Skip to content

Commit

Permalink
Add password in save of KeyStoreWrapper and do some changes to reload…
Browse files Browse the repository at this point in the history
… plugin
  • Loading branch information
mcasas993 committed Oct 15, 2024
1 parent 65f6f9d commit f69c68d
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ public void reload(Settings settings) {
// secure settings should be readable
final CommandManagerSettings commandManagerSettings = CommandManagerSettings.getClientSettings(settings);
//I don't know what I have to do when we want to reload the settings already
//ec2Service.refreshAndClearCache(commandManagerSettings);
//xxxService.refreshAndClearCache(commandManagerSettings);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,5 +39,10 @@ public static CommandManagerSettingsException keystoreNotExist(String keystorePa
public static CommandManagerSettingsException keystoreEmpty(String keystorePath) {
return new CommandManagerSettingsException("The keystore is empty at the path: " + keystorePath);
}

// Exception for the case when reload plugin with the keystore failed
public static CommandManagerSettingsException reloadPluginFailed(String pluginName) {
return new CommandManagerSettingsException("Reload failed for plugin: " + pluginName);
}
}

Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,16 @@
*/
package com.wazuh.commandmanager.settings;

import com.wazuh.commandmanager.CommandManagerPlugin;
import com.wazuh.commandmanager.CommandManagerSettingsException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.core.Logger;
import org.opensearch.common.settings.KeyStoreWrapper;
import org.opensearch.common.settings.SecureSettings;
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.settings.SecureString;
import org.opensearch.env.Environment;

import java.io.IOException;
import java.security.GeneralSecurityException;

public class PluginSettings {
Expand Down Expand Up @@ -57,18 +58,20 @@ public SecureSettings loadSecureSettings(SecureString secureSettingsPassword) th

//Create keystore file if it doesn't exist
this.keyStoreWrapper = KeyStoreWrapper.create();
this.keyStoreWrapper.save( this.environment.configFile(), new char[0]);

this.keyStoreWrapper.save( this.environment.configFile(), secureSettingsPassword.getChars());
} else {
// Decrypt the keystore using the password from the request
this.keyStoreWrapper.decrypt(secureSettingsPassword.getChars());
//Here TransportNodesReloadSecureSettingsAction reload the plugins, but our PLugin isn't ReloadablePlugin
// final Settings settingsWithKeystore = Settings.builder().setSecureSettings(keyStoreWrapper).build();
final Settings settingsWithKeystore = Settings.builder().setSecureSettings(keyStoreWrapper).build();
CommandManagerPlugin commandManagerPlugin = new CommandManagerPlugin();
try {
commandManagerPlugin.reload(settingsWithKeystore);
}catch (final Exception e) {
logger.warn(CommandManagerSettingsException.reloadPluginFailed(commandManagerPlugin.getClass().getSimpleName()));
}
}
} catch (IOException e) {
} catch (Exception e) {
throw new CommandManagerSettingsException(e);
} catch (Exception e) {
throw new RuntimeException(e);
} finally {
secureSettingsPassword.close();
}
Expand Down

0 comments on commit f69c68d

Please sign in to comment.