Improve certificate name validation and some code/log improvements

Author: sureshanaparti

plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixGetVmIpAddressCommandWrapper.java

@@ -63,20 +63,18 @@ public Answer execute(final GetVmIpAddressCommand command, final CitrixResourceB
             }
 
             if (vmIp != null) {
-                s_logger.debug("VM " +vmName + " ip address got retrieved "+vmIp);
+                s_logger.debug("VM " + vmName + " IP address got retrieved " + vmIp);
                 result = true;
                 return new Answer(command, result, vmIp);
             }
-
-        }catch (Types.XenAPIException e) {
-            s_logger.debug("Got exception in GetVmIpAddressCommand "+ e.getMessage());
-            errorMsg = "Failed to retrived vm ip addr, exception: "+e.getMessage();
-        }catch (XmlRpcException e) {
-            s_logger.debug("Got exception in GetVmIpAddressCommand "+ e.getMessage());
-            errorMsg = "Failed to retrived vm ip addr, exception: "+e.getMessage();
+        } catch (Types.XenAPIException e) {
+            s_logger.debug("Got exception in GetVmIpAddressCommand " + e.getMessage());
+            errorMsg = "Failed to retrieve vm ip addr, exception: " + e.getMessage();
+        } catch (XmlRpcException e) {
+            s_logger.debug("Got exception in GetVmIpAddressCommand " + e.getMessage());
+            errorMsg = "Failed to retrieve vm ip addr, exception: " + e.getMessage();
         }
 
         return new Answer(command, result, errorMsg);
-
     }
 }

server/src/main/java/com/cloud/vm/UserVmManagerImpl.java

@@ -751,8 +751,6 @@ public void decrementCount() {
     }
 
     private class VmIpAddrFetchThread extends ManagedContextRunnable {
-
-
         long nicId;
         long vmId;
         String vmName;
@@ -775,7 +773,7 @@ protected void runInContext() {
             boolean decrementCount = true;
 
             try {
-                s_logger.debug("Trying for vm "+ vmId +" nic Id "+nicId +" ip retrieval ...");
+                s_logger.debug(String.format("Trying IP retrieval for VM %s (%d), nic Id %d", vmName, vmId, nicId));
                 Answer answer = _agentMgr.send(hostId, cmd);
                 NicVO nic = _nicDao.findById(nicId);
                 if (answer.getResult()) {
@@ -786,12 +784,12 @@ protected void runInContext() {
                         if (nic != null) {
                             nic.setIPv4Address(vmIp);
                             _nicDao.update(nicId, nic);
-                            s_logger.debug("Vm "+ vmId +" IP "+vmIp +" got retrieved successfully");
+                            s_logger.debug(String.format("VM %s (%d) - IP %s retrieved successfully", vmName, vmId, vmIp));
                             vmIdCountMap.remove(nicId);
                             decrementCount = false;
                             ActionEventUtils.onActionEvent(User.UID_SYSTEM, Account.ACCOUNT_ID_SYSTEM,
                                     Domain.ROOT_DOMAIN, EventTypes.EVENT_NETWORK_EXTERNAL_DHCP_VM_IPFETCH,
-                                    "VM " + vmId + " nic id " + nicId + " ip address " + vmIp + " got fetched successfully", vmId, ApiCommandResourceType.VirtualMachine.toString());
+                                    "VM " + vmId + ", nic id " + nicId + ", IP address " + vmIp + " fetched successfully", vmId, ApiCommandResourceType.VirtualMachine.toString());
                         }
                     }
                 } else {
@@ -802,7 +800,7 @@ protected void runInContext() {
                         _nicDao.update(nicId, nic);
                     }
                     if (answer.getDetails() != null) {
-                        s_logger.debug("Failed to get vm ip for Vm "+ vmId + answer.getDetails());
+                        s_logger.debug(String.format("Failed to get IP for VM %s (%d), details: %s", vmName, vmId, answer.getDetails()));
                     }
                 }
             } catch (OperationTimedoutException e) {
@@ -813,7 +811,7 @@ protected void runInContext() {
                 if (decrementCount) {
                     VmAndCountDetails vmAndCount = vmIdCountMap.get(nicId);
                     vmAndCount.decrementCount();
-                    s_logger.debug("Ip is not retrieved for VM " + vmId +" nic "+nicId + " ... decremented count to "+vmAndCount.getRetrievalCount());
+                    s_logger.debug(String.format("IP is not retrieved for VM %s (%d), nic %d ... decremented count to %d", vmName, vmId, nicId, vmAndCount.getRetrievalCount()));
                     vmIdCountMap.put(nicId, vmAndCount);
                 }
             }

server/src/main/java/org/apache/cloudstack/direct/download/DirectDownloadManagerImpl.java

@@ -103,6 +103,7 @@
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.concurrency.NamedThreadFactory;
 import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.net.NetUtils;
 import com.cloud.utils.security.CertificateHelper;
 
 import sun.security.x509.X509CertImpl;
@@ -471,10 +472,18 @@ protected void certificateSanity(String certificatePem) {
     @Override
     public Pair<DirectDownloadCertificate, List<HostCertificateStatus>> uploadCertificateToHosts(
             String certificateCer, String alias, String hypervisor, Long zoneId, Long hostId) {
-        if (alias != null && (alias.equalsIgnoreCase("cloud") || alias.startsWith("cloudca"))) {
+        if (StringUtils.isBlank(alias)) {
+            throw new CloudRuntimeException("Certificate name not provided, please provide a valid name");
+        }
+
+        if (alias.equalsIgnoreCase("cloud") || alias.startsWith("cloudca")) {
             throw new CloudRuntimeException("Please provide a different alias name for the certificate");
         }
 
+        if (!NetUtils.verifyDomainNameLabel(alias, false)) {
+            throw new CloudRuntimeException("The provided certificate name is invalid, please provide a valid name");
+        }
+
         List<HostVO> hosts;
         DirectDownloadCertificateVO certificateVO;
         HypervisorType hypervisorType = HypervisorType.getType(hypervisor);

utils/src/main/java/com/cloud/utils/net/NetUtils.java

@@ -1069,7 +1069,7 @@ public static boolean verifyDomainNameLabel(final String hostName, final boolean
             s_logger.warn("Domain name label may contain only the ASCII letters 'a' through 'z' (in a case-insensitive manner)");
             return false;
         } else if (hostName.startsWith("-") || hostName.endsWith("-")) {
-            s_logger.warn("Domain name label can not start  with a hyphen and digit, and must not end with a hyphen");
+            s_logger.warn("Domain name label can not start or end with a hyphen");
             return false;
         } else if (isHostName && START_HOSTNAME_PATTERN.matcher(hostName).matches()) {
             s_logger.warn("Host name can't start with digit");