Network Administration Visualized

PortAdmin crashes when non admin try to remove a vlan from the trunk

Bug #1538270 reported by Knut-Helge Vindheim
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Network Administration Visualized
Fix Released
Undecided
John-Magne Bredal
Network Administration Visualized 4.4.3

Bug Description

Hi,

A new portadmin bug.

A non administrator user is allowed to create a trunk on a switch port an add VLAN to this trunk (tested on a HP Procurve switch), but when he tries to remove VLAN from the trunk portadmin crashes with the message:

IndexError: array index out of range
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py", line 111, in get_response response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python2.7/dist-packages/nav/web/portadmin/views.py", line 475, in render_trunk_edit handle_trunk_edit(request, agent, interface)
File "/usr/lib/python2.7/dist-packages/nav/web/portadmin/views.py", line 535, in handle_trunk_edit agent.set_trunk(interface, native_vlan, trunked_vlans)
File "/usr/lib/python2.7/dist-packages/nav/portadmin/snmputils.py", line 437, in set_trunk self._save_trunk_interface(interface, native_vlan, trunk_vlans)
File "/usr/lib/python2.7/dist-packages/nav/portadmin/snmputils.py", line 444, in _save_trunk_interface bitvector[vlan] = 1
File "/usr/lib/python2.7/dist-packages/nav/bitvector.py", line 51, in __setitem__ block_value = self.vector[block]
IndexError: array index out of range

Regard
Knut-Helge.

Revision history for this message
John-Magne Bredal (john-m-bredal) wrote :

This bug has the same cause as https://bugs.launchpad.net/nav/+bug/1538150 .

When creating the hexstring for saving allowed vlans to database, the initialized vector did not consider very high vlan numbers.

Fix here:
https://nav.uninett.no/hg/stable/rev/5b4daff9094c

Changed in nav:
milestone: none → 4.4.2
assignee: nobody → John-Magne Bredal (john-m-bredal)
status: New → Fix Committed
Morten Brekkevold (mbrekkevold)
Changed in nav:
status: Fix Committed → Fix Released
Revision history for this message
John-Magne Bredal (john-m-bredal) wrote :

Reopening this bug as it was not fixed.

Email from knutvi describing the problem:

"""
Når jeg som bruker "perhov" prøver å fjerne vlan i fra en trunk på f.eks "sb-341s-sw2 port A6" så får jeg ikke lov til det. Jeg får ikke lengre crash melding, men ingen av vlanene jeg prøver å fjerne forsvinner.

Når jeg gjør det samme med min bruker "knutvi" (admin bruker) så klarer jeg å fjerne vlanene. Kan du sjekke hvorfor "Per Kristian" får lov til å legge til vlan i PortAdmin, men ikke fjerne de samme vlanene i fra trunken?

Sist så testet meg med flere ikke admin brukere og så samme oppførsel. Denne gangen har jeg bare testet med Per Kristian Hove sin bruker.
"""

Changed in nav:
status: Fix Released → In Progress
Revision history for this message
John-Magne Bredal (john-m-bredal) wrote :

As it turns out removing vlans from a trunk has never been possible if the following were true:
- The PortAdmin auth system is turned on
- The logged in user is not an admin

Revision history for this message
John-Magne Bredal (john-m-bredal) wrote :

Fix here:
https://nav.uninett.no/hg/stable/rev/dec531b6aa91

Changed in nav:
status: In Progress → Fix Committed
milestone: 4.4.2 → 4.4.3
Morten Brekkevold (mbrekkevold)
Changed in nav:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.