← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1631432] Re: port-update fails if allowed_address_pair is not a dict

 

Reviewed:  https://review.openstack.org/387895
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=9204b34afc887edd927d1f16d577e0e3385000f6
Submitter: Jenkins
Branch:    master

commit 9204b34afc887edd927d1f16d577e0e3385000f6
Author: Dongcan Ye <hellochosen@xxxxxxxxx>
Date:   Tue Oct 18 17:44:04 2016 +0800

    Validate type of allowed_address_pairs
    
    If user don't pass "type=dict list=true" in create/update port
    with allowed_address_pairs attribute, we will hit Quota exceed
    exception. So we need to check address_pairs type in validation,
    if allowed address pairs is not Python list, we should raise an
    exception.
    
    Change-Id: I7c84b728e8e660b678f251122cc332cd0ce5c576
    Closes-Bug: #1631432


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1631432

Title:
  port-update fails if allowed_address_pair is not a dict

Status in neutron:
  Fix Released
Status in python-neutronclient:
  In Progress

Bug description:
  CLI help is misleading. Neutron port-update called with parameters
  according to documentation returns an error.

  neutron help port-update
    ..
    --allowed-address-pair ip_address=IP_ADDR[,mac_address=MAC_ADDR]
                          Allowed address pair associated with the port.You can
                          repeat this option.

  # neutron port-update 3f36328f-0629-4e41-afa8-e2992815bcd0 --allowed-address-pairs ip_address=10.0.0.1
  The number of allowed address pair exceeds the maximum 10.
  Neutron server returns request_ids: ['req-62e258cc-d47d-4ab7-8e69-a13c50865042']

  Work correctly when specific data type is enforced:
  # neutron port-update 3f36328f-0629-4e41-afa8-e2992815bcd0 --allowed-address-pairs type=dict list=true ip_address=10.0.0.1
  Updated port: 3f36328f-0629-4e41-afa8-e2992815bcd0

  It always should be a list of dict, even when only one pair is given.

  CLI doc should be corrected.

  Furthermore, input data in neutron-server seem to be not validated correctly. The reason of misleading exception about exceeded number of address pairs is an implicit test of length of user data. In case of list of dict it is a number of elements of list - number of address pairs. When only one pair is given, it returns length of string "ip_address=10.0.0.1" == 20 what is greater than 10. There is a try-except clause for TypeError exception, but it is not thrown in this case.
  This bug is observed if there is no other pairs already defined on given port. In other case lists are merged and type error is thrown.

  def _validate_allowed_address_pairs(address_pairs, valid_values=None):
      ..
      try:
          if len(address_pairs) > cfg.CONF.max_allowed_address_pair:
              raise AllowedAddressPairExhausted(
                  quota=cfg.CONF.max_allowed_address_pair)
      except TypeError:
          raise webob.exc.HTTPBadRequest(
              _("Allowed address pairs must be a list."))

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1631432/+subscriptions


References