From 0256e494d029ac18bc6c9fed0fd995283c675075 Mon Sep 17 00:00:00 2001
From: Bence Romsics <bence.romsics@gmail.com>
Date: Thu, 18 Nov 2021 15:01:20 +0100
Subject: [PATCH] Disable tracebacks of eventlet.wsgi.server

Security folks considered tracebacks in API responses unwanted.

Some additional lower constraints had to be bumped for the
lower-constraints job to pass.

Change-Id: Ibaefbb9935020318ed670774b0205f3bcffef4ad
Closes-Bug: #1951429
Depends-On: https://review.opendev.org/c/openstack/oslo.service/+/818548
---
 lower-constraints.txt           | 4 ++--
 neutron/tests/unit/test_wsgi.py | 3 ++-
 neutron/wsgi.py                 | 3 ++-
 requirements.txt                | 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/lower-constraints.txt b/lower-constraints.txt
index c8999945d35..ef5a2b8d744 100644
--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@@ -27,7 +27,7 @@ future==0.16.0
 futurist==1.2.0
 gitdb==0.6.4
 GitPython==1.0.1
-greenlet==0.4.14
+greenlet==0.4.16
 httplib2==0.9.1
 imagesize==0.7.1
 iso8601==0.1.11
@@ -72,7 +72,7 @@ oslo.privsep==2.3.0
 oslo.reports==1.18.0
 oslo.rootwrap==5.15.0
 oslo.serialization==2.25.0
-oslo.service==1.31.0
+oslo.service==2.8.0
 oslo.upgradecheck==1.3.0
 oslo.utils==4.5.0
 oslo.versionedobjects==1.35.1
diff --git a/neutron/tests/unit/test_wsgi.py b/neutron/tests/unit/test_wsgi.py
index c107c80639f..1f5ecfe1c10 100644
--- a/neutron/tests/unit/test_wsgi.py
+++ b/neutron/tests/unit/test_wsgi.py
@@ -210,7 +210,8 @@ class TestWSGIServer(base.BaseTestCase):
             log=mock.ANY,
             keepalive=CONF.wsgi_keep_alive,
             log_format=CONF.wsgi_log_format,
-            socket_timeout=server.client_socket_timeout
+            socket_timeout=server.client_socket_timeout,
+            debug=False,
         )
 
 
diff --git a/neutron/wsgi.py b/neutron/wsgi.py
index 619d11a1ef7..9c07bda4782 100644
--- a/neutron/wsgi.py
+++ b/neutron/wsgi.py
@@ -225,7 +225,8 @@ class Server(object):
                              log=LOG,
                              keepalive=CONF.wsgi_keep_alive,
                              log_format=CONF.wsgi_log_format,
-                             socket_timeout=self.client_socket_timeout)
+                             socket_timeout=self.client_socket_timeout,
+                             debug=CONF.wsgi_server_debug)
 
     @property
     def process_launcher(self):
diff --git a/requirements.txt b/requirements.txt
index 808b78d1912..ea77801d21b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -38,7 +38,7 @@ oslo.privsep>=2.3.0 # Apache-2.0
 oslo.reports>=1.18.0 # Apache-2.0
 oslo.rootwrap>=5.15.0 # Apache-2.0
 oslo.serialization>=2.25.0 # Apache-2.0
-oslo.service>=1.31.0 # Apache-2.0
+oslo.service>=2.8.0 # Apache-2.0
 oslo.upgradecheck>=1.3.0 # Apache-2.0
 oslo.utils>=4.5.0 # Apache-2.0
 oslo.versionedobjects>=1.35.1 # Apache-2.0