nova-cells doesn't url decode transport_url

Bug #1406598 reported by Mike Dorman on 2014-12-30
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Low
Davanum Srinivas (DIMS)
oslo.messaging
Low
liaonanhai

Bug Description

When creating a cell using the nova-manage cell create command, the transport_url generated in the database is url-encoded (i.e. '=' is changed to '%3D', etc.) That's propably the correct behavior, since the connection string is stored as URL.

However, nova-cells doesn't properly decode that string. So for transport_url credentials that contain url-encodable characters, nova-cells uses the url encoded string, rather than the actual correct credentials.

Steps to reproduce:

- Create a cell using nova-manage with credentials containing url-encodable characters:

nova-manage cell create --name=cell_02 --cell_type=child --username='the=user' --password='the=password' --hostname='hostname' --port=5672 --virtual_host=/ --woffset=1 --wscale=1

- nova.cells table now contains a url-encoded transport_url:

mysql> select * from cells \G
*************************** 1. row ***************************
   created_at: 2014-12-30 17:30:41
   updated_at: NULL
   deleted_at: NULL
           id: 3
      api_url: NULL
weight_offset: 1
 weight_scale: 1
         name: cell_02
    is_parent: 0
      deleted: 0
transport_url: rabbit://the%3Duser:the%3Dpassword@hostname:5672//
1 row in set (0.00 sec)

- nova-cells uses the literal credentials 'the%3Duser' and 'the%3Dpassword' to connect to RMQ, rather than the correct 'the=user' and 'the=password' credentials.

Mike Dorman (mdorman-m) on 2014-12-30
description: updated
Liyingjun (liyingjun) wrote :
Changed in nova:
assignee: nobody → Santhosh Peddiboyina (peddiboyina-9)
melanie witt (melwitt) on 2015-01-12
tags: added: cells
Changed in nova:
status: New → Confirmed
importance: Undecided → Low
Changed in oslo.messaging:
status: New → Confirmed
importance: Undecided → Low
liaonanhai (nanhai-liao) on 2015-02-11
Changed in oslo.messaging:
assignee: nobody → liaonanhai (nanhai-liao)
Changed in nova:
assignee: Santhosh Peddiboyina (peddiboyina-9) → nobody
Doug Hellmann (doug-hellmann) wrote :

It sounds like the values are being stored and managed outside of oslo.messaging. I'm not sure why this is reported against the library in addition to nova. Is there something we'll need to fix in the library, too?

Changed in oslo.messaging:
status: Confirmed → Incomplete

Fix proposed to branch: master
Review: https://review.openstack.org/168103

Changed in nova:
assignee: nobody → Davanum Srinivas (DIMS) (dims-v)
status: Confirmed → In Progress

Reviewed: https://review.openstack.org/168103
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=f16dd6ba95ca59a76cf07f397a559163e711c84a
Submitter: Jenkins
Branch: master

commit f16dd6ba95ca59a76cf07f397a559163e711c84a
Author: Davanum Srinivas <email address hidden>
Date: Thu Mar 26 14:16:36 2015 -0400

    Store cells credentials in transport_url properly

    Looks like we need to store the decoded version in the
    database, not the encoded version...ie:
        rabbit://the=user:the=password@hostname:5672//
    instead of:
        rabbit://the%3Duser:the%3Dpassword@hostname:5672//

    Once we build up the transport_url and transform it into
    a string, we just call unquote to convert %xx escapes back
    to their single-character equivalent.

    Closes-Bug: #1406598
    Change-Id: I34be01de08f515c5931ff04e1eaf9815e3c2fa82

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2015-04-10
Changed in nova:
milestone: none → kilo-rc1
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2015-04-30
Changed in nova:
milestone: kilo-rc1 → 2015.1.0
JiaJunsu (jiajunsu) wrote :
Changed in oslo.messaging:
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers