Ubuntu
eucalyptus package

Merge lp:~ccheney/ubuntu/lucid/eucalyptus/lucid-sru into lp:ubuntu/lucid-proposed/eucalyptus

Lucid (10.04)
lucid-sru
Merge into lucid-proposed

Proposed by Chris Cheney on 2010-06-04

Status:	Superseded
Proposed branch:	lp:~ccheney/ubuntu/lucid/eucalyptus/lucid-sru
Merge into:	lp:ubuntu/lucid-proposed/eucalyptus
Diff against target:	113 lines (+29/-18) 4 files modified clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java (+6/-3) debian/changelog (+11/-0) debian/eucalyptus-sc.upstart (+8/-0) node/handlers_kvm.c (+4/-15)
To merge this branch:	bzr merge lp:~ccheney/ubuntu/lucid/eucalyptus/lucid-sru
Related bugs:	Link a bug report

Reviewer	Date Requested	Status
Mathias Gug	2010-06-04	Approve on 2010-06-04
Dave Walker	2010-06-04	Pending
Review via email: mp+26839@code.launchpad.net

This proposal has been superseded by a proposal from 2010-06-07.

Description of the change

SRU for lucid

  * Revert: node/handlers_kvm.c: fix console bug (was only showing first 64K)
  * clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java:
    - fix user enumeration and account brute force, LP: #579942
  * debian/eucalyptus-sc.upstart: Bump maximum number of loop devices for
    SC to 512, LP: #586134

Revision history for this message

Mathias Gug (mathiaz) wrote on 2010-06-04:

I would add a reference to the LP bug number for the patch that is reverted. Otherwise the patch looks good to me.

Both bug 586134 and bug 579942 need to have a proper SRU report written up.

review: Approve

Revision history for this message

Chris Cheney (ccheney) wrote on 2010-06-07:

> I would add a reference to the LP bug number for the patch that is reverted.
> Otherwise the patch looks good to me.
>
> Both bug 586134 and bug 579942 need to have a proper SRU report written up.

I have written up the two SRUs.

lp:~ccheney/ubuntu/lucid/eucalyptus/lucid-sru updated on 2010-06-08

153. By Chris Cheney on 2010-06-07: Revert: node/handlers_kvm.c: fix console bug (was only showing first 64K),
LP: #566793
154. By Chris Cheney on 2010-06-08: Merged.

Unmerged revisions

154. By Chris Cheney on 2010-06-08: Merged.
153. By Chris Cheney on 2010-06-07: Revert: node/handlers_kvm.c: fix console bug (was only showing first 64K),
LP: #566793
152. By Chris Cheney on 2010-06-04: * Revert: node/handlers_kvm.c: fix console bug (was only showing first 64K)
* clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java:
- fix user enumeration and account brute force, LP: #579942
* debian/eucalyptus-sc.upstart: Bump maximum number of loop devices for
SC to 512, LP: #586134

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Chris Cheney

Dave Walker

Dustin Kirkland 

James Westby

Mathias Gug

 === modified file 'clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java'
 --- clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java	2009-12-01 21:09:28 +0000
 +++ clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java	2010-06-07 14:59:25 +0000
@@ -384,7 +384,8 @@
  			if (session!=null) {
  				sessions.remove(session.getSessionId());
+ 			}
--			throw new SerializableException("Username '" + userName + "' not found");
++			/* Don't be descriptive */
++			throw new SerializableException("Login incorrect");
+ 		}
  		if (!user.isApproved()) {
  			throw new SerializableException("User not approved yet");
@@ -416,7 +417,8 @@
  		// you can get a sessionId with an expired password so you can change it => false
  		user = verifyUser (null, userId, false);
  		if (!user.getBCryptedPassword().equals( md5Password )) {
--			throw new SerializableException("Incorrect password");
++			/* Don't be descriptive */
++			throw new SerializableException("Login incorrect");
+ 		}
  		sessionId = ServletUtils.genGUID();
@@ -669,7 +671,8 @@
  		try {
  			oldRecord = EucalyptusManagement.getWebUser(userName);
  		} catch (Exception e) {
--			throw new SerializableException("Username '" + userName + "' not found");
++			/* Don't be descriptive */
++			throw new SerializableException("Login incorrect");
+ 		}
  		if (! callerRecord.isAdministrator()
  				&&  ! callerRecord.getUserName().equals(userName)) {
 === modified file 'debian/changelog'
 --- debian/changelog	2010-04-28 08:43:38 +0000
 +++ debian/changelog	2010-06-07 14:59:25 +0000
@@ -1,3 +1,14 @@
++eucalyptus (1.6.2-0ubuntu30.2) lucid-proposed; urgency=low
++
++  * Revert: node/handlers_kvm.c: fix console bug (was only showing first 64K),
++    LP: #566793
++  * clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/EucalyptusWebBackendImpl.java:
++    - fix user enumeration and account brute force, LP: #579942
++  * debian/eucalyptus-sc.upstart: Bump maximum number of loop devices for
++    SC to 512, LP: #586134
++
++ -- Chris Cheney <ccheney@ubuntu.com>  Fri, 04 Jun 2010 00:39:00 -0500
++
  eucalyptus (1.6.2-0ubuntu30.1) lucid-proposed; urgency=low
    Address LP: #565101
 === modified file 'debian/eucalyptus-sc.upstart'
 --- debian/eucalyptus-sc.upstart	2010-02-03 19:01:47 +0000
 +++ debian/eucalyptus-sc.upstart	2010-06-07 14:59:25 +0000
@@ -6,6 +6,14 @@
  start on started eucalyptus
  stop on stopping eucalyptus
++pre-start script
++        # SC needs more loop devices than the
++        # arbitrarily low Ubuntu default of 8
++        for i in $(seq 0 511); do
++                [ -b /dev/loop$i ] || (mknod -m 660 /dev/loop$i b 7 $i && chown root:disk /dev/loop$i)
++        done
++end script
++
  post-start script
  	timeout=60
  	while [ $timeout -gt 0 ]; do
 === modified file 'node/handlers_kvm.c'
 --- node/handlers_kvm.c	2010-04-28 08:43:38 +0000
 +++ node/handlers_kvm.c	2010-06-07 14:59:25 +0000
@@ -305,14 +305,13 @@
  			char **consoleOutput) {
    char *console_output;
    char console_file[1024];
--  int rc, fd, readsize;
++  int rc, fd;
    struct stat statbuf;
    *consoleOutput = NULL;
--  readsize = 64 * 1024;
    // for KVM, read the console output from a file, encode it, and return
--  console_output = malloc(readsize);
++  console_output = malloc(64 * 1024);
    if (console_output == NULL) {
      return(1);
+   }
@@ -333,18 +332,8 @@
      return(1);
+   }
--  rc = lseek(fd, (off_t)(-1 * readsize), SEEK_END);
--  if (rc < 0) {
--    rc = lseek(fd, (off_t)0, SEEK_SET);
--    if (rc < 0) {
--      logprintfl(EUCAERROR, "cannot seek to beginning of file\n");
--      if (console_output) free(console_output);
--      return(1);
--    }
--  }
--
--  bzero(console_output, readsize);
--  rc = read(fd, console_output, (readsize)-1);
++  bzero(console_output, 64*1024);
++  rc = read(fd, console_output, (64*1024)-1);
    close(fd);
    *consoleOutput = base64_enc((unsigned char *)console_output, strlen(console_output));

Ubuntueucalyptus package