<fix>[utils]: zmigrate imagestore

taogan21 · taogan21 · commit 697189dbfd67 · 2026-03-12T17:13:10.000+08:00
Resolves: ZSV-11449

Change-Id: I616767657867766b7170767463756e7777626574
diff --git a/header/src/main/java/org/zstack/header/storage/backup/SoftwareUpgradePackageDeployMsg.java b/header/src/main/java/org/zstack/header/storage/backup/SoftwareUpgradePackageDeployMsg.java
@@ -14,6 +14,7 @@ public class SoftwareUpgradePackageDeployMsg extends NeedReplyMessage implements
     private String targetHostSshPassword;
     private String targetHostIp;
     private String upgradeScriptPath;
+    private String softwareType;
 
     @Override
     public String getBackupStorageUuid() {
@@ -87,4 +88,12 @@ public String getUpgradeScriptPath() {
     public void setUpgradeScriptPath(String upgradeScriptPath) {
         this.upgradeScriptPath = upgradeScriptPath;
     }
+
+    public String getSoftwareType() {
+        return softwareType;
+    }
+
+    public void setSoftwareType(String softwareType) {
+        this.softwareType = softwareType;
+    }
 }
diff --git a/plugin/ceph/src/main/java/org/zstack/storage/ceph/backup/CephBackupStorageBase.java b/plugin/ceph/src/main/java/org/zstack/storage/ceph/backup/CephBackupStorageBase.java
@@ -92,13 +92,6 @@ void unlock() {
 
     ReconnectMonLock reconnectMonLock = new ReconnectMonLock();
 
-    private static final Set<String> ALLOWED_URL_SCHEMES = Collections.unmodifiableSet(
-            new HashSet<>(Arrays.asList("http", "https", "ftp", "sftp")));
-
-    // SSH username: only alphanumeric, dots, hyphens, underscores, optional trailing $
-    private static final java.util.regex.Pattern SSH_USERNAME_PATTERN =
-            java.util.regex.Pattern.compile("^[a-zA-Z0-9._-]+\\$?$");
-
     @Autowired
     protected RESTFacade restf;
     @Autowired
@@ -753,6 +746,7 @@ public static class SoftwareUpgradePackageCmd extends AgentCommand implements Ha
         public String upgradePackagePath;
         public String upgradePackageTargetPath;
         public String upgradeScriptPath;
+        public String softwareType;
         public int targetHostSshPort;
         public String targetHostSshUsername;
         @NoLogging
@@ -2207,27 +2201,13 @@ public void success(UploadFileResponse rsp) {
         cmd.taskUuid = msg.getTaskUuid();
         cmd.sendCommandUrl = restf.getSendCommandUrl();
 
-        String scheme;
-        try {
-            URI uri = new URI(msg.getUrl());
-            scheme = uri.getScheme();
-        } catch (URISyntaxException e) {
-            reply.setError(operr("failed to parse upload URL [%s]: %s", msg.getUrl(), e.getMessage()));
-            bus.reply(msg, reply);
-            return;
-        }
-        if (scheme == null || scheme.isEmpty()) {
-            reply.setError(operr("upload URL [%s] is missing a protocol prefix", msg.getUrl()));
-            bus.reply(msg, reply);
-            return;
-        }
-        if (!ALLOWED_URL_SCHEMES.contains(scheme.toLowerCase())) {
-            reply.setError(operr("upload URL [%s] uses unsupported protocol [%s], only %s are allowed",
-                    msg.getUrl(), scheme, ALLOWED_URL_SCHEMES));
+        String[] urlResult = RemotePathValidator.validateAndExtractUrlScheme(msg.getUrl());
+        if (urlResult[0] != null) {
+            reply.setError(operr(urlResult[0]));
             bus.reply(msg, reply);
             return;
         }
-        cmd.urlScheme = scheme;
+        cmd.urlScheme = urlResult[1];
 
         httpCall(FILE_DOWNLOAD_PATH, cmd, DownloadFileResponse.class, new ReturnValueCompletion<DownloadFileResponse>(msg) {
             @Override
@@ -2303,13 +2283,11 @@ protected void handle(final DeleteFilesOnBackupStorageHostMsg msg) {
         }
 
         // Validate each file path to prevent path traversal and injection attacks.
-        for (String filePath : msg.getFilePaths()) {
-            String pathErr = RemotePathValidator.validateRemotePath(filePath, "filePath");
-            if (pathErr != null) {
-                reply.setError(operr(pathErr));
-                bus.reply(msg, reply);
-                return;
-            }
+        String filePathErr = RemotePathValidator.validateFilePaths(msg.getFilePaths());
+        if (filePathErr != null) {
+            reply.setError(operr(filePathErr));
+            bus.reply(msg, reply);
+            return;
         }
 
         CephBackupStorageMonVO mon;
@@ -2414,9 +2392,9 @@ protected void handle(SoftwareUpgradePackageDeployMsg msg) {
             return;
         }
 
-        if (msg.getTargetHostSshUsername() == null || !SSH_USERNAME_PATTERN.matcher(msg.getTargetHostSshUsername()).matches()) {
-            reply.setError(operr("targetHostSshUsername [%s] is invalid, only alphanumeric characters, dots, hyphens, underscores and trailing dollar sign are allowed",
-                    msg.getTargetHostSshUsername()));
+        String usernameErr = RemotePathValidator.validateSshUsername(msg.getTargetHostSshUsername());
+        if (usernameErr != null) {
+            reply.setError(operr(usernameErr));
             bus.reply(msg, reply);
             return;
         }
@@ -2457,6 +2435,7 @@ protected void handle(SoftwareUpgradePackageDeployMsg msg) {
         SoftwareUpgradePackageCmd cmd = new SoftwareUpgradePackageCmd();
         cmd.upgradePackagePath = msg.getUpgradePackagePath();
         cmd.upgradePackageTargetPath = msg.getUpgradePackageTargetPath();
+        cmd.softwareType = msg.getSoftwareType();
         cmd.upgradeScriptPath = msg.getUpgradeScriptPath();
         cmd.targetHostSshPort = msg.getTargetHostSshPort();
         cmd.targetHostSshUsername = msg.getTargetHostSshUsername();
diff --git a/utils/src/main/java/org/zstack/utils/path/RemotePathValidator.java b/utils/src/main/java/org/zstack/utils/path/RemotePathValidator.java
@@ -1,6 +1,9 @@
 package org.zstack.utils.path;
 
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.*;
+import java.util.Locale;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -16,6 +19,13 @@ public class RemotePathValidator {
                     "/", "/bin", "/boot", "/dev", "/etc", "/lib", "/lib64",
                     "/proc", "/run", "/sbin", "/srv", "/sys", "/usr", "/var")));
 
+    public static final Set<String> ALLOWED_URL_SCHEMES = Collections.unmodifiableSet(
+            new HashSet<>(Arrays.asList("http", "https", "ftp", "sftp")));
+
+    // SSH username: only alphanumeric, dots, hyphens, underscores, optional trailing $
+    private static final Pattern SSH_USERNAME_PATTERN =
+            Pattern.compile("^[a-zA-Z0-9._-]+\\$?$");
+
     /**
      * Validate a remote path to be sent to an agent.
      * Returns null if valid, or an error message if invalid.
@@ -53,4 +63,60 @@ public static String validateRemotePath(String path, String paramName) {
         }
         return null;
     }
+
+    /**
+     * Validate a URL scheme against the allowed list and return the lowercase scheme.
+     * Returns a two-element array: [0] = error message (null if valid), [1] = scheme (null if invalid).
+     * Parses the URI only once, combining validation and extraction.
+     */
+    public static String[] validateAndExtractUrlScheme(String url) {
+        if (url == null || url.isEmpty()) {
+            return new String[]{"URL cannot be null or empty", null};
+        }
+        URI uri;
+        try {
+            uri = new URI(url);
+        } catch (URISyntaxException e) {
+            return new String[]{String.format("failed to parse URL [%s]: %s", url, e.getMessage()), null};
+        }
+        String scheme = uri.getScheme();
+        if (scheme == null || scheme.isEmpty()) {
+            return new String[]{String.format("URL [%s] is missing a protocol prefix", url), null};
+        }
+        String lowerScheme = scheme.toLowerCase(Locale.ROOT);
+        if (!ALLOWED_URL_SCHEMES.contains(lowerScheme)) {
+            return new String[]{String.format("URL [%s] uses unsupported protocol [%s], only %s are allowed",
+                    url, scheme, ALLOWED_URL_SCHEMES), null};
+        }
+        return new String[]{null, lowerScheme};
+    }
+
+    /**
+     * Validate an SSH username.
+     * Returns null if valid, or an error message if invalid.
+     */
+    public static String validateSshUsername(String username) {
+        if (username == null || !SSH_USERNAME_PATTERN.matcher(username).matches()) {
+            return String.format("SSH username [%s] is invalid, only alphanumeric characters, dots, hyphens, underscores and trailing dollar sign are allowed",
+                    username);
+        }
+        return null;
+    }
+
+    /**
+     * Validate a list of remote file paths.
+     * Returns null if all valid, or the first error message encountered.
+     */
+    public static String validateFilePaths(List<String> filePaths) {
+        if (filePaths == null || filePaths.isEmpty()) {
+            return null;
+        }
+        for (String filePath : filePaths) {
+            String err = validateRemotePath(filePath, "filePath");
+            if (err != null) {
+                return err;
+            }
+        }
+        return null;
+    }
 }
