yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1104110] Re: No validation for session-persistance when creating a VIP.

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Thu, 21 Feb 2013 09:14:23 -0000
Reply-to: Bug 1104110 <1104110@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: quantum
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to quantum.
https://bugs.launchpad.net/bugs/1104110

Title:
  No validation for session-persistance when creating a VIP.

Status in OpenStack Quantum (virtual network service):
  Fix Released

Bug description:
  LBaaS API specification contains wrong validation rule for VIPs'
  session-persistence:

      'session_persistence': {'allow_post': True, 'allow_put': True,
                              'default': {},
                              'validate': {'type:dict': None},
                              'is_visible': True}

  The rule specifies the only constraint for a supplied value to be a
  dictionary. However, the schema of the database defines strict
  constraints for SessionPersistence objects:

      type = sa.Column(sa.Enum("SOURCE_IP",
                               "HTTP_COOKIE",
                               "APP_COOKIE",
                               name="sesssionpersistences_type")

  According to the constraint above 'type' is mandatory for
  SessionPersistence objects and it has to be equal to "SOURCE_IP",
  "HTTP_COOKIE" or "APP_COOKIE". The extension, however, does not check
  whether type is specified in the request and is equal to one of the
  allowed values. This causes an IntergityError to be thrown by the
  database and a user gets an Internal server error, if wrong type was
  specified.

To manage notifications about this bug go to:
https://bugs.launchpad.net/quantum/+bug/1104110/+subscriptions