auth_encryption_key is being checked to be 16, 24, or 32

If auth_encryption_key length is not 16 or 24 or 32 in that case heat operations such as stack-creates fails. This check has been added. Change-Id: Ic653d18dbb7523ca5286ae0951eb86ad72cbdb13 Closes-bug: #1415887
2015-03-30 10:32:44 +05:30 · 2015-03-30 10:32:44 +05:30 · 1dbb189270
parent 04546ca8c9
commit 1dbb189270
3 changed files with 25 additions and 2 deletions
--- a/heat/common/config.py
+++ b/heat/common/config.py
@ -315,6 +315,10 @@ def startup_sanity_check():
                                    '"stack_user_domain_name" without '
                                    '"stack_domain_admin" and '
                                    '"stack_domain_admin_password"'))
+    auth_key_len = len(cfg.CONF.auth_encryption_key)
+    if auth_key_len not in [16, 24, 32]:
+        raise exception.Error(_('heat.conf misconfigured, auth_encryption_key '
+                                'length must be 16, 24 or 32'))


 def list_opts():
--- a/heat/common/crypt.py
+++ b/heat/common/crypt.py
@ -16,13 +16,16 @@ import base64
 from Crypto.Cipher import AES
 from oslo_config import cfg

+from heat.common.i18n import _
 from heat.openstack.common.crypto import utils


 auth_opts = [
    cfg.StrOpt('auth_encryption_key',
-               default='notgood but just long enough i think',
-               help="Encryption key used for authentication info in database.")
+               default='notgood but just long enough i t',
+               help=_('Encryption key used for authentication '
+                      'info in database. Length of this key '
+                      'must be 16, 24 or 32'))
 ]

 cfg.CONF.register_opts(auth_opts)
--- a/heat/tests/test_heatclient.py
+++ b/heat/tests/test_heatclient.py
@ -1583,3 +1583,19 @@ class KeystoneClientTestDomainName(KeystoneClientTest):
    def test_create_stack_domain_user(self):
        p = super(KeystoneClientTestDomainName, self)
        p.test_create_stack_domain_user()
+
+
+class HeatClientTest(KeystoneClientTest):
+    """Test cases for heat.common.config"""
+
+    def setUp(self):
+        super(HeatClientTest, self).setUp()
+
+    def test_init_auth_encryption_key_length(self):
+        """Test for length of the auth_encryption_length in config file"""
+        cfg.CONF.set_override('auth_encryption_key', 'abcdefghijklma')
+        err = self.assertRaises(exception.Error,
+                                config.startup_sanity_check)
+        exp_msg = ('heat.conf misconfigured, auth_encryption_key '
+                   'length must be 16, 24 or 32')
+        self.assertIn(exp_msg, six.text_type(err))