OZones/AggregatedPool.rb @@ -34,7 +34,7 @@ module OZones zone_pool_hash = zone.to_hash["ZONE"] - client = OpenNebula::Client.new(zone.ONENAME + ":" + zone.ONEPASS, + client = OpenNebula::Client.new("#{zone.ONENAME}:#{zone.ONEPASS}", zone.ENDPOINT) pool = factory(client) diff --git a/src/ozones/Server/lib/OZones/VDC.rb b/src/ozones/Server/lib/OZones/VDC.rb index a0eef2529f..51b16437dd 100644 --- a/src/ozones/Server/lib/OZones/VDC.rb +++ b/src/ozones/Server/lib/OZones/VDC.rb @@ -90,10 +90,8 @@ module OZones @zone = zone end - @client = OpenNebula::Client.new( - "#{@zone.ONENAME}:#{@zone.ONEPASS}", - @zone.ENDPOINT, - false) + @client = OpenNebula::Client.new("#{@zone.ONENAME}:#{@zone.ONEPASS}", + @zone.ENDPOINT) end def to_json @@ -115,7 +113,7 @@ module OZones #Create a vdc record @vdc = Vdc.new - vdcpass = Digest::SHA1.hexdigest(vdc_data.delete(:VDCADMINPASS)) + vdcpass = vdc_data.delete(:VDCADMINPASS) @vdc.attributes = vdc_data # Create a group in the zone with the VDC name diff --git a/src/ozones/Server/lib/OZones/Zones.rb b/src/ozones/Server/lib/OZones/Zones.rb index a6cdf78ad3..062d657836 100644 --- a/src/ozones/Server/lib/OZones/Zones.rb +++ b/src/ozones/Server/lib/OZones/Zones.rb @@ -66,6 +66,12 @@ module OZones return zone_attributes end + def ONEPASS + pw = super + OZones.decrypt(pw) + end + + ####################################################################### # Zone Data Management ####################################################################### @@ -79,12 +85,13 @@ module OZones } # Digest and check credentials - zone_data[:ONEPASS] = Digest::SHA1.hexdigest(zone_data[:ONEPASS]) + name = zone_data[:ONENAME] + pass = zone_data[:ONEPASS] - $stderr.puts zone_data + zone_data[:ONEPASS] = OZones.encrypt(pass) - rc = OpenNebulaZone::check_oneadmin(zone_data[:ONENAME], - zone_data[:ONEPASS], + rc = OpenNebulaZone::check_oneadmin(name, + pass, zone_data[:ENDPOINT]) if OpenNebula.is_error?(rc) @@ -101,6 +108,7 @@ module OZones zone.attributes = zone_data zone.save rescue => e + $stderr.puts e.backtrace return OZones::Error.new(e.message) end