Skip to content

Commit 6059724

Browse files
authored
Hide CloudStack version from XML response when unauthenticated (#10575)
1 parent 54b44cc commit 6059724

File tree

2 files changed

+19
-4
lines changed

2 files changed

+19
-4
lines changed

server/src/main/java/com/cloud/api/response/ApiResponseSerializer.java

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
import com.cloud.api.ApiResponseGsonHelper;
2121
import com.cloud.api.ApiServer;
2222
import com.cloud.serializer.Param;
23+
import com.cloud.server.ManagementServerImpl;
2324
import com.cloud.user.Account;
2425
import com.cloud.utils.HttpUtils;
2526
import com.cloud.utils.encoding.URLEncoder;
@@ -171,9 +172,18 @@ private static String toXMLSerializedString(ResponseObject result, StringBuilder
171172
if (result != null && log != null) {
172173
StringBuilder sb = new StringBuilder();
173174
sb.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
174-
sb.append("<").append(result.getResponseName()).append(" cloud-stack-version=\"").append(ApiDBUtils.getVersion()).append("\">");
175175
log.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
176-
log.append("<").append(result.getResponseName()).append(" cloud-stack-version=\"").append(ApiDBUtils.getVersion()).append("\">");
176+
177+
sb.append("<").append(result.getResponseName());
178+
log.append("<").append(result.getResponseName());
179+
180+
boolean authenticated = CallContext.current().getCallingAccount().getId() != Account.ACCOUNT_ID_SYSTEM;
181+
if (ManagementServerImpl.exposeCloudStackVersionInApiXmlResponse.value() && authenticated) {
182+
sb.append(" cloud-stack-version=\"").append(ApiDBUtils.getVersion()).append("\"");
183+
log.append(" cloud-stack-version=\"").append(ApiDBUtils.getVersion()).append("\"");
184+
}
185+
sb.append(">");
186+
log.append(">");
177187

178188
if (result instanceof ListResponse) {
179189
Integer count = ((ListResponse)result).getCount();

server/src/main/java/com/cloud/server/ManagementServerImpl.java

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -870,6 +870,9 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
870870
static final ConfigKey<Integer> sshKeyLength = new ConfigKey<>("Advanced", Integer.class, "ssh.key.length", "2048", "Specifies custom SSH key length (bit)", true, ConfigKey.Scope.Global);
871871
static final ConfigKey<Boolean> humanReadableSizes = new ConfigKey<>("Advanced", Boolean.class, "display.human.readable.sizes", "true", "Enables outputting human readable byte sizes to logs and usage records.", false, ConfigKey.Scope.Global);
872872
public static final ConfigKey<String> customCsIdentifier = new ConfigKey<>("Advanced", String.class, "custom.cs.identifier", UUID.randomUUID().toString().split("-")[0].substring(4), "Custom identifier for the cloudstack installation", true, ConfigKey.Scope.Global);
873+
public static final ConfigKey<Boolean> exposeCloudStackVersionInApiXmlResponse = new ConfigKey<Boolean>("Advanced", Boolean.class, "expose.cloudstack.version.api.xml.response", "true", "Indicates whether ACS version should appear in the root element of an API XML response.", true, ConfigKey.Scope.Global);
874+
public static final ConfigKey<Boolean> exposeCloudStackVersionInApiListCapabilities = new ConfigKey<Boolean>("Advanced", Boolean.class, "expose.cloudstack.version.api.list.capabilities", "true", "Indicates whether ACS version should show in the listCapabilities API.", true, ConfigKey.Scope.Global);
875+
873876
private static final VirtualMachine.Type []systemVmTypes = { VirtualMachine.Type.SecondaryStorageVm, VirtualMachine.Type.ConsoleProxy};
874877
private static final List<HypervisorType> LIVE_MIGRATION_SUPPORTING_HYPERVISORS = List.of(HypervisorType.Hyperv, HypervisorType.KVM,
875878
HypervisorType.LXC, HypervisorType.Ovm, HypervisorType.Ovm3, HypervisorType.Simulator, HypervisorType.VMware, HypervisorType.XenServer);
@@ -4227,7 +4230,7 @@ public String getConfigComponentName() {
42274230

42284231
@Override
42294232
public ConfigKey<?>[] getConfigKeys() {
4230-
return new ConfigKey<?>[] {vmPasswordLength, sshKeyLength, humanReadableSizes, customCsIdentifier};
4233+
return new ConfigKey<?>[] {exposeCloudStackVersionInApiXmlResponse, exposeCloudStackVersionInApiListCapabilities, vmPasswordLength, sshKeyLength, humanReadableSizes, customCsIdentifier};
42314234
}
42324235

42334236
protected class EventPurgeTask extends ManagedContextRunnable {
@@ -4665,10 +4668,12 @@ public Map<String, Object> listCapabilities(final ListCapabilitiesCmd cmd) {
46654668

46664669
final Integer fsVmMinCpu = Integer.parseInt(_configDao.getValue("sharedfsvm.min.cpu.count"));
46674670
final Integer fsVmMinRam = Integer.parseInt(_configDao.getValue("sharedfsvm.min.ram.size"));
4671+
if (exposeCloudStackVersionInApiListCapabilities.value()) {
4672+
capabilities.put("cloudStackVersion", getVersion());
4673+
}
46684674

46694675
capabilities.put("securityGroupsEnabled", securityGroupsEnabled);
46704676
capabilities.put("userPublicTemplateEnabled", userPublicTemplateEnabled);
4671-
capabilities.put("cloudStackVersion", getVersion());
46724677
capabilities.put("supportELB", supportELB);
46734678
capabilities.put("projectInviteRequired", _projectMgr.projectInviteRequired());
46744679
capabilities.put("allowusercreateprojects", _projectMgr.allowUserToCreateProject());

0 commit comments

Comments
 (0)