nova keypair-delete cannot cope with keypairs with complex names

Bug #894808 reported by Gavin B
This bug report is a duplicate of:  Bug #937408: Can't delete keypair with a slash. Edit Remove
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
In Progress
Medium
adapaka bhavaniprasad

Bug Description

nova cannot delete a keypair that has a complex non-alphanumeric name even if
it was created with nova command :

brebner@az1-testclient-0002:~/nova-st2gavinmax$ nova keypair-add a1-sdas.-23423
-----BEGIN RSA PRIVATE KEY-----
<snip>
-----END RSA PRIVATE KEY-----

brebner@az1-testclient-0002:~/nova-st2gavinmax$ nova keypair-delete a1-sdas.-23423
Server Error, please try again later. (HTTP 500)

100% repeatable.

Diablo-final + python-novaclient 2.6.7

Revision history for this message
Thierry Carrez (ttx) wrote :

Do you have the server-side logs for that error 500 ?

Changed in nova:
importance: Undecided → Medium
status: New → Confirmed
Revision history for this message
Brian Waldon (bcwaldon) wrote :

Seems like the problem is just when we have a keypair with non-url-encodable properties. In this case the problem is the period. We should disallow periods in keypair names if we require it to be passed in the url on a DELETE

Changed in nova:
status: Confirmed → Triaged
Changed in nova:
assignee: nobody → adapaka bhavaniprasad (adapaka-prasad)
Changed in nova:
status: Triaged → In Progress
Revision history for this message
adapaka bhavaniprasad (adapaka-prasad) wrote :

Hi All,

There are two approaches to follow to block special characters while creating keypair names:

1. To block all special characters, we can use isdigit() or isaplha() functions.

2. We can throw error if the keypair name consists of any of the ".', "/", and "#" characters by hardcoding in keypairs.py file. [Ex: "open.stack","open/stack","open#stack" can be created by nova keypair-add, but cannot be deleted with nova keypair-delete]

Please let me know your comments on the same.

Regards,
adapaka-prasad

Revision history for this message
Justin Shepherd (jshepher) wrote :

I believe this issue was fixed with https://review.openstack.org/#/c/4579/

The validate function is now in nova/compute/api.py.

2114 def _validate_keypair_name(self, context, user_id, key_name):

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.