security-group-rule-create returns 500 on bad input
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Armando Migliaccio |
Bug Description
When trying to create a security group rule like so:
neutron security-
You get:
Request Failed: internal server error while processing your request.
Server stack-trace reports:
2013-08-16 18:11:56.896 18344 ERROR NVPApiHelper [-] Received error code: 400
2013-08-16 18:11:56.896 18344 ERROR NVPApiHelper [-] Server Error Message: Port values valid for TCP/UDP/ICMP/ICMPv6 only
2013-08-16 18:11:56.898 18344 ERROR neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
2013-08-16 18:11:56.898 18344 TRACE neutron.
And in a nutshell:
Port values valid for TCP/UDP/ICMP/ICMPv6 only
We should raise BadRequest instead.
Changed in neutron: | |
assignee: | nobody → Armando Migliaccio (armando-migliaccio) |
Changed in neutron: | |
status: | New → In Progress |
Changed in neutron: | |
importance: | Undecided → Medium |
milestone: | none → havana-3 |
Changed in neutron: | |
status: | Fix Committed → Fix Released |
Changed in neutron: | |
milestone: | havana-3 → 2013.2 |
Reviewed: https:/ /review. openstack. org/43211 github. com/openstack/ neutron/ commit/ a8c064ed322bf92 a867a42b99a5b94 cfef137a3d
Committed: http://
Submitter: Jenkins
Branch: master
commit a8c064ed322bf92 a867a42b99a5b94 cfef137a3d
Author: armando-migliaccio <email address hidden>
Date: Tue Aug 20 16:51:29 2013 -0700
Fix 500 error on invalid security-group-rule creation for NVP
Validate that, when creating rules specifying a protocol different
from TCP, UDP, ICMP and ICMPv6, no port (range) is specified because
NVP does not like it.
The extra validation is specific to the NVP plugin because other
plugins may choose a different failure mode. For example, the ovs
plugin does not complain at all, but it just ignores the port range
if the protocol is not a port-oriented one.
Fixes bug #1213293
Change-Id: I46e9032b5cf7f7 d88b9d05c3bf020 784b04217d9