Add enum LoadBalancerConfig.SSLConfiguration

apache · Jul 20, 2020 · 1447ac4 · 1447ac4
1 parent b6b53a7
commit 1447ac4
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 4 deletions.
diff --git a/api/src/main/java/com/cloud/network/rules/LoadBalancerConfig.java b/api/src/main/java/com/cloud/network/rules/LoadBalancerConfig.java
@@ -16,13 +16,47 @@
 // under the License.
 package com.cloud.network.rules;
 
+import java.util.ArrayList;
 import java.util.Date;
+import java.util.List;
 
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
 
 public interface LoadBalancerConfig extends Identity, InternalIdentity {
 
+    public enum SSLConfiguration {
+        NONE("none"), OLD("old"), INTERMEDIATE("intermediate");
+
+        String _config;
+
+        SSLConfiguration(String config) {
+            _config = config;
+        }
+
+        @Override
+        public String toString() {
+            return _config;
+        }
+
+        public static boolean validate(String value) {
+            for (SSLConfiguration config : SSLConfiguration.values()) {
+                if (config.toString().equals(value)) {
+                    return true;
+                }
+            }
+            return false;
+        }
+
+        public static List<String> getValues() {
+            ArrayList values = new ArrayList<String>();
+            for (SSLConfiguration config : SSLConfiguration.values()) {
+                values.add(config.toString());
+            }
+            return values;
+        }
+    }
+
     public enum Scope {
         Network, Vpc, LoadBalancerRule;
     }

diff --git a/api/src/main/java/org/apache/cloudstack/network/lb/LoadBalancerConfigKey.java b/api/src/main/java/org/apache/cloudstack/network/lb/LoadBalancerConfigKey.java
@@ -20,6 +20,7 @@
 import java.util.LinkedHashMap;
 import java.util.Map;
 
+import com.cloud.network.rules.LoadBalancerConfig.SSLConfiguration;
 import com.cloud.network.rules.LoadBalancerConfig.Scope;
 import com.cloud.utils.Pair;
 
@@ -201,8 +202,8 @@ public static Pair<LoadBalancerConfigKey, String> validate(Scope scope, String k
         }
 
         if (LbSslConfiguration.key().equals(key)) {
-            if (! "none".equalsIgnoreCase(value) && ! "old".equalsIgnoreCase(value) && ! "intermediate".equalsIgnoreCase(value)) {
-                return new Pair<>(null, "Please enter either 'none', 'old' or 'intermediate' for parameter " + key);
+            if (value == null || ! SSLConfiguration.validate(value.toLowerCase())) {
+                return new Pair<>(null, "Please enter valid value in " + String.join(",", SSLConfiguration.getValues()) + " for parameter " + key);
             }
         }
 

diff --git a/core/src/main/java/com/cloud/network/HAProxyConfigurator.java b/core/src/main/java/com/cloud/network/HAProxyConfigurator.java
@@ -38,6 +38,7 @@
 import com.cloud.agent.api.to.LoadBalancerTO.StickinessPolicyTO;
 import com.cloud.agent.api.to.PortForwardingRuleTO;
 import com.cloud.agent.resource.virtualnetwork.model.LoadBalancerRule.SslCertEntry;
+import com.cloud.network.rules.LoadBalancerConfig.SSLConfiguration;
 import com.cloud.network.lb.LoadBalancingRule.LbSslCert;
 import com.cloud.network.rules.LbStickinessMethod.StickinessMethodType;
 import com.cloud.utils.Pair;
@@ -488,9 +489,9 @@ private String getCustomizedSslConfigs(HashMap<String, String> lbConfigsMap, fin
         if (lbSslConfiguration == null) {
             lbSslConfiguration = lbCmd.lbSslConfiguration;
         }
-        if ("old".equalsIgnoreCase(lbSslConfiguration)) {
+        if (SSLConfiguration.OLD.toString().equalsIgnoreCase(lbSslConfiguration)) {
             return sslConfigurationOld;
-        } else if ("intermediate".equalsIgnoreCase(lbSslConfiguration)) {
+        } else if (SSLConfiguration.INTERMEDIATE.toString().equalsIgnoreCase(lbSslConfiguration)) {
             return sslConfigurationIntermediate;
         }
         return "";

diff --git a/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -181,6 +181,8 @@
 import com.cloud.network.dao.PhysicalNetworkTrafficTypeDao;
 import com.cloud.network.dao.PhysicalNetworkTrafficTypeVO;
 import com.cloud.network.dao.PhysicalNetworkVO;
+import com.cloud.network.lb.LoadBalancerConfigManager;
+import com.cloud.network.rules.LoadBalancerConfig.SSLConfiguration;
 import com.cloud.network.rules.LoadBalancerContainer.Scheme;
 import com.cloud.network.vpc.VpcManager;
 import com.cloud.offering.DiskOffering;
@@ -862,6 +864,14 @@ private String validateConfigurationValue(final String name, String value, final
             return errMsg;
         }
 
+        if (LoadBalancerConfigManager.DefaultLbSSLConfiguration.key().equalsIgnoreCase(name)) {
+            if (org.apache.commons.lang3.StringUtils.isBlank(value) || ! SSLConfiguration.validate(value.toLowerCase())) {
+                final String msg = "Please enter valid value in " + String.join(",", SSLConfiguration.getValues());
+                s_logger.error(msg);
+                throw new InvalidParameterValueException(msg);
+            }
+        }
+
         if (value == null) {
             if (type.equals(Boolean.class)) {
                 return "Please enter either 'true' or 'false'.";