From 684ff7064739851f66483df77d6578966ee4b6a3 Mon Sep 17 00:00:00 2001 From: Dan Timoney Date: Mon, 19 Oct 2020 10:11:15 -0400 Subject: Address security issues Removed unused Mdsal activator class. Added file name validation for ConnectionBuilder in ansible adaptor Change-Id: I00d6a0c1edccae263520738f7a4685b1ad71b943 Issue-ID: CCSDK-2918 Signed-off-by: Dan Timoney --- .../adaptors/ansible/impl/ConnectionBuilder.java | 6 + .../resource/mdsal/MdsalResourceActivator.java | 108 ------ .../resource/mdsal/TestMdsalResourceActivator.java | 361 --------------------- 3 files changed, 6 insertions(+), 469 deletions(-) delete mode 100644 mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java delete mode 100644 mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java diff --git a/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java b/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java index 6295a255..672e0df6 100644 --- a/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java +++ b/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java @@ -53,6 +53,8 @@ import org.apache.http.impl.client.HttpClients; import org.apache.http.util.EntityUtils; import org.onap.ccsdk.sli.adaptors.ansible.model.AnsibleResult; import org.onap.ccsdk.sli.adaptors.ansible.model.AnsibleResultCodes; +import org.onap.ccsdk.sli.core.utils.PathValidator; + import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; @@ -104,6 +106,10 @@ public class ConnectionBuilder { public ConnectionBuilder(String trustStoreFile, char[] trustStorePasswd) throws KeyStoreException, IOException, KeyManagementException, NoSuchAlgorithmException, CertificateException { + if (!PathValidator.isValidFilePath(trustStoreFile)) { + throw new IOException("Invalid trust store file path"); + } + /* Load the specified trustStore */ KeyStore keystore = KeyStore.getInstance("JKS"); FileInputStream readStream = new FileInputStream(trustStoreFile); diff --git a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java deleted file mode 100644 index 53ed6572..00000000 --- a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java +++ /dev/null @@ -1,108 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * openECOMP : SDN-C - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights - * reserved. - * ================================================================================ - * Modifications Copyright (C) 2018 IBM. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.ccsdk.sli.adaptors.resource.mdsal; - -import java.io.File; -import java.io.FileInputStream; -import java.util.LinkedList; -import java.util.Properties; - -import org.onap.ccsdk.sli.core.sli.ConfigurationException; -import org.onap.ccsdk.sli.core.sli.SvcLogicResource; -import org.osgi.framework.BundleActivator; -import org.osgi.framework.BundleContext; -import org.osgi.framework.ServiceRegistration; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class MdsalResourceActivator implements BundleActivator { - - - - private static final String SDNC_CONFIG_DIR = "SDNC_CONFIG_DIR"; - - public LinkedList registrations = new LinkedList<>(); - - private static final Logger LOG = LoggerFactory - .getLogger(MdsalResourceActivator.class); - - @Override - public void start(BundleContext ctx) throws Exception { - - // Read properties - Properties props = new Properties(); - - String propDir = System.getenv(SDNC_CONFIG_DIR); - if (propDir == null) { - - propDir = "/opt/sdnc/data/properties"; - } - String propPath = propDir + "/mdsal-resource.properties"; - - - File propFile = new File(propPath); - - if (!propFile.exists()) { - - throw new ConfigurationException( - "Missing configuration properties file : " - + propFile); - } - try { - - props.load(new FileInputStream(propFile)); - } catch (Exception e) { - throw new ConfigurationException( - "Could not load properties file " + propPath, e); - - } - - String sdncUser = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-user", "admin"); - String sdncPasswd = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-passwd", "admin"); - String sdncHost = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-host", "localhost"); - String sdncProtocol = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-protocol", "https"); - String sdncPort = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-port", "8443"); - - // Advertise MD-SAL resource adaptors - SvcLogicResource impl = new ConfigResource(sdncProtocol, sdncHost, sdncPort, sdncUser, sdncPasswd); - - LOG.debug("Registering MdsalResource service "+impl.getClass().getName()); - registrations.add(ctx.registerService(impl.getClass().getName(), impl, null)); - - impl = new OperationalResource(sdncProtocol, sdncHost, sdncPort, sdncUser, sdncPasswd); - - LOG.debug("Registering MdsalResource service "+impl.getClass().getName()); - registrations.add(ctx.registerService(impl.getClass().getName(), impl, null)); - } - - @Override - public void stop(BundleContext ctx) throws Exception { - - for (ServiceRegistration registration : registrations) - { - registration.unregister(); - } - } - -} diff --git a/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java b/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java deleted file mode 100644 index 6174bc84..00000000 --- a/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java +++ /dev/null @@ -1,361 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * openECOMP : SDN-C - * ================================================================================ - * Copyright (C) 2018 Samsung. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.ccsdk.sli.adaptors.resource.mdsal; - -import org.junit.Before; -import org.junit.Test; -import org.osgi.framework.Bundle; -import org.osgi.framework.BundleContext; -import org.osgi.framework.BundleException; -import org.osgi.framework.BundleListener; -import org.osgi.framework.Filter; -import org.osgi.framework.FrameworkListener; -import org.osgi.framework.InvalidSyntaxException; -import org.osgi.framework.ServiceFactory; -import org.osgi.framework.ServiceListener; -import org.osgi.framework.ServiceObjects; -import org.osgi.framework.ServiceReference; -import org.osgi.framework.ServiceRegistration; - -import org.onap.ccsdk.sli.core.sli.ConfigurationException; -import java.io.File; -import java.io.InputStream; -import java.util.Collection; -import java.util.Dictionary; - -public class TestMdsalResourceActivator { - - MdsalResourceActivator mdsal; - - @Before - public void setup() { - mdsal = new MdsalResourceActivator(); - } - - @Test(expected = ConfigurationException.class) - public void testStartResource() throws Exception { - BundleContext ctx = new BundleContext() { - @Override - public String getProperty(String key) { - return null; - } - - @Override - public Bundle getBundle() { - return null; - } - - @Override - public Bundle installBundle(String location, InputStream input) throws BundleException { - return null; - } - - @Override - public Bundle installBundle(String location) throws BundleException { - return null; - } - - @Override - public Bundle getBundle(long id) { - return null; - } - - @Override - public Bundle[] getBundles() { - return new Bundle[0]; - } - - @Override - public void addServiceListener(ServiceListener listener, String filter) throws InvalidSyntaxException { - - } - - @Override - public void addServiceListener(ServiceListener listener) { - - } - - @Override - public void removeServiceListener(ServiceListener listener) { - - } - - @Override - public void addBundleListener(BundleListener listener) { - - } - - @Override - public void removeBundleListener(BundleListener listener) { - - } - - @Override - public void addFrameworkListener(FrameworkListener listener) { - - } - - @Override - public void removeFrameworkListener(FrameworkListener listener) { - - } - - @Override - public ServiceRegistration registerService(String[] clazzes, Object service, - Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(String clazz, Object service, - Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, S service, - Dictionary properties) { - return null; - } - - @Override - public ServiceReference[] getServiceReferences(String clazz, String filter) - throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference[] getAllServiceReferences(String clazz, String filter) - throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference getServiceReference(String clazz) { - return null; - } - - @Override - public ServiceReference getServiceReference(Class clazz) { - return null; - } - - @Override - public Collection> getServiceReferences(Class clazz, String filter) - throws InvalidSyntaxException { - return null; - } - - @Override - public S getService(ServiceReference reference) { - return null; - } - - @Override - public boolean ungetService(ServiceReference reference) { - return false; - } - - @Override - public File getDataFile(String filename) { - return null; - } - - @Override - public Filter createFilter(String filter) throws InvalidSyntaxException { - return null; - } - - @Override - public Bundle getBundle(String location) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, ServiceFactory factory, - Dictionary properties) { - // TODO Auto-generated method stub - return null; - } - - @Override - public ServiceObjects getServiceObjects(ServiceReference reference) { - // TODO Auto-generated method stub - return null; - } - }; - - mdsal.start(ctx); - - } - - @Test - public void testStopResource() throws Exception { - BundleContext ctx = new BundleContext() { - @Override - public String getProperty(String key) { - return null; - } - - @Override - public Bundle getBundle() { - return null; - } - - @Override - public Bundle installBundle(String location, InputStream input) throws BundleException { - return null; - } - - @Override - public Bundle installBundle(String location) throws BundleException { - return null; - } - - @Override - public Bundle getBundle(long id) { - return null; - } - - @Override - public Bundle[] getBundles() { - return new Bundle[0]; - } - - @Override - public void addServiceListener(ServiceListener listener, String filter) throws InvalidSyntaxException { - - } - - @Override - public void addServiceListener(ServiceListener listener) { - - } - - @Override - public void removeServiceListener(ServiceListener listener) { - - } - - @Override - public void addBundleListener(BundleListener listener) { - - } - - @Override - public void removeBundleListener(BundleListener listener) { - - } - - @Override - public void addFrameworkListener(FrameworkListener listener) { - - } - - @Override - public void removeFrameworkListener(FrameworkListener listener) { - - } - - @Override - public ServiceRegistration registerService(String[] clazzes, Object service, Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(String clazz, Object service, Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, S service, Dictionary properties) { - return null; - } - - @Override - public ServiceReference[] getServiceReferences(String clazz, String filter) throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference[] getAllServiceReferences(String clazz, String filter) throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference getServiceReference(String clazz) { - return null; - } - - @Override - public ServiceReference getServiceReference(Class clazz) { - return null; - } - - @Override - public Collection> getServiceReferences(Class clazz, String filter) throws InvalidSyntaxException { - return null; - } - - @Override - public S getService(ServiceReference reference) { - return null; - } - - @Override - public boolean ungetService(ServiceReference reference) { - return false; - } - - @Override - public File getDataFile(String filename) { - return null; - } - - @Override - public Filter createFilter(String filter) throws InvalidSyntaxException { - return null; - } - - @Override - public Bundle getBundle(String location) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, ServiceFactory factory, - Dictionary properties) { - // TODO Auto-generated method stub - return null; - } - - @Override - public ServiceObjects getServiceObjects(ServiceReference reference) { - // TODO Auto-generated method stub - return null; - } - }; - - mdsal.stop(ctx); - - } -} -- cgit 1.2.3-korg