neutron

NSX plugin: 400 should be returned on invalid certificate

Bug #1293508 reported by Salvatore Orlando
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Medium
Salvatore Orlando
neutron 2014.1 "icehouse"

Bug Description

When a gateway device is created, the client certificate is not stored anywhere on the neutron server, but then passed directly to the backend, which validates the certificate.

Currently the NSX backend raises an exception when the certificate is not valid.
This exception is treated by the NSX plugin as a backend failure and a 500 is then returned.

However, the correct error would a 400 with an appropriate error message.

Tags: vmware
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/80948

Changed in neutron:
status: New → In Progress
Salvatore Orlando (salvatore-orlando)
Changed in neutron:
milestone: icehouse-rc1 → none
tags: added: icehouse-rc-potential
Mark McClain (markmcclain)
tags: added: icehouse-backport-potential
removed: icehouse-rc-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/80948
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=13c9f3b813f5bb368e311ba0d428fa759d68289a
Submitter: Jenkins
Branch: master

commit 13c9f3b813f5bb368e311ba0d428fa759d68289a
Author: Salvatore Orlando <email address hidden>
Date: Fri Mar 14 17:43:42 2014 -0700

    NSX plugin: return 400 for invalid gw certificate

    Gateway certificates are validated by the NSX backend.
    The code currently treats a failure in certification
    validation as a backend failure and therefore returns
    a 500 status code.

    This patch changes this behaviour by returning a 400
    status code and an appropriate error description.
    To this aim a handler for 400 errors has been added to
    the NSX API client.

    Closes-Bug: #1293508

    Change-Id: I196f14337e47cd40710a6d8a30bbe1cac5ffe05b

Changed in neutron:
status: In Progress → Fix Committed
Mark McClain (markmcclain)
Changed in neutron:
milestone: none → icehouse-rc2
tags: removed: icehouse-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (milestone-proposed)

Fix proposed to branch: milestone-proposed
Review: https://review.openstack.org/85506

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (milestone-proposed)

Reviewed: https://review.openstack.org/85506
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=d56f12d4676c1cc26d0da80e053da07e0253dbe8
Submitter: Jenkins
Branch: milestone-proposed

commit d56f12d4676c1cc26d0da80e053da07e0253dbe8
Author: Salvatore Orlando <email address hidden>
Date: Fri Mar 14 17:43:42 2014 -0700

    NSX plugin: return 400 for invalid gw certificate

    Gateway certificates are validated by the NSX backend.
    The code currently treats a failure in certification
    validation as a backend failure and therefore returns
    a 500 status code.

    This patch changes this behaviour by returning a 400
    status code and an appropriate error description.
    To this aim a handler for 400 errors has been added to
    the NSX API client.

    Closes-Bug: #1293508

    Change-Id: I196f14337e47cd40710a6d8a30bbe1cac5ffe05b
    (cherry picked from commit 13c9f3b813f5bb368e311ba0d428fa759d68289a)

Changed in neutron:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in neutron:
milestone: icehouse-rc2 → 2014.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.