OpenStack Identity (keystone)

malformed endpoint URLs are destroying the API

Bug #1230279 reported by Christian Berendt
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Medium
David Stanek
OpenStack Identity (keystone) 2014.2 "juno"

Bug Description

When creating an endpoint using a malformed URL (in my case a URL with a missing type identifier of a used variable) the whole API is broken afterwards. The only way to fix the issue is to use SERVICE_ENDPOINT and SERVICE_TOKEN to remove the affected endpoint. After removing the affected endpoint everything is working like before.

I think it should be tested if a used URL is malformed or not before creating an endpoint.

stack@devstack002:~/devstack$ keystone endpoint-list
[...] (Everything is working fine in this case.)

stack@devstack002:~/devstack$ keystone endpoint-create --region RegionTesting --service 5c026f3ea65b42c28f19cc012616cdb6 --publicurl 'http://localhost:1234/$(tenant_id)s' --adminurl 'http://localhost:1234/$(tenant_id)s' --internalurl 'http://localhost:1234/$(tenant_id)'
+-------------+-------------------------------------+
| Property | Value |
+-------------+-------------------------------------+
| adminurl | http://localhost:1234/$(tenant_id)s |
| id | 1e4df8989cd648b9b25be71fa3ba612c |
| internalurl | http://localhost:1234/$(tenant_id) |
| publicurl | http://localhost:1234/$(tenant_id)s |
| region | RegionTesting |
| service_id | 5c026f3ea65b42c28f19cc012616cdb6 |
+-------------+-------------------------------------+

stack@devstack002:~/devstack$ keystone endpoint-list
Authorization Failed: Malformed endpoint URL (http://localhost:1234/$(tenant_id)), see ERROR log for details. (HTTP 500)

stack@devstack002:~/devstack$ keystone user-list
Authorization Failed: Malformed endpoint URL (http://localhost:1234/$(tenant_id)), see ERROR log for details. (HTTP 500)

stack@devstack002:~/devstack$ nova list
ERROR: Malformed endpoint URL (http://localhost:1234/$(tenant_id)), see ERROR log for details. (HTTP 500)

stack@devstack002:~/devstack$ glance image-list
Authorization Failed: Malformed endpoint URL (http://localhost:1234/$(tenant_id)), see ERROR log for details. (HTTP 500)

See original description
Revision history for this message
Christian Berendt (berendt) wrote :

The internal URL is malformed in this case. The 's' is missing. It should be $(tenant_id)s instead of $(tenant_id).

description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/48268

Changed in keystone:
assignee: nobody → Christian Berendt (berendt)
status: New → In Progress
Dolph Mathews (dolph)
Changed in keystone:
importance: Undecided → Medium
Revision history for this message
Dolph Mathews (dolph) wrote :

Unassigning due to inactivity.

Changed in keystone:
assignee: Christian Berendt (berendt) → nobody
status: In Progress → Triaged
David Stanek (dstanek)
Changed in keystone:
assignee: nobody → David Stanek (dstanek)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.openstack.org/81527

Changed in keystone:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.openstack.org/81528

Revision history for this message
Openstack Gerrit (openstack-gerrit) wrote :

Fix proposed to branch: master
Review: https://review.openstack.org/90149

Revision history for this message
Openstack Gerrit (openstack-gerrit) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/81527
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=7e4aab33e2d38a87e26f9f4e65b4ba2097564fd2
Submitter: Jenkins
Branch: master

commit 7e4aab33e2d38a87e26f9f4e65b4ba2097564fd2
Author: David Stanek <email address hidden>
Date: Tue Mar 18 14:05:52 2014 +0000

    Ignore broken endpoints in get_v3_catalog

    Change-Id: Ifd858e9f37155e3806329c4688be494d0132a9c7
    Partial-bug: #1230279

Christian Berendt (berendt)
Changed in keystone:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in keystone:
milestone: none → juno-1
status: Fix Committed → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/99988

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/81528
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=8737b43d2cc9cbc1af1ea7a0fbff39f1b1c50747
Submitter: Jenkins
Branch: master

commit 8737b43d2cc9cbc1af1ea7a0fbff39f1b1c50747
Author: David Stanek <email address hidden>
Date: Wed Mar 19 04:25:18 2014 +0000

    Ignore broken endpoints in get_catalog

    If an endpoint is created with a malformed URL then get_catalog would
    throw a HTTP 500 error. With this change we ignore all malformed
    endpoints.

    Change-Id: Ibe9a8fa49f410f2a76a0df732247bd6813fc734b
    Partial-bug: #1230279

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.openstack.org/99988
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=8599aa5d8393e3217e04bd8fb4bca2b2eaa41a69
Submitter: Jenkins
Branch: master

commit 8599aa5d8393e3217e04bd8fb4bca2b2eaa41a69
Author: David Stanek <email address hidden>
Date: Fri Jun 13 18:28:36 2014 +0000

    Fixes catalog URL formatting to never return None

    The old behavior was to return None if the URL template was not a string
    (or not string-like). This was a mistake because a None should never be
    able to make its way into the catalog.

    This is based off of an IRC discussion that spawned from:
    https://review.openstack.org/#/c/81528/4/keystone/catalog/backends/sql.py

    Change-Id: I12b0362d3869a3ec8dc1a6fa34e934a221deecbc
    Partial-bug: #1230279

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystone (master)

Change abandoned by Dolph Mathews (<email address hidden>) on branch: master
Review: https://review.openstack.org/90149
Reason: referenced bug was fixed

Thierry Carrez (ttx)
Changed in keystone:
milestone: juno-1 → 2014.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.