← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #44007

[Bug 1528981] Re: keystone fernet cannot work with mod wsgi anymore

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.openstack.org/261205
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=5b445469b6369fe991f725b90833c54f399ab350
Submitter: Jenkins
Branch:    master

commit 5b445469b6369fe991f725b90833c54f399ab350
Author: Dave Chen <wei.d.chen@xxxxxxxxx>
Date:   Thu Dec 24 15:10:47 2015 +0800

    Fix the incompatible issue in response header
    
    Some changes were made to fix fernet padding for python3 [1],
    fernet payload is decoded to str after encryption when
    creating a fernet token. But it will be unicode string on
    python27 and this is not compatible with `mod_wsgi`.
    
    `mod_wsgi` needs the value in the response headers is binary(str)
    type on python2, and unicode(str) type on python3. This patch
    does this translation accordingly to make keystone works with
    `mod_wsgi`.
    
    [1] https://review.openstack.org/#/c/231711/
    Closes-Bug: #1528981
    
    Change-Id: I0217ac10d20c51a9c17bed566f326eb6db6ed949


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1528981

Title:
  keystone fernet cannot work with mod wsgi anymore

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  With the latest code, fernet cannot work anymore due to this change id
  (Change-Id: I0723cd50bbb464c38c9efcf1888e39d14950997b).

  The stacktrace like this,

  2015-12-23 10:47:53.526487 9923 DEBUG passlib.registry [req-e4501bef-5f1e-4bd3-8e1b-7320093b767b - - - - -] registered 'sha512_crypt' handler: <class 'passlib.handlers.sha2_crypt.sha512_crypt'> register_crypt_handler /usr/local/lib/python2.7/dist-packages/passlib/registry.py:284
  2015-12-23 10:47:53.625320 9923 INFO keystone.token.providers.fernet.utils [req-e4501bef-5f1e-4bd3-8e1b-7320093b767b - - - - -] Loaded 2 encryption keys (max_active_keys=3) from: /etc/keystone/fernet-keys/
  2015-12-23 10:47:53.735808 mod_wsgi (pid=9923): Exception occurred processing WSGI script '/usr/local/bin/keystone-wsgi-public'.
  2015-12-23 10:47:53.735856 TypeError: expected byte string object for header value, value of type unicode found

  Need identify which change from this commit
  (https://review.openstack.org/#/c/259563/) cause the regression

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1528981/+subscriptions

References

  Thread PreviousDate PreviousThread Next