Change in ovirt-engine[master]: core: Encrypt CHAP credentials in the database

dfediuck at redhat.com dfediuck at redhat.com
Tue Oct 23 09:35:09 UTC 2012 

Doron Fediuck has submitted this change and it was merged.

Change subject: core: Encrypt CHAP credentials in the database
......................................................................


core: Encrypt CHAP credentials in the database

While fixing an issue where CHAP credentials weren't being stored in the
database, it was suggested that the credentials should be encrypted.

This patch:
- updates the database to store the longer, encrypted password values
- migrates (encrypts) the passwords during upgrade
- updates the DAO to encrypt and decrypt the passwords dynamically as
  they are read from/written to the db
- refactors encryptPassword/decryptPassword methods from class
  VdsStaticDAODbFacadeImpl to DbFacadeUtils to facilitate reuse

Change-Id: I15b4cba7418d9d818fb2fd69c708fdeb20942f9c
Signed-off-by: Greg Padgett <gpadgett at redhat.com>
---
M backend/manager/dbscripts/storages_san_sp.sql
A backend/manager/dbscripts/upgrade/03_01_1440_encrypt_chap_password.sh
M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/DbFacadeUtils.java
M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/StorageServerConnectionDAODbFacadeImpl.java
M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsDAODbFacadeImpl.java
M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsStaticDAODbFacadeImpl.java
6 files changed, 88 insertions(+), 45 deletions(-)

Approvals:
  Doron Fediuck: Verified; Looks good to me, approved


--
To view, visit http://gerrit.ovirt.org/8344
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I15b4cba7418d9d818fb2fd69c708fdeb20942f9c
Gerrit-PatchSet: 8
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Greg Padgett <gpadgett at redhat.com>
Gerrit-Reviewer: Allon Mureinik <amureini at redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Ayal Baron <abaron at redhat.com>
Gerrit-Reviewer: Doron Fediuck <dfediuck at redhat.com>
Gerrit-Reviewer: Eduardo <ewarszaw at redhat.com>
Gerrit-Reviewer: Eli Mesika <emesika at redhat.com>
Gerrit-Reviewer: Federico Simoncelli <fsimonce at redhat.com>
Gerrit-Reviewer: Greg Padgett <gpadgett at redhat.com>
Gerrit-Reviewer: Liron Aravot <laravot at redhat.com>

More information about the Engine-commits mailing list