Cloudstack doesn't validate the checksum of a template/Iso if registered via direct download #9841
Description
ISSUE TYPE
BUG
COMPONENT NAME
Component: Bug
CLOUDSTACK VERSION
Cloudstack version 4.19.1
SUMMARY
Cloudstack doesn't validate the checksum if a template/Iso is registered via direct download
Steps to reproduce the issue
- Execute the register a Iso api call , provide the checksum value
(CMK) register iso name=tinycore displaytext=tinycore url="http://10.0.35.225:9000/TinyCore-8.0.iso" checksum=f7fee34a73a7f8e3adb30778c7c32c51 ostypeid=b145ada2-3353-4b50-ac6f-0578c017be78 zoneid=d6d8ffab-fafc-4e6a-b073-2b00c085c776
Logs
2024-10-23 09:04:41,950 DEBUG [utils.imagestore.ImageStoreUtil] (pool-1-thread-11:null) File at path /mnt/SecStorage/6a754ba7-5d09-3f5e-b9e8-1f828d742e9c/template/tmpl/2/218/dnld9161128539983478731tmp_ looks like an iso : ISO 9660 CD-ROM filesystem data (DOS/MBR boot sector) 'TinyCore' (bootable)
2024-10-23 09:04:41,951 DEBUG [storage.template.HttpTemplateDownloader] (pool-1-thread-11:null) Verified format of downloading file /mnt/SecStorage/6a754ba7-5d09-3f5e-b9e8-1f828d742e9c/template/tmpl/2/218/dnld9161128539983478731tmp_ is supported
2024-10-23 09:04:42,068 INFO [storage.template.DownloadManagerImpl] (pool-1-thread-11:null) Download Completion for jobId: 097ce48b-4821-43b4-8b4e-c78c838a9f5b, status=DOWNLOAD_FINISHED
2024-10-23 09:04:42,069 INFO [storage.template.DownloadManagerImpl] (pool-1-thread-11:null) local: /mnt/SecStorage/6a754ba7-5d09-3f5e-b9e8-1f828d742e9c/template/tmpl/2/218/dnld9161128539983478731tmp_, bytes=(16.00 MB) 16777216, error=Downloaded (16.00 MB) 16777216 bytes (download complete remote=(16.00 MB) 16777216 bytes), pct=100
2024-10-23 09:04:42,193 DEBUG [storage.template.DownloadManagerImpl] (pool-1-thread-11:null) computed checksum: {MD5}f7fee34a73a7f8e3adb30778c7c32c51
2024-10-23 09:04:42,197 DEBUG [storage.template.DownloadManagerImpl] (pool-1-thread-11:null) Executing command [/usr/local/cloud/systemvm/scripts/storage/secondary/createtmplt.sh -s 2 -S 53687091200 -d tinycore -h -n 218-2-272b7047-d373-3e4c-a301-74d769100ce8.iso -t /mnt/SecStorage/6a754ba7-5d09-3f5e-b9e8-1f828d742e9c/template/tmpl/2/218 -f /mnt/SecStorage/6a754ba7-5d09-3f5e-b9e8-1f828d742e9c/template/tmpl/2/218/dnld9161128539983478731tmp_ -u ].
- Execute the register a template/ Iso api call , with direct download provide the checksum value
For example
(localcloud) 🐱 > register template directdownload=true name=t1 displaytext=t1 url=http://10.0.3.122/dummytemplates/kvm.qcow2 checksum=5789e2a5cabb3007171a45a06e86936h zoneid=1989a7ce-edf0-449e-80ba-8d3c98b8f289 ostypeid=f40fd984-8ba5-11ef-9b2d-1e00ea00035f format=qcow2 hypervisor=kvm
logs of iso and template
2024-10-23 09:10:03,712 DEBUG [cloud.agent.Agent] (agentRequest-Handler-2:null) (logid:7455f151) Request:Seq 1-7743376609310156844: { Cmd , MgmtId: 32989375365991, via: 1, Ver: v1, Flags: 100011, [{"org.apache.cloudstack.agent.directdownload.CheckUrlCommand":{"format":"iso","url":"http://10.0.35.225:9000/TinyCore-8.0.iso","connectTimeout":"5000","connectionRequestTimeout":"5000","socketTimeout":"5000","followRedirects":"false","wait":"0","bypassHostMaintenance":"false"}}] }
2024-10-23 09:10:03,712 DEBUG [cloud.agent.Agent] (agentRequest-Handler-2:null) (logid:7455f151) Processing command: org.apache.cloudstack.agent.directdownload.CheckUrlCommand
2024-10-23 09:10:03,712 INFO [resource.wrapper.LibvirtCheckUrlCommand] (agentRequest-Handler-2:null) (logid:7455f151) Checking URL: http://10.0.35.225:9000/TinyCore-8.0.iso, with connect timeout: 5000, connect request timeout: 5000, socket timeout: 5000
2024-10-23 09:10:03,716 DEBUG [cloud.agent.Agent] (agentRequest-Handler-2:null) (logid:7455f151) Seq 1-7743376609310156844: { Ans: , MgmtId: 32989375365991, via: 1, Ver: v1, Flags: 10, [{"org.apache.cloudstack.agent.directdownload.CheckUrlAnswer":{"templateSize":"(16.00 MB) 16777216","result":"true","wait":"0","bypassHostMaintenance":"false"}}] }
a919df3-1bd9-34d6-b112-df45fd58b60a Capacity: (1.9990 TB) 2197949513728 Used: (1.2991 TB) 1428330381312 Available: (716.76 GB) 769619132416
2024-10-23 09:23:43,266 DEBUG [cloud.agent.Agent] (agentRequest-Handler-3:null) (logid:6b4f50d2) Request:Seq 2-1214283049529792489: { Cmd , MgmtId: 32989375365991, via: 2, Ver: v1, Flags: 100011, [{"org.apache.cloudstack.agent.directdownload.CheckUrlCommand":{"format":"QCOW2","url":"http://10.0.35.225:9000/ubuntu-22.04.qcow2","connectTimeout":"5000","connectionRequestTimeout":"5000","socketTimeout":"5000","followRedirects":"false","wait":"0","bypassHostMaintenance":"false"}}] }
2024-10-23 09:23:43,266 DEBUG [cloud.agent.Agent] (agentRequest-Handler-3:null) (logid:6b4f50d2) Processing command: org.apache.cloudstack.agent.directdownload.CheckUrlCommand
2024-10-23 09:23:43,266 INFO [resource.wrapper.LibvirtCheckUrlCommand] (agentRequest-Handler-3:null) (logid:6b4f50d2) Checking URL: http://10.0.35.225:9000/ubuntu-22.04.qcow2, with connect timeout: 5000, connect request timeout: 5000, socket timeout: 5000
2024-10-23 09:23:43,272 DEBUG [cloud.agent.Agent] (agentRequest-Handler-3:null) (logid:6b4f50d2) Seq 2-1214283049529792489: { Ans: , MgmtId: 32989375365991, via: 2, Ver: v1, Flags: 10, [{"org.apache.cloudstack.agent.directdownload.CheckUrlAnswer":{"templateSize":"(8.00 GB) 8589934592","result":"true","wait":"0","bypassHostMaintenance":"false"}}]
Expected Behaviour
Cloudstack should validate the checksum for directdownload based template and iso
Actual Behaviour
Cloudstack is not validating the checksum when checksum is provided for directdownload template and iso