diff options
| author | Russell Bryant <rbryant@redhat.com> | 2012-03-07 15:03:35 -0500 |
|---|---|---|
| committer | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-03-09 17:16:53 -0800 |
| commit | ee0bb74cbcf521071965ccd63f8232e8c434229d (patch) | |
| tree | ebb2e1af08db7c97720a3167bbd8d212b8fc886a /nova/openstack | |
| parent | bd2d89dd567dc8544201042487ac23c2096a4b8d (diff) | |
| download | nova-ee0bb74cbcf521071965ccd63f8232e8c434229d.tar.gz nova-ee0bb74cbcf521071965ccd63f8232e8c434229d.tar.xz nova-ee0bb74cbcf521071965ccd63f8232e8c434229d.zip | |
Fix issues with security group auths without ports.
Fix bug 946427.
There was a bug where a security group would get completely opened in
cases where only icmp, udp, or tcp should be opened. For example, any
of the following three commands would result in opening everything:
euca-authorize -P icmp -o test-ports test-ports
euca-authorize -P tcp -o test-ports test-ports
euca-authorize -P udp -o test-ports test-ports
This patch resolves this and these commands now only open the protocol
that was specified. Unit tests have been added to verify the fix and
also verify that this only works when a source group is specified.
While the bug was originally reported against the EC2 API, the same
updates and similar unit tests have gone in to the equivalent code for
the OpenStack API.
Change-Id: I4c87c5f5f4ccee60c6c16da4e659d73ab3f4a34f
Diffstat (limited to 'nova/openstack')
0 files changed, 0 insertions, 0 deletions