yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1121494] Re: EC2 authentication does not ensure user or tenant is enabled

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Fri, 24 May 2013 12:53:43 -0000
Reply-to: Bug 1121494 <1121494@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: ossa
   Importance: Undecided
       Status: New

** Changed in: ossa
       Status: New => Fix Released

** Changed in: ossa
     Assignee: (unassigned) => Thierry Carrez (ttx)

** Summary changed:

- EC2 authentication does not ensure user or tenant is enabled
+ [OSSA 2013-005] EC2 authentication does not ensure user or tenant is enabled

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1121494

Title:
  [OSSA 2013-005] EC2 authentication does not ensure user or tenant is
  enabled

Status in OpenStack Identity (Keystone):
  Fix Released
Status in Keystone essex series:
  Fix Committed
Status in Keystone folsom series:
  Fix Released
Status in OpenStack Security Advisories:
  Fix Released

Bug description:
  Keystone does not check whether a user, tenant, or domain is enabled
  before authenticating a user using the EC2 api.  I've attached three
  patches based on Grizzly (master), stable/folsom, and stable/essex.
  For the Grizzly patch, I've refactored the code to ensure the same
  checks used in token-based auth are checked when using EC2 signature-
  based auth.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1121494/+subscriptions