Handle UnicodeDecodeError in db_decrypt_parameters_and_properties

When an incorrect encryption key is provided the decrypt function will return rubbish that sometimes encodeutils will not be able to deal with. Change-Id: I7586bc16ce492144f617ee3adc31a2bc19a62173 Closes-bug: #1467965
2015-06-26 10:55:45 +10:00 · 2015-06-26 10:55:45 +10:00 · 418ac54158
parent 9711730a4b
commit 418ac54158
1 changed files with 7 additions and 1 deletions
--- a/heat/db/sqlalchemy/api.py
+++ b/heat/db/sqlalchemy/api.py
@ -1169,7 +1169,13 @@ def db_decrypt_parameters_and_properties(ctxt, encryption_key):
            decrypt_function = getattr(crypt, decrypt_function_name)
            decrypted_val = decrypt_function(parameters[param_name][1],
                                             encryption_key)
-            parameters[param_name] = encodeutils.safe_decode(decrypted_val)
+            try:
+                parameters[param_name] = encodeutils.safe_decode(decrypted_val)
+            except UnicodeDecodeError:
+                # if the incorrect encryption_key was used then we can
+                # get total gibberish here and safe_decode() will freak out.
+                parameters[param_name] = decrypted_val
+
        raw_template.environment['encrypted_param_names'] = []

    session.commit()