OpenStack Security Advisory

Bug #1242597
Comment #42

Comment 42 for bug 1242597

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2013-12-17:

#42

I'm getting a testsuite failures on Ubuntu 13.10 with the patch from https://review.openstack.org/61425:

======================================================================
ERROR: keystone.tests.test_keystoneclient_sql.KcMasterSqlTestCase.test_ec2_auth_success_trust
----------------------------------------------------------------------
_StringException: Traceback (most recent call last):
  File "/«PKGBUILDDIR»/keystone/tests/test_keystoneclient_sql.py", line 140, in test_ec2_auth_success_trust
    tenant_id=self.tenant_bar['id'])
  File "/usr/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line 458, in authenticate
    resp, body = self.get_raw_token_from_identity_service(**kwargs)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/v2_0/client.py", line 160, in get_raw_token_from_identity_service
    token=token)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/v2_0/client.py", line 189, in _base_authN
    resp, body = self.request(url, 'POST', body=params, headers=headers)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line 609, in request
    **request_kwargs)
  File "/usr/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line 114, in request
    raise exceptions.from_response(resp)
Unauthorized: The request you have made requires authentication. (HTTP 401)

-------------------- >> begin captured logging << --------------------
...
keystone.token.controllers: WARNING: User two is unauthorized for tenant bar
keystone.common.wsgi: WARNING: Authorization failed. The request you have made requires authentication. from 127.0.0.1
access: INFO: 127.0.0.1 - - [17/Dec/2013:19:30:18 +0000] "POST http://localhost:49237/v2.0/tokens HTTP/1.0" 401 114
eventlet.wsgi.server: INFO: 127.0.0.1 - - [17/Dec/2013 13:30:18] "POST /v2.0/tokens HTTP/1.1" 401 253 0.026661

urllib3.connectionpool: DEBUG: "POST /v2.0/tokens HTTP/1.1" 401 114
keystoneclient.httpclient: DEBUG: Request returned failure status: 401
keystoneclient.v2_0.client: DEBUG: Authorization Failed.
--------------------- >> end captured logging << ---------------------

Our package is 1:2013.2 with only this fix and the one for CVE-2013-4477 (bug #1242855). Am I missing other required patches?

I'm getting a testsuite failures on Ubuntu 13.10 with the patch from https://review.openstack.org/61425:

Our package is 1:2013.2 with only this fix and the one for CVE-2013-4477 (bug #1242855). Am I missing other required patches?