diff options
| author | Dave Walker (Daviey) <DaveWalker@ubuntu.com> | 2011-08-09 12:47:47 +0000 |
|---|---|---|
| committer | Tarmac <> | 2011-08-09 12:47:47 +0000 |
| commit | d6943d72525fd6a48bc9b3407bc90d9da7f99ad9 (patch) | |
| tree | 843abc8773acbdda9f03e547832527ba0f66cab9 /nova/api | |
| parent | 816f7736eb03b16e1d0a9a1906bb436c7ad9f351 (diff) | |
| parent | 82eb299fd0fa6601d4704836ed7e76369f086ffc (diff) | |
Initial validation for ec2 security groups name.
Diffstat (limited to 'nova/api')
| -rw-r--r-- | nova/api/ec2/__init__.py | 4 | ||||
| -rw-r--r-- | nova/api/ec2/cloud.py | 21 |
2 files changed, 23 insertions, 2 deletions
diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py index 804e54ef9..8b6e47cfb 100644 --- a/nova/api/ec2/__init__.py +++ b/nova/api/ec2/__init__.py @@ -354,6 +354,10 @@ class Executor(wsgi.Application): LOG.debug(_('KeyPairExists raised: %s'), unicode(ex), context=context) return self._error(req, context, type(ex).__name__, unicode(ex)) + except exception.InvalidParameterValue as ex: + LOG.debug(_('InvalidParameterValue raised: %s'), unicode(ex), + context=context) + return self._error(req, context, type(ex).__name__, unicode(ex)) except Exception as ex: extra = {'environment': req.environ} LOG.exception(_('Unexpected error raised: %s'), unicode(ex), diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py index c4651f374..f64a92d12 100644 --- a/nova/api/ec2/cloud.py +++ b/nova/api/ec2/cloud.py @@ -25,10 +25,11 @@ datastore. import base64 import netaddr import os -import urllib +import re +import shutil import tempfile import time -import shutil +import urllib from nova import block_device from nova import compute @@ -789,6 +790,22 @@ class CloudController(object): return source_project_id def create_security_group(self, context, group_name, group_description): + if not re.match('^[a-zA-Z0-9_\- ]+$', str(group_name)): + # Some validation to ensure that values match API spec. + # - Alphanumeric characters, spaces, dashes, and underscores. + # TODO(Daviey): LP: #813685 extend beyond group_name checking, and + # probably create a param validator that can be used elsewhere. + err = _("Value (%s) for parameter GroupName is invalid." + " Content limited to Alphanumeric characters, " + "spaces, dashes, and underscores.") % group_name + # err not that of master ec2 implementation, as they fail to raise. + raise exception.InvalidParameterValue(err=err) + + if len(str(group_name)) > 255: + err = _("Value (%s) for parameter GroupName is invalid." + " Length exceeds maximum of 255.") % group_name + raise exception.InvalidParameterValue(err=err) + LOG.audit(_("Create Security Group %s"), group_name, context=context) self.compute_api.ensure_default_security_group(context) if db.security_group_exists(context, context.project_id, group_name): |