From 408cebacc3d8b3e602a098ff9eff27b8fbdfc696 Mon Sep 17 00:00:00 2001 From: Stuart McLaren Date: Mon, 30 Sep 2013 16:34:17 +0000 Subject: [PATCH] Avoid printing URIs which can contain credentials Fix for bug 1233275. Change-Id: I24d8b57418eb678767b33840973a632eb2132c6a --- glance/api/middleware/version_negotiation.py | 2 +- .../versions/015_quote_swift_credentials.py | 7 ++++--- .../versions/017_quote_encrypted_swift_credentials.py | 11 ++++++----- glance/store/__init__.py | 8 ++++---- glance/store/s3.py | 2 +- glance/store/scrubber.py | 8 ++++---- 6 files changed, 20 insertions(+), 18 deletions(-) diff --git a/glance/api/middleware/version_negotiation.py b/glance/api/middleware/version_negotiation.py index c52254524f..b989366f72 100644 --- a/glance/api/middleware/version_negotiation.py +++ b/glance/api/middleware/version_negotiation.py @@ -69,7 +69,7 @@ class VersionNegotiationFilter(wsgi.Middleware): req.environ['api.version'] = version req.path_info = ''.join(('/v', str(version), req.path_info)) LOG.debug(_("Matched version: v%d"), version) - LOG.debug('new uri %s' % req.path_info) + LOG.debug('new path %s' % req.path_info) return None def _match_version_string(self, subject): diff --git a/glance/db/sqlalchemy/migrate_repo/versions/015_quote_swift_credentials.py b/glance/db/sqlalchemy/migrate_repo/versions/015_quote_swift_credentials.py index ebc4045b90..0a58c9e912 100644 --- a/glance/db/sqlalchemy/migrate_repo/versions/015_quote_swift_credentials.py +++ b/glance/db/sqlalchemy/migrate_repo/versions/015_quote_swift_credentials.py @@ -53,13 +53,14 @@ def migrate_location_credentials(migrate_engine, to_quoted): 'swift')).execute()) for image in images: - fixed_uri = legacy_parse_uri(image['location'], to_quoted) + fixed_uri = legacy_parse_uri(image['location'], to_quoted, + image['id']) images_table.update()\ .where(images_table.c.id == image['id'])\ .values(location=fixed_uri).execute() -def legacy_parse_uri(uri, to_quote): +def legacy_parse_uri(uri, to_quote, image_id): """ Parse URLs. This method fixes an issue where credentials specified in the URL are interpreted differently in Python 2.6.1+ than prior @@ -87,7 +88,7 @@ def legacy_parse_uri(uri, to_quote): "like so: " "swift+http://user:pass@authurl.com/v1/container/obj") - LOG.error(_("Invalid store uri %(uri)s: %(reason)s") % locals()) + LOG.error(_("Invalid store uri for image %s: %s") % (image_id, reason)) raise exception.BadStoreUri(message=reason) pieces = urlparse.urlparse(uri) diff --git a/glance/db/sqlalchemy/migrate_repo/versions/017_quote_encrypted_swift_credentials.py b/glance/db/sqlalchemy/migrate_repo/versions/017_quote_encrypted_swift_credentials.py index cffb58d28c..9e3a842c39 100644 --- a/glance/db/sqlalchemy/migrate_repo/versions/017_quote_encrypted_swift_credentials.py +++ b/glance/db/sqlalchemy/migrate_repo/versions/017_quote_encrypted_swift_credentials.py @@ -80,7 +80,8 @@ def migrate_location_credentials(migrate_engine, to_quoted): for image in images: try: - fixed_uri = fix_uri_credentials(image['location'], to_quoted) + fixed_uri = fix_uri_credentials(image['location'], to_quoted, + image['id']) images_table.update()\ .where(images_table.c.id == image['id'])\ .values(location=fixed_uri).execute() @@ -97,7 +98,7 @@ def encrypt_location(uri): return crypt.urlsafe_encrypt(CONF.metadata_encryption_key, uri, 64) -def fix_uri_credentials(uri, to_quoted): +def fix_uri_credentials(uri, to_quoted, image_id): """ Fix the given uri's embedded credentials by round-tripping with StoreLocation. @@ -119,10 +120,10 @@ def fix_uri_credentials(uri, to_quoted): except (TypeError, ValueError) as e: raise exception.Invalid(str(e)) - return legacy_parse_uri(decrypted_uri, to_quoted) + return legacy_parse_uri(decrypted_uri, to_quoted, image_id) -def legacy_parse_uri(uri, to_quote): +def legacy_parse_uri(uri, to_quote, image_id): """ Parse URLs. This method fixes an issue where credentials specified in the URL are interpreted differently in Python 2.6.1+ than prior @@ -150,7 +151,7 @@ def legacy_parse_uri(uri, to_quote): "like so: " "swift+http://user:pass@authurl.com/v1/container/obj") - LOG.error(_("Invalid store uri %(uri)s: %(reason)s") % locals()) + LOG.error(_("Invalid store uri for image %s: %s") % (image_id, reason)) raise exception.BadStoreUri(message=reason) pieces = urlparse.urlparse(uri) diff --git a/glance/store/__init__.py b/glance/store/__init__.py index 3f11a567a2..b16fc5badd 100644 --- a/glance/store/__init__.py +++ b/glance/store/__init__.py @@ -272,14 +272,14 @@ def safe_delete_from_backend(context, uri, image_id, **kwargs): try: return delete_from_backend(context, uri, **kwargs) except exception.NotFound: - msg = _('Failed to delete image in store at URI: %s') - LOG.warn(msg % uri) + msg = _('Failed to delete image %s in store from URI') + LOG.warn(msg % image_id) except exception.StoreDeleteNotSupported as e: LOG.warn(str(e)) except UnsupportedBackend: exc_type = sys.exc_info()[0].__name__ - msg = (_('Failed to delete image at %s from store (%s)') % - (uri, exc_type)) + msg = (_('Failed to delete image %s from store (%s)') % + (image_id, exc_type)) LOG.error(msg) diff --git a/glance/store/s3.py b/glance/store/s3.py index 209794d9d3..08894581eb 100644 --- a/glance/store/s3.py +++ b/glance/store/s3.py @@ -122,7 +122,7 @@ class StoreLocation(glance.store.location.StoreLocation): "s3+https:// scheme, like so: " "s3+https://accesskey:secretkey@" "s3.amazonaws.com/bucket/key-id") - LOG.debug(_("Invalid store uri %(uri)s: %(reason)s") % locals()) + LOG.debug(_("Invalid store uri: %s") % reason) raise exception.BadStoreUri(message=reason) pieces = urlparse.urlparse(uri) diff --git a/glance/store/scrubber.py b/glance/store/scrubber.py index afc4009b89..33caab46f4 100644 --- a/glance/store/scrubber.py +++ b/glance/store/scrubber.py @@ -442,8 +442,8 @@ class Scrubber(object): uri = crypt.urlsafe_decrypt(CONF.metadata_encryption_key, uri) try: - LOG.debug(_("Deleting %(uri)s from image %(image_id)s.") % - {'image_id': image_id, 'uri': uri}) + LOG.debug(_("Deleting URI from image %(image_id)s.") % + {'image_id': image_id}) # Here we create a request context with credentials to support # delayed delete when using multi-tenant backend storage @@ -455,8 +455,8 @@ class Scrubber(object): self.store_api.delete_from_backend(admin_context, uri) except Exception: - msg = _("Failed to delete image %(image_id)s from %(uri)s.") - LOG.error(msg % {'image_id': image_id, 'uri': uri}) + msg = _("Failed to delete URI from image %(image_id)s") + LOG.error(msg % {'image_id': image_id}) def _read_cleanup_file(self, file_path): """Reading cleanup to get latest cleanup timestamp.