aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan Timoney <dtimoney@att.com>2020-10-19 10:11:15 -0400
committerDan Timoney <dtimoney@att.com>2020-10-19 19:36:37 +0000
commit6aaa8fe86a92e06d92ca8c9df5a99baf84cb01aa (patch)
tree3c13ea31eedb1ee47cc0fb3c84b39b02be492cc8
parent1d08cbe63f717139116785b6d54c9e068f527396 (diff)
Address security issues
Removed unused Mdsal activator class. Added file name validation for ConnectionBuilder in ansible adaptor Change-Id: I00d6a0c1edccae263520738f7a4685b1ad71b943 Issue-ID: CCSDK-2918 Signed-off-by: Dan Timoney <dtimoney@att.com>
-rw-r--r--ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java6
-rw-r--r--mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java108
-rw-r--r--mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java361
3 files changed, 6 insertions, 469 deletions
diff --git a/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java b/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java
index 6295a255..672e0df6 100644
--- a/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java
+++ b/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java
@@ -53,6 +53,8 @@ import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.onap.ccsdk.sli.adaptors.ansible.model.AnsibleResult;
import org.onap.ccsdk.sli.adaptors.ansible.model.AnsibleResultCodes;
+import org.onap.ccsdk.sli.core.utils.PathValidator;
+
import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
@@ -104,6 +106,10 @@ public class ConnectionBuilder {
public ConnectionBuilder(String trustStoreFile, char[] trustStorePasswd) throws KeyStoreException, IOException,
KeyManagementException, NoSuchAlgorithmException, CertificateException {
+ if (!PathValidator.isValidFilePath(trustStoreFile)) {
+ throw new IOException("Invalid trust store file path");
+ }
+
/* Load the specified trustStore */
KeyStore keystore = KeyStore.getInstance("JKS");
FileInputStream readStream = new FileInputStream(trustStoreFile);
diff --git a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java
deleted file mode 100644
index 53ed6572..00000000
--- a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * openECOMP : SDN-C
- * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights
- * reserved.
- * ================================================================================
- * Modifications Copyright (C) 2018 IBM.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.ccsdk.sli.adaptors.resource.mdsal;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.util.LinkedList;
-import java.util.Properties;
-
-import org.onap.ccsdk.sli.core.sli.ConfigurationException;
-import org.onap.ccsdk.sli.core.sli.SvcLogicResource;
-import org.osgi.framework.BundleActivator;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.ServiceRegistration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class MdsalResourceActivator implements BundleActivator {
-
-
-
- private static final String SDNC_CONFIG_DIR = "SDNC_CONFIG_DIR";
-
- public LinkedList<ServiceRegistration> registrations = new LinkedList<>();
-
- private static final Logger LOG = LoggerFactory
- .getLogger(MdsalResourceActivator.class);
-
- @Override
- public void start(BundleContext ctx) throws Exception {
-
- // Read properties
- Properties props = new Properties();
-
- String propDir = System.getenv(SDNC_CONFIG_DIR);
- if (propDir == null) {
-
- propDir = "/opt/sdnc/data/properties";
- }
- String propPath = propDir + "/mdsal-resource.properties";
-
-
- File propFile = new File(propPath);
-
- if (!propFile.exists()) {
-
- throw new ConfigurationException(
- "Missing configuration properties file : "
- + propFile);
- }
- try {
-
- props.load(new FileInputStream(propFile));
- } catch (Exception e) {
- throw new ConfigurationException(
- "Could not load properties file " + propPath, e);
-
- }
-
- String sdncUser = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-user", "admin");
- String sdncPasswd = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-passwd", "admin");
- String sdncHost = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-host", "localhost");
- String sdncProtocol = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-protocol", "https");
- String sdncPort = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-port", "8443");
-
- // Advertise MD-SAL resource adaptors
- SvcLogicResource impl = new ConfigResource(sdncProtocol, sdncHost, sdncPort, sdncUser, sdncPasswd);
-
- LOG.debug("Registering MdsalResource service "+impl.getClass().getName());
- registrations.add(ctx.registerService(impl.getClass().getName(), impl, null));
-
- impl = new OperationalResource(sdncProtocol, sdncHost, sdncPort, sdncUser, sdncPasswd);
-
- LOG.debug("Registering MdsalResource service "+impl.getClass().getName());
- registrations.add(ctx.registerService(impl.getClass().getName(), impl, null));
- }
-
- @Override
- public void stop(BundleContext ctx) throws Exception {
-
- for (ServiceRegistration registration : registrations)
- {
- registration.unregister();
- }
- }
-
-}
diff --git a/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java b/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java
deleted file mode 100644
index 6174bc84..00000000
--- a/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java
+++ /dev/null
@@ -1,361 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * openECOMP : SDN-C
- * ================================================================================
- * Copyright (C) 2018 Samsung. All rights
- * reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.ccsdk.sli.adaptors.resource.mdsal;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.osgi.framework.Bundle;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.BundleException;
-import org.osgi.framework.BundleListener;
-import org.osgi.framework.Filter;
-import org.osgi.framework.FrameworkListener;
-import org.osgi.framework.InvalidSyntaxException;
-import org.osgi.framework.ServiceFactory;
-import org.osgi.framework.ServiceListener;
-import org.osgi.framework.ServiceObjects;
-import org.osgi.framework.ServiceReference;
-import org.osgi.framework.ServiceRegistration;
-
-import org.onap.ccsdk.sli.core.sli.ConfigurationException;
-import java.io.File;
-import java.io.InputStream;
-import java.util.Collection;
-import java.util.Dictionary;
-
-public class TestMdsalResourceActivator {
-
- MdsalResourceActivator mdsal;
-
- @Before
- public void setup() {
- mdsal = new MdsalResourceActivator();
- }
-
- @Test(expected = ConfigurationException.class)
- public void testStartResource() throws Exception {
- BundleContext ctx = new BundleContext() {
- @Override
- public String getProperty(String key) {
- return null;
- }
-
- @Override
- public Bundle getBundle() {
- return null;
- }
-
- @Override
- public Bundle installBundle(String location, InputStream input) throws BundleException {
- return null;
- }
-
- @Override
- public Bundle installBundle(String location) throws BundleException {
- return null;
- }
-
- @Override
- public Bundle getBundle(long id) {
- return null;
- }
-
- @Override
- public Bundle[] getBundles() {
- return new Bundle[0];
- }
-
- @Override
- public void addServiceListener(ServiceListener listener, String filter) throws InvalidSyntaxException {
-
- }
-
- @Override
- public void addServiceListener(ServiceListener listener) {
-
- }
-
- @Override
- public void removeServiceListener(ServiceListener listener) {
-
- }
-
- @Override
- public void addBundleListener(BundleListener listener) {
-
- }
-
- @Override
- public void removeBundleListener(BundleListener listener) {
-
- }
-
- @Override
- public void addFrameworkListener(FrameworkListener listener) {
-
- }
-
- @Override
- public void removeFrameworkListener(FrameworkListener listener) {
-
- }
-
- @Override
- public ServiceRegistration<?> registerService(String[] clazzes, Object service,
- Dictionary<String, ?> properties) {
- return null;
- }
-
- @Override
- public ServiceRegistration<?> registerService(String clazz, Object service,
- Dictionary<String, ?> properties) {
- return null;
- }
-
- @Override
- public <S> ServiceRegistration<S> registerService(Class<S> clazz, S service,
- Dictionary<String, ?> properties) {
- return null;
- }
-
- @Override
- public ServiceReference<?>[] getServiceReferences(String clazz, String filter)
- throws InvalidSyntaxException {
- return new ServiceReference[0];
- }
-
- @Override
- public ServiceReference<?>[] getAllServiceReferences(String clazz, String filter)
- throws InvalidSyntaxException {
- return new ServiceReference[0];
- }
-
- @Override
- public ServiceReference<?> getServiceReference(String clazz) {
- return null;
- }
-
- @Override
- public <S> ServiceReference<S> getServiceReference(Class<S> clazz) {
- return null;
- }
-
- @Override
- public <S> Collection<ServiceReference<S>> getServiceReferences(Class<S> clazz, String filter)
- throws InvalidSyntaxException {
- return null;
- }
-
- @Override
- public <S> S getService(ServiceReference<S> reference) {
- return null;
- }
-
- @Override
- public boolean ungetService(ServiceReference<?> reference) {
- return false;
- }
-
- @Override
- public File getDataFile(String filename) {
- return null;
- }
-
- @Override
- public Filter createFilter(String filter) throws InvalidSyntaxException {
- return null;
- }
-
- @Override
- public Bundle getBundle(String location) {
- return null;
- }
-
- @Override
- public <S> ServiceRegistration<S> registerService(Class<S> clazz, ServiceFactory<S> factory,
- Dictionary<String, ?> properties) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public <S> ServiceObjects<S> getServiceObjects(ServiceReference<S> reference) {
- // TODO Auto-generated method stub
- return null;
- }
- };
-
- mdsal.start(ctx);
-
- }
-
- @Test
- public void testStopResource() throws Exception {
- BundleContext ctx = new BundleContext() {
- @Override
- public String getProperty(String key) {
- return null;
- }
-
- @Override
- public Bundle getBundle() {
- return null;
- }
-
- @Override
- public Bundle installBundle(String location, InputStream input) throws BundleException {
- return null;
- }
-
- @Override
- public Bundle installBundle(String location) throws BundleException {
- return null;
- }
-
- @Override
- public Bundle getBundle(long id) {
- return null;
- }
-
- @Override
- public Bundle[] getBundles() {
- return new Bundle[0];
- }
-
- @Override
- public void addServiceListener(ServiceListener listener, String filter) throws InvalidSyntaxException {
-
- }
-
- @Override
- public void addServiceListener(ServiceListener listener) {
-
- }
-
- @Override
- public void removeServiceListener(ServiceListener listener) {
-
- }
-
- @Override
- public void addBundleListener(BundleListener listener) {
-
- }
-
- @Override
- public void removeBundleListener(BundleListener listener) {
-
- }
-
- @Override
- public void addFrameworkListener(FrameworkListener listener) {
-
- }
-
- @Override
- public void removeFrameworkListener(FrameworkListener listener) {
-
- }
-
- @Override
- public ServiceRegistration<?> registerService(String[] clazzes, Object service, Dictionary<String, ?> properties) {
- return null;
- }
-
- @Override
- public ServiceRegistration<?> registerService(String clazz, Object service, Dictionary<String, ?> properties) {
- return null;
- }
-
- @Override
- public <S> ServiceRegistration<S> registerService(Class<S> clazz, S service, Dictionary<String, ?> properties) {
- return null;
- }
-
- @Override
- public ServiceReference<?>[] getServiceReferences(String clazz, String filter) throws InvalidSyntaxException {
- return new ServiceReference[0];
- }
-
- @Override
- public ServiceReference<?>[] getAllServiceReferences(String clazz, String filter) throws InvalidSyntaxException {
- return new ServiceReference[0];
- }
-
- @Override
- public ServiceReference<?> getServiceReference(String clazz) {
- return null;
- }
-
- @Override
- public <S> ServiceReference<S> getServiceReference(Class<S> clazz) {
- return null;
- }
-
- @Override
- public <S> Collection<ServiceReference<S>> getServiceReferences(Class<S> clazz, String filter) throws InvalidSyntaxException {
- return null;
- }
-
- @Override
- public <S> S getService(ServiceReference<S> reference) {
- return null;
- }
-
- @Override
- public boolean ungetService(ServiceReference<?> reference) {
- return false;
- }
-
- @Override
- public File getDataFile(String filename) {
- return null;
- }
-
- @Override
- public Filter createFilter(String filter) throws InvalidSyntaxException {
- return null;
- }
-
- @Override
- public Bundle getBundle(String location) {
- return null;
- }
-
- @Override
- public <S> ServiceRegistration<S> registerService(Class<S> clazz, ServiceFactory<S> factory,
- Dictionary<String, ?> properties) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public <S> ServiceObjects<S> getServiceObjects(ServiceReference<S> reference) {
- // TODO Auto-generated method stub
- return null;
- }
- };
-
- mdsal.stop(ctx);
-
- }
-}