keystone endpoint-create doesn't validate input
Bug #1080862 reported by
Dan Yocum
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-keystoneclient |
Invalid
|
Medium
|
Harshavardhan Reddy M | ||
Bug Description
Hi,
In ESSEX it is possible to break access to horizon (and probably other things) when attempting to manually create an invalid endpoint using 'keystone endpoint-create ...' with the wrong CLI options and possibly the wrong values passed to those options.
For instance, I created an incompletely endpoint thusly (note: no publicurl, adminurl, and internalurl):
keystone endpoint-create --region RegionOne --service_id 6a0447de95554667
8dac94324c394956
This immediately denied me and others access to the horizon dashboard because the endpoint was invalid. Luckily, issuing 'keystone endpoint-delete <uuid of invalid endpoint>' immediately restored access.
This is a case of poor input validation.
Dan
| affects: | keystone → python-keystoneclient |
| Changed in python-keystoneclient: | |
| status: | New → Invalid |
| status: | Invalid → New |
| Changed in python-keystoneclient: | |
| assignee: | nobody → Harshavardhan Reddy M (hvreddy1110) |
| Changed in python-keystoneclient: | |
| status: | New → In Progress |
Revision history for this message
| Harshavardhan Reddy M (hvreddy1110) wrote | #1 |
| Changed in python-keystoneclient: | |
| status: | In Progress → Incomplete |
| importance: | Undecided → Medium |
Revision history for this message
| Harshavardhan Reddy M (hvreddy1110) wrote | #2 |
Revision history for this message
| Dolph Mathews (dolph) wrote | #3 |
| Changed in python-keystoneclient: | |
| status: | Incomplete → Invalid |
To post a comment you must log in.
Hi Dan,
In the latest release this issue is not there.
Can you please check once again.
Thank You.