From 75ec9033c2c29dfd72238dd20ecfb4d35ce95cee Mon Sep 17 00:00:00 2001 From: David Edery Date: Wed, 2 Sep 2015 14:50:47 +0300 Subject: [PATCH] check for None value in utils.safe_header In case that a sensetive header (that should be obscured by its SHA1 hash) is None, the safe_header throws an exception which fails the calling process and by that may harm the functionality. Change-Id: I56944a382fd546eba0a6dd6d6b1cecf83b1dc106 Closes-Bug: #1491311 --- glanceclient/common/utils.py | 2 +- glanceclient/tests/unit/test_utils.py | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/glanceclient/common/utils.py b/glanceclient/common/utils.py index 24ddd793..42e45539 100644 --- a/glanceclient/common/utils.py +++ b/glanceclient/common/utils.py @@ -450,7 +450,7 @@ def memoized_property(fn): def safe_header(name, value): - if name in SENSITIVE_HEADERS: + if value is not None and name in SENSITIVE_HEADERS: v = value.encode('utf-8') h = hashlib.sha1(v) d = h.hexdigest() diff --git a/glanceclient/tests/unit/test_utils.py b/glanceclient/tests/unit/test_utils.py index 18c54753..eb7f53e5 100644 --- a/glanceclient/tests/unit/test_utils.py +++ b/glanceclient/tests/unit/test_utils.py @@ -177,3 +177,18 @@ class TestUtils(testtools.TestCase): i = utils.IterableWithLength(data, 10) self.assertRaises(IOError, _iterate, i) data.close.assert_called_with() + + def test_safe_header(self): + self.assertEqual(('somekey', 'somevalue'), + utils.safe_header('somekey', 'somevalue')) + self.assertEqual(('somekey', None), + utils.safe_header('somekey', None)) + + for sensitive_header in utils.SENSITIVE_HEADERS: + (name, value) = utils.safe_header(sensitive_header, 'somestring') + self.assertEqual(sensitive_header, name) + self.assertTrue(value.startswith("{SHA1}")) + + (name, value) = utils.safe_header(sensitive_header, None) + self.assertEqual(sensitive_header, name) + self.assertIsNone(value)