Ubuntu
python-keystoneclient package

memcache key length error

Bug #1250654 reported by Sam Morrison
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
python-keystoneclient (Ubuntu)
Fix Released
High
Unassigned
Saucy
Won't Fix
High
Yolanda Robla
Trusty
Fix Released
High
Unassigned

Bug Description

Getting the following error with 1:0.3.2-0ubuntu1~cloud0 (havana cloud archive)

Note this was fixed upstream a while ago.

2013-11-13 09:37:49.827 14452 INFO glance.wsgi.server [-] Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/eventlet/wsgi.py", line 384, in handle_one_response
    result = self.application(self.environ, start_response)
  File "/usr/lib/python2.7/dist-packages/webob/dec.py", line 130, in __call__
    resp = self.call_func(req, *args, **self.kwargs)
  File "/usr/lib/python2.7/dist-packages/webob/dec.py", line 195, in call_func
    return self.func(req, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/glance/common/wsgi.py", line 362, in __call__
    response = req.get_response(self.application)
  File "/usr/lib/python2.7/dist-packages/webob/request.py", line 1296, in send
    application, catch_exc_info=False)
  File "/usr/lib/python2.7/dist-packages/webob/request.py", line 1260, in call_application
    app_iter = application(self.environ, start_response)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/middleware/auth_token.py", line 535, in __call__
    token_info = self._validate_user_token(user_token)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/middleware/auth_token.py", line 791, in _validate_user_token
    self._cache_store_invalid(user_token)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/middleware/auth_token.py", line 1044, in _cache_store_invalid
    self._cache_store(token, 'invalid')
  File "/usr/lib/python2.7/dist-packages/keystoneclient/middleware/auth_token.py", line 1007, in _cache_store
    time=self.token_cache_time)
  File "/usr/lib/python2.7/dist-packages/memcache.py", line 565, in set
    return self._set("set", key, val, time, min_compress_len)
  File "/usr/lib/python2.7/dist-packages/memcache.py", line 772, in _set
    self.check_key(key)
  File "/usr/lib/python2.7/dist-packages/memcache.py", line 1023, in check_key
    % self.server_max_key_length)
MemcachedKeyLengthError: Key length is > 250

[Impact]
Invalid PKI tokens are cached in memcache using the entire token as
key. This triggers the familiar memcache key length error since a
PKI token is much longer than 250 characters.

[Test Case]
<< to be confirmed >>
1. Install keystone, configure it to use PKI authentication
2. When keystone interacts with other components, no exceptions should be triggered.

[Regression potential]
Minimal. Fix has been pushes upstream and tested, and only affects the PKI case of keystone.

See original description
Sam Morrison (sorrison)
description: updated
Revision history for this message
James Page (james-page) wrote :

Reference upstream is bug 1206347 which is released in 0.4.x series; needs a backport for SRU.

Changed in python-keystoneclient (Ubuntu Saucy):
importance: Undecided → High
Changed in python-keystoneclient (Ubuntu Trusty):
importance: Undecided → High
status: New → Triaged
Changed in python-keystoneclient (Ubuntu Saucy):
status: New → Triaged
Changed in python-keystoneclient (Ubuntu Trusty):
status: Triaged → Fix Released
Revision history for this message
James Page (james-page) wrote :

Trusty already has 0.4.x - marking Fix Released for that task.

Yolanda Robla (yolanda.robla)
Changed in python-keystoneclient (Ubuntu Saucy):
assignee: nobody → Yolanda Robla (yolanda.robla)
Yolanda Robla (yolanda.robla)
description: updated
Revision history for this message
Yolanda Robla (yolanda.robla) wrote :
Revision history for this message
Rolf Leggewie (r0lf) wrote :

saucy has seen the end of its life and is no longer receiving any updates. Marking the saucy task for this ticket as "Won't Fix".

Changed in python-keystoneclient (Ubuntu Saucy):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.