openstack
/
nova
Code Issues Proposed changes
Browse Source

Ensures that keypair names are only AlphaNumeric. 

Throws a 400 error if keypair contains any unsafe characters.

Safe characters are '_-', digits, and ascii_leters.

Added test_keypair_create_with_non_alphanumeric_name.

Fixes bug 937408.

Change-Id: If9b1393ee8f36113d2fa8a3b97ca526cc2e6ccf1
changes/79/4579/4
Justin Shepherd 10 years ago committed by Brian Waldon
parent
f38281d60c
commit
c8b0a9a3be
2 changed files with 24 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      nova/api/openstack/compute/contrib/keypairs.py
  2. 14
      nova/tests/api/openstack/compute/contrib/test_keypairs.py

10
nova/api/openstack/compute/contrib/keypairs.py
Unescape View File

@ -17,6 +17,8 @@
""" Keypair management extension"""
import string
import webob
import webob.exc
@ -61,6 +63,13 @@ class KeypairController(object):
'public_key': public_key,
'fingerprint': fingerprint}
def _validate_keypair_name(self, value):
safechars = "_-" + string.digits + string.ascii_letters
clean_value = "".join(x for x in value if x in safechars)
if clean_value != value:
msg = _("Keypair name contains unsafe characters")
raise webob.exc.HTTPBadRequest(explanation=msg)
@wsgi.serializers(xml=KeypairTemplate)
def create(self, req, body):
"""
@ -80,6 +89,7 @@ class KeypairController(object):
authorize(context)
params = body['keypair']
name = params['name']
self._validate_keypair_name(name)
if not 0 < len(name) < 256:
msg = _('Keypair name must be between 1 and 255 characters long')

14
nova/tests/api/openstack/compute/contrib/test_keypairs.py
Unescape View File

@ -107,6 +107,20 @@ class KeypairsTest(test.TestCase):
res = req.get_response(fakes.wsgi_app())
self.assertEqual(res.status_int, 400)
def test_keypair_create_with_non_alphanumeric_name(self):
body = {
'keypair': {
'name': 'test/keypair'
}
}
req = webob.Request.blank('/v2/fake/os-keypairs')
req.method = 'POST'
req.body = json.dumps(body)
req.headers['Content-Type'] = 'application/json'
res = req.get_response(fakes.wsgi_app())
res_dict = json.loads(res.body)
self.assertEqual(res.status_int, 400)
def test_keypair_import(self):
body = {
'keypair': {

Write Preview
Loading…
Cancel
Save