Ensures that keypair names are only AlphaNumeric.

Throws a 400 error if keypair contains any unsafe characters. Safe characters are '_-', digits, and ascii_leters. Added test_keypair_create_with_non_alphanumeric_name. Fixes bug 937408. Change-Id: If9b1393ee8f36113d2fa8a3b97ca526cc2e6ccf1
2012-02-26 22:23:30 -06:00 · 2012-02-26 22:23:30 -06:00 · c8b0a9a3be
commit c8b0a9a3be
parent f38281d60c
2 changed files with 24 additions and 0 deletions
--- a/nova/api/openstack/compute/contrib/keypairs.py
+++ b/nova/api/openstack/compute/contrib/keypairs.py
@ -17,6 +17,8 @@

 """ Keypair management extension"""

+import string
+
 import webob
 import webob.exc

@ -61,6 +63,13 @@ class KeypairController(object):
                'public_key': public_key,
                'fingerprint': fingerprint}

+    def _validate_keypair_name(self, value):
+        safechars = "_-" + string.digits + string.ascii_letters
+        clean_value = "".join(x for x in value if x in safechars)
+        if clean_value != value:
+            msg = _("Keypair name contains unsafe characters")
+            raise webob.exc.HTTPBadRequest(explanation=msg)
+
    @wsgi.serializers(xml=KeypairTemplate)
    def create(self, req, body):
        """
@ -80,6 +89,7 @@ class KeypairController(object):
        authorize(context)
        params = body['keypair']
        name = params['name']
+        self._validate_keypair_name(name)

        if not 0 < len(name) < 256:
            msg = _('Keypair name must be between 1 and 255 characters long')
--- a/nova/tests/api/openstack/compute/contrib/test_keypairs.py
+++ b/nova/tests/api/openstack/compute/contrib/test_keypairs.py
@ -107,6 +107,20 @@ class KeypairsTest(test.TestCase):
        res = req.get_response(fakes.wsgi_app())
        self.assertEqual(res.status_int, 400)

+    def test_keypair_create_with_non_alphanumeric_name(self):
+        body = {
+            'keypair': {
+                'name': 'test/keypair'
+            }
+        }
+        req = webob.Request.blank('/v2/fake/os-keypairs')
+        req.method = 'POST'
+        req.body = json.dumps(body)
+        req.headers['Content-Type'] = 'application/json'
+        res = req.get_response(fakes.wsgi_app())
+        res_dict = json.loads(res.body)
+        self.assertEqual(res.status_int, 400)
+
    def test_keypair_import(self):
        body = {
            'keypair': {