Charm Helpers

canonical_names in Openstack's ApacheSSLContext strips important characters

Bug #1559988 reported by John McEleney on 2016-03-21

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Charm Helpers	New	Undecided	Unassigned

Bug Description

The canonical names method on ApacheSSLContext uses lstrip to remove the leading 'ssl_key_' from relation keys in order to determine the canonical name that that key represents.

The problem is that lstrip will continue to strip leading characters beyond ssl_key_ for any characters in the set [sl_key]. So a key like ssl_key_keystone.company.com will be stripped to tone.company.com.

Presumably this method is usually overridden in subclasses, which is why the bug has gone unnoticed for so long, but who knows?

This is a quick and easy fix:
=== modified file 'charmhelpers/contrib/openstack/context.py'
--- charmhelpers/contrib/openstack/context.py 2016-01-29 10:20:29 +0000
+++ charmhelpers/contrib/openstack/context.py 2016-03-21 10:33:17 +0000
@@ -755,7 +755,7 @@
                 rdata = relation_get(rid=r_id, unit=unit)
                 for k in rdata:
                     if k.startswith('ssl_key_'):
- cns.append(k.lstrip('ssl_key_'))
+ cns.append(k[8:])

return sorted(list(set(cns)))

John

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.