From 73a87433678f04b99a566340934b2f3f2557c8bc Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Wed, 19 Sep 2012 11:48:29 +0100 Subject: [PATCH] heat : ensure DB user creds aren't written decrypted Return the decrypted user_creds record as a dict copy and do not decrypt the credentials direct into the sqlalchemy model object, or we can inadvertently end up committing decrypted credentials to the DB Ref #218 Change-Id: I0df9afcb271804557c94cdf0c913f7a26affdc83 Signed-off-by: Steven Hardy --- heat/db/sqlalchemy/api.py | 12 +++++++----- heat/engine/manager.py | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/heat/db/sqlalchemy/api.py b/heat/db/sqlalchemy/api.py index 9f53a979b0..e6f106a41c 100644 --- a/heat/db/sqlalchemy/api.py +++ b/heat/db/sqlalchemy/api.py @@ -211,11 +211,13 @@ def user_creds_create(values): def user_creds_get(user_creds_id): - result = model_query(None, models.UserCreds).get(user_creds_id) - result.password = auth.decrypt(result.password) - result.service_password = auth.decrypt(result.service_password) - result.aws_creds = auth.decrypt(result.aws_creds) - + db_result = model_query(None, models.UserCreds).get(user_creds_id) + # Return a dict copy of db results, do not decrypt details into db_result + # or it can be committed back to the DB in decrypted form + result = dict(db_result) + result['password'] = auth.decrypt(result['password']) + result['service_password'] = auth.decrypt(result['service_password']) + result['aws_creds'] = auth.decrypt(result['aws_creds']) return result diff --git a/heat/engine/manager.py b/heat/engine/manager.py index f7da9d9f22..6bc31423e6 100644 --- a/heat/engine/manager.py +++ b/heat/engine/manager.py @@ -443,7 +443,7 @@ class EngineManager(manager.Manager): if s and s.status in (parser.Stack.CREATE_COMPLETE, parser.Stack.UPDATE_COMPLETE): user_creds = db_api.user_creds_get(s.user_creds_id) - ctxt = ctxtlib.RequestContext.from_dict(dict(user_creds)) + ctxt = ctxtlib.RequestContext.from_dict(user_creds) stack = parser.Stack.load(ctxt, s.id) for a in wr.rule[watchrule.WatchRule.ACTION_MAP[new_state]]: greenpool.spawn_n(stack[a].alarm)