SG rule protocol provided is validated against the DB rules'
protocols for both number and name. The filter provided to DB
is modified so that it is queried for records with both the
protocol name and number, instead of exactly the type provided
with the input. The returned DB rule record's protocol field is
validated against the supplied SG protocol field for both name
or number.
This way, user is still allowed to enter protocol name or number
to create a rule, and API compatibility is maintained.
Closes-Bug: #1215181
(cherry picked from commit 913a64cc11)
Also squashed the following regression fix:
===
Don't drop 'protocol' from client supplied security_group_rule dict
If protocol was present in the dict, but was None, then it was never
re-instantiated after being popped out of the dict. This later resulted
in KeyError when trying to access the key on the dict.
Change-Id: I4985e7b54117bee3241d7365cb438197a09b9b86
Closes-Bug: #1566327
(cherry picked from commit 5a41caa47a)
===
Change-Id: If4ad684e961433b8d9d3ec8fe2810585d3f6a093