diff options
| author | Jenkins <jenkins@review.openstack.org> | 2013-01-04 19:14:49 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2013-01-04 19:14:49 +0000 |
| commit | 48487f1a4b8f8fa538f90716e293ac8d67853311 (patch) | |
| tree | 56600a381a6cc0114eec32c409fc139a2eb58cc8 | |
| parent | 80325d6897e9aadd0287e5e4e3fc3ada03448dac (diff) | |
| parent | aa2dea35c6e1cfc913e85834b9b98eda4155bd06 (diff) | |
| download | nova-48487f1a4b8f8fa538f90716e293ac8d67853311.tar.gz nova-48487f1a4b8f8fa538f90716e293ac8d67853311.tar.xz nova-48487f1a4b8f8fa538f90716e293ac8d67853311.zip | |
Merge "Allow larger encrypted password posts to metadata"
| -rw-r--r-- | nova/api/metadata/base.py | 7 | ||||
| -rw-r--r-- | nova/api/metadata/password.py | 34 | ||||
| -rw-r--r-- | nova/tests/test_metadata.py | 3 |
3 files changed, 32 insertions, 12 deletions
diff --git a/nova/api/metadata/base.py b/nova/api/metadata/base.py index 2377da7b7..34d412268 100644 --- a/nova/api/metadata/base.py +++ b/nova/api/metadata/base.py @@ -136,12 +136,7 @@ class InstanceMetadata(): for item in instance.get('metadata', []): self.launch_metadata[item['key']] = item['value'] - self.password = '' - # get password if set - for item in instance.get('system_metadata', []): - if item['key'] == 'password': - self.password = item['value'] or '' - break + self.password = password.extract_password(instance) self.uuid = instance.get('uuid') diff --git a/nova/api/metadata/password.py b/nova/api/metadata/password.py index 3cda67eee..b2bb83b15 100644 --- a/nova/api/metadata/password.py +++ b/nova/api/metadata/password.py @@ -19,7 +19,34 @@ from nova import context from nova import db -MAX_SIZE = 256 +CHUNKS = 4 +CHUNK_LENGTH = 255 +MAX_SIZE = CHUNKS * CHUNK_LENGTH + + +def extract_password(instance): + result = '' + for datum in sorted(instance.get('system_metadata', []), + key=lambda x: x['key']): + if datum['key'].startswith('password_'): + result += datum['value'] + return result or None + + +def set_password(context, instance_uuid, password): + """Stores password as system_metadata items. + + Password is stored with the keys 'password_0' -> 'password_3'. + """ + password = password or '' + meta = {} + for i in xrange(CHUNKS): + meta['password_%d' % i] = password[:CHUNK_LENGTH] + password = password[CHUNK_LENGTH:] + db.instance_system_metadata_update(context, + instance_uuid, + meta, + False) def handle_password(req, meta_data): @@ -36,9 +63,6 @@ def handle_password(req, meta_data): if (req.content_length > MAX_SIZE or len(req.body) > MAX_SIZE): msg = _("Request is too large.") raise exc.HTTPBadRequest(explanation=msg) - db.instance_system_metadata_update(ctxt, - meta_data.uuid, - {'password': req.body}, - False) + set_password(ctxt, meta_data.uuid, req.body) else: raise exc.HTTPBadRequest() diff --git a/nova/tests/test_metadata.py b/nova/tests/test_metadata.py index 1f2ea4bc5..25c26ca9c 100644 --- a/nova/tests/test_metadata.py +++ b/nova/tests/test_metadata.py @@ -550,4 +550,5 @@ class MetadataPasswordTestCase(test.TestCase): def test_too_large(self): self.mdinst.password = '' self.assertRaises(webob.exc.HTTPBadRequest, - self._try_set_password, 'a' * 257) + self._try_set_password, + 'a' * (password.MAX_SIZE + 1)) |