From 684ff7064739851f66483df77d6578966ee4b6a3 Mon Sep 17 00:00:00 2001 From: Dan Timoney Date: Mon, 19 Oct 2020 10:11:15 -0400 Subject: Address security issues Removed unused Mdsal activator class. Added file name validation for ConnectionBuilder in ansible adaptor Change-Id: I00d6a0c1edccae263520738f7a4685b1ad71b943 Issue-ID: CCSDK-2918 Signed-off-by: Dan Timoney --- .../adaptors/ansible/impl/ConnectionBuilder.java | 6 + .../resource/mdsal/MdsalResourceActivator.java | 108 ------ .../resource/mdsal/TestMdsalResourceActivator.java | 361 --------------------- 3 files changed, 6 insertions(+), 469 deletions(-) delete mode 100644 mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java delete mode 100644 mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java diff --git a/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java b/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java index 6295a2557..672e0df67 100644 --- a/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java +++ b/ansible-adapter/ansible-adapter-bundle/src/main/java/org/onap/ccsdk/sli/adaptors/ansible/impl/ConnectionBuilder.java @@ -53,6 +53,8 @@ import org.apache.http.impl.client.HttpClients; import org.apache.http.util.EntityUtils; import org.onap.ccsdk.sli.adaptors.ansible.model.AnsibleResult; import org.onap.ccsdk.sli.adaptors.ansible.model.AnsibleResultCodes; +import org.onap.ccsdk.sli.core.utils.PathValidator; + import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; @@ -104,6 +106,10 @@ public class ConnectionBuilder { public ConnectionBuilder(String trustStoreFile, char[] trustStorePasswd) throws KeyStoreException, IOException, KeyManagementException, NoSuchAlgorithmException, CertificateException { + if (!PathValidator.isValidFilePath(trustStoreFile)) { + throw new IOException("Invalid trust store file path"); + } + /* Load the specified trustStore */ KeyStore keystore = KeyStore.getInstance("JKS"); FileInputStream readStream = new FileInputStream(trustStoreFile); diff --git a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java deleted file mode 100644 index 53ed65725..000000000 --- a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/MdsalResourceActivator.java +++ /dev/null @@ -1,108 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * openECOMP : SDN-C - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights - * reserved. - * ================================================================================ - * Modifications Copyright (C) 2018 IBM. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.ccsdk.sli.adaptors.resource.mdsal; - -import java.io.File; -import java.io.FileInputStream; -import java.util.LinkedList; -import java.util.Properties; - -import org.onap.ccsdk.sli.core.sli.ConfigurationException; -import org.onap.ccsdk.sli.core.sli.SvcLogicResource; -import org.osgi.framework.BundleActivator; -import org.osgi.framework.BundleContext; -import org.osgi.framework.ServiceRegistration; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class MdsalResourceActivator implements BundleActivator { - - - - private static final String SDNC_CONFIG_DIR = "SDNC_CONFIG_DIR"; - - public LinkedList registrations = new LinkedList<>(); - - private static final Logger LOG = LoggerFactory - .getLogger(MdsalResourceActivator.class); - - @Override - public void start(BundleContext ctx) throws Exception { - - // Read properties - Properties props = new Properties(); - - String propDir = System.getenv(SDNC_CONFIG_DIR); - if (propDir == null) { - - propDir = "/opt/sdnc/data/properties"; - } - String propPath = propDir + "/mdsal-resource.properties"; - - - File propFile = new File(propPath); - - if (!propFile.exists()) { - - throw new ConfigurationException( - "Missing configuration properties file : " - + propFile); - } - try { - - props.load(new FileInputStream(propFile)); - } catch (Exception e) { - throw new ConfigurationException( - "Could not load properties file " + propPath, e); - - } - - String sdncUser = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-user", "admin"); - String sdncPasswd = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-passwd", "admin"); - String sdncHost = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-host", "localhost"); - String sdncProtocol = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-protocol", "https"); - String sdncPort = props.getProperty("org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-port", "8443"); - - // Advertise MD-SAL resource adaptors - SvcLogicResource impl = new ConfigResource(sdncProtocol, sdncHost, sdncPort, sdncUser, sdncPasswd); - - LOG.debug("Registering MdsalResource service "+impl.getClass().getName()); - registrations.add(ctx.registerService(impl.getClass().getName(), impl, null)); - - impl = new OperationalResource(sdncProtocol, sdncHost, sdncPort, sdncUser, sdncPasswd); - - LOG.debug("Registering MdsalResource service "+impl.getClass().getName()); - registrations.add(ctx.registerService(impl.getClass().getName(), impl, null)); - } - - @Override - public void stop(BundleContext ctx) throws Exception { - - for (ServiceRegistration registration : registrations) - { - registration.unregister(); - } - } - -} diff --git a/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java b/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java deleted file mode 100644 index 6174bc84d..000000000 --- a/mdsal-resource/provider/src/test/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/TestMdsalResourceActivator.java +++ /dev/null @@ -1,361 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * openECOMP : SDN-C - * ================================================================================ - * Copyright (C) 2018 Samsung. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.ccsdk.sli.adaptors.resource.mdsal; - -import org.junit.Before; -import org.junit.Test; -import org.osgi.framework.Bundle; -import org.osgi.framework.BundleContext; -import org.osgi.framework.BundleException; -import org.osgi.framework.BundleListener; -import org.osgi.framework.Filter; -import org.osgi.framework.FrameworkListener; -import org.osgi.framework.InvalidSyntaxException; -import org.osgi.framework.ServiceFactory; -import org.osgi.framework.ServiceListener; -import org.osgi.framework.ServiceObjects; -import org.osgi.framework.ServiceReference; -import org.osgi.framework.ServiceRegistration; - -import org.onap.ccsdk.sli.core.sli.ConfigurationException; -import java.io.File; -import java.io.InputStream; -import java.util.Collection; -import java.util.Dictionary; - -public class TestMdsalResourceActivator { - - MdsalResourceActivator mdsal; - - @Before - public void setup() { - mdsal = new MdsalResourceActivator(); - } - - @Test(expected = ConfigurationException.class) - public void testStartResource() throws Exception { - BundleContext ctx = new BundleContext() { - @Override - public String getProperty(String key) { - return null; - } - - @Override - public Bundle getBundle() { - return null; - } - - @Override - public Bundle installBundle(String location, InputStream input) throws BundleException { - return null; - } - - @Override - public Bundle installBundle(String location) throws BundleException { - return null; - } - - @Override - public Bundle getBundle(long id) { - return null; - } - - @Override - public Bundle[] getBundles() { - return new Bundle[0]; - } - - @Override - public void addServiceListener(ServiceListener listener, String filter) throws InvalidSyntaxException { - - } - - @Override - public void addServiceListener(ServiceListener listener) { - - } - - @Override - public void removeServiceListener(ServiceListener listener) { - - } - - @Override - public void addBundleListener(BundleListener listener) { - - } - - @Override - public void removeBundleListener(BundleListener listener) { - - } - - @Override - public void addFrameworkListener(FrameworkListener listener) { - - } - - @Override - public void removeFrameworkListener(FrameworkListener listener) { - - } - - @Override - public ServiceRegistration registerService(String[] clazzes, Object service, - Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(String clazz, Object service, - Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, S service, - Dictionary properties) { - return null; - } - - @Override - public ServiceReference[] getServiceReferences(String clazz, String filter) - throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference[] getAllServiceReferences(String clazz, String filter) - throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference getServiceReference(String clazz) { - return null; - } - - @Override - public ServiceReference getServiceReference(Class clazz) { - return null; - } - - @Override - public Collection> getServiceReferences(Class clazz, String filter) - throws InvalidSyntaxException { - return null; - } - - @Override - public S getService(ServiceReference reference) { - return null; - } - - @Override - public boolean ungetService(ServiceReference reference) { - return false; - } - - @Override - public File getDataFile(String filename) { - return null; - } - - @Override - public Filter createFilter(String filter) throws InvalidSyntaxException { - return null; - } - - @Override - public Bundle getBundle(String location) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, ServiceFactory factory, - Dictionary properties) { - // TODO Auto-generated method stub - return null; - } - - @Override - public ServiceObjects getServiceObjects(ServiceReference reference) { - // TODO Auto-generated method stub - return null; - } - }; - - mdsal.start(ctx); - - } - - @Test - public void testStopResource() throws Exception { - BundleContext ctx = new BundleContext() { - @Override - public String getProperty(String key) { - return null; - } - - @Override - public Bundle getBundle() { - return null; - } - - @Override - public Bundle installBundle(String location, InputStream input) throws BundleException { - return null; - } - - @Override - public Bundle installBundle(String location) throws BundleException { - return null; - } - - @Override - public Bundle getBundle(long id) { - return null; - } - - @Override - public Bundle[] getBundles() { - return new Bundle[0]; - } - - @Override - public void addServiceListener(ServiceListener listener, String filter) throws InvalidSyntaxException { - - } - - @Override - public void addServiceListener(ServiceListener listener) { - - } - - @Override - public void removeServiceListener(ServiceListener listener) { - - } - - @Override - public void addBundleListener(BundleListener listener) { - - } - - @Override - public void removeBundleListener(BundleListener listener) { - - } - - @Override - public void addFrameworkListener(FrameworkListener listener) { - - } - - @Override - public void removeFrameworkListener(FrameworkListener listener) { - - } - - @Override - public ServiceRegistration registerService(String[] clazzes, Object service, Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(String clazz, Object service, Dictionary properties) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, S service, Dictionary properties) { - return null; - } - - @Override - public ServiceReference[] getServiceReferences(String clazz, String filter) throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference[] getAllServiceReferences(String clazz, String filter) throws InvalidSyntaxException { - return new ServiceReference[0]; - } - - @Override - public ServiceReference getServiceReference(String clazz) { - return null; - } - - @Override - public ServiceReference getServiceReference(Class clazz) { - return null; - } - - @Override - public Collection> getServiceReferences(Class clazz, String filter) throws InvalidSyntaxException { - return null; - } - - @Override - public S getService(ServiceReference reference) { - return null; - } - - @Override - public boolean ungetService(ServiceReference reference) { - return false; - } - - @Override - public File getDataFile(String filename) { - return null; - } - - @Override - public Filter createFilter(String filter) throws InvalidSyntaxException { - return null; - } - - @Override - public Bundle getBundle(String location) { - return null; - } - - @Override - public ServiceRegistration registerService(Class clazz, ServiceFactory factory, - Dictionary properties) { - // TODO Auto-generated method stub - return null; - } - - @Override - public ServiceObjects getServiceObjects(ServiceReference reference) { - // TODO Auto-generated method stub - return null; - } - }; - - mdsal.stop(ctx); - - } -} -- cgit 1.2.3-korg From 7e33b0ae33ba2c994daae949450386ca30ea7793 Mon Sep 17 00:00:00 2001 From: Dan Timoney Date: Tue, 20 Oct 2020 16:26:49 -0400 Subject: Support netbox-client outside OSGi container Updated netbox-client initialization so that it works properly when initialized outside an OSGi container (e.g springboot) Change-Id: I4a6cb477206745eb4ca21f10a7fb54cc616ef4cd Issue-ID: CCSDK-2923 Signed-off-by: Dan Timoney --- .../sli/adaptors/netbox/impl/NetboxClientImpl.java | 58 +++++++++++++++++++++- .../adaptors/netbox/property/NetboxProperties.java | 14 +++--- 2 files changed, 63 insertions(+), 9 deletions(-) diff --git a/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/impl/NetboxClientImpl.java b/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/impl/NetboxClientImpl.java index 4e4761d10..bfb5ee530 100644 --- a/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/impl/NetboxClientImpl.java +++ b/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/impl/NetboxClientImpl.java @@ -17,16 +17,23 @@ package org.onap.ccsdk.sli.adaptors.netbox.impl; import com.google.common.collect.Lists; import com.google.gson.JsonSyntaxException; + +import java.io.File; +import java.io.FileInputStream; import java.io.IOException; import java.sql.SQLException; import java.util.ArrayList; import java.util.Map; +import java.util.Properties; + import javax.sql.rowset.CachedRowSet; import org.apache.http.HttpResponse; import org.apache.http.util.EntityUtils; import org.onap.ccsdk.sli.adaptors.netbox.api.NetboxClient; import org.onap.ccsdk.sli.adaptors.netbox.model.IPAddress; import org.onap.ccsdk.sli.adaptors.netbox.model.IPStatus; +import org.onap.ccsdk.sli.adaptors.netbox.property.NetboxProperties; +import org.onap.ccsdk.sli.core.dblib.DBResourceManager; import org.onap.ccsdk.sli.core.dblib.DbLibService; import org.onap.ccsdk.sli.core.sli.SvcLogicContext; import org.onap.ccsdk.sli.core.sli.SvcLogicException; @@ -73,9 +80,56 @@ public class NetboxClientImpl implements NetboxClient { private final NetboxHttpClient client; private final DbLibService dbLibService; + public NetboxClientImpl() { + this(null, null); + } + public NetboxClientImpl(final NetboxHttpClient client, final DbLibService dbLibService) { - this.client = client; - this.dbLibService = dbLibService; + if (client == null) { + this.client = new NetboxHttpClient(new NetboxProperties()); + } else { + this.client = client; + } + + if (dbLibService == null) { + Properties dblibProps = System.getProperties(); + + String cfgDir = dblibProps.getProperty("sdnc.config.dir", System.getenv("SDNC_CONFIG_DIR")); + + if ((cfgDir == null) || (cfgDir.length() == 0)) { + cfgDir = "/opt/sdnc/data/properties"; + } + + File dblibPropFile = new File(cfgDir + "/dblib.properties"); + if (dblibPropFile.exists()) { + try { + LOG.debug("Loading dblib properties from {}", dblibPropFile.getAbsolutePath()); + dblibProps = new Properties(); + dblibProps.load(new FileInputStream(dblibPropFile)); + } catch (Exception e) { + LOG.warn("Could not load properties file {}", dblibPropFile.getAbsolutePath(), e); + + dblibProps = System.getProperties(); + } + } + + DbLibService dbSvc = null; + try { + dbSvc = new DBResourceManager(dblibProps); + } catch (Exception e) { + LOG.error("Caught exception trying to create dblib service", e); + } + + try { + dbSvc = new DBResourceManager(dblibProps); + } catch (Exception e) { + LOG.error("Caught exception trying to create dblib service", e); + } + this.dbLibService = dbSvc; + + } else { + this.dbLibService = dbLibService; + } } @Override diff --git a/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/property/NetboxProperties.java b/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/property/NetboxProperties.java index 2eecf6e3a..065b07551 100644 --- a/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/property/NetboxProperties.java +++ b/netbox-client/provider/src/main/java/org/onap/ccsdk/sli/adaptors/netbox/property/NetboxProperties.java @@ -60,15 +60,15 @@ public class NetboxProperties { properties.load(in); LOG.info("Loaded {} properties from file {}", properties.size(), ccsdkConfigDir); } catch (Exception e) { - // Try to load config from jar - final Bundle bundle = FrameworkUtil.getBundle(NetboxProperties.class); - final BundleContext ctx = bundle.getBundleContext(); - final URL url = ctx.getBundle().getResource(NETBOX_PROPERTY_FILE_NAME); - - try (InputStream inputStream = url.openStream()) { + try { + // Try to load config from jar + final Bundle bundle = FrameworkUtil.getBundle(NetboxProperties.class); + final BundleContext ctx = bundle.getBundleContext(); + final URL url = ctx.getBundle().getResource(NETBOX_PROPERTY_FILE_NAME); + InputStream inputStream = url.openStream(); properties.load(inputStream); LOG.info("Loaded {} properties from file {}", properties.size(), NETBOX_PROPERTY_FILE_NAME); - } catch (IOException e1) { + } catch (IOException|NoClassDefFoundError e1) { LOG.error("Failed to load properties for file: {} " + NETBOX_PROPERTY_FILE_NAME, e1); } } -- cgit 1.2.3-korg