From 7d923d28d673340af1e168f99e7178cd01ea3ac3 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Mon, 5 Sep 2011 09:32:14 +0200
Subject: Make a security group rule that references another security group
 return ipPermission for each of tcp, udp, and icmp.

---
 nova/api/ec2/cloud.py | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'nova/api')

diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py
index fe44191c8..14f5f69e2 100644
--- a/nova/api/ec2/cloud.py
+++ b/nova/api/ec2/cloud.py
@@ -572,18 +572,25 @@ class CloudController(object):
         g['ipPermissions'] = []
         for rule in group.rules:
             r = {}
-            r['ipProtocol'] = rule.protocol
-            r['fromPort'] = rule.from_port
-            r['toPort'] = rule.to_port
             r['groups'] = []
             r['ipRanges'] = []
             if rule.group_id:
                 source_group = db.security_group_get(context, rule.group_id)
                 r['groups'] += [{'groupName': source_group.name,
                                  'userId': source_group.project_id}]
+                for protocol, min_port, max_port in (('icmp', -1, -1),
+                                                     ('tcp', 1, 65535),
+                                                     ('udp', 1, 65536)):
+                    r['ipProtocol'] = protocol 
+                    r['fromPort'] = min_port
+                    r['toPort'] = max_port
+                    g['ipPermissions'] += [dict(r)]
             else:
+                r['ipProtocol'] = rule.protocol
+                r['fromPort'] = rule.from_port
+                r['toPort'] = rule.to_port
                 r['ipRanges'] += [{'cidrIp': rule.cidr}]
-            g['ipPermissions'] += [r]
+                g['ipPermissions'] += [r]
         return g
 
     def _rule_args_to_dict(self, context, kwargs):
-- 
cgit 


From 63c4cc459a5b27040610ca9071ac578ecd43c059 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Thu, 15 Sep 2011 18:15:19 +0200
Subject: Return three rules for describe_security_groups if a rule refers to a
 foreign group, but does not specify protocol/port.

---
 nova/api/ec2/cloud.py | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'nova/api')

diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py
index 14f5f69e2..5c876a3b7 100644
--- a/nova/api/ec2/cloud.py
+++ b/nova/api/ec2/cloud.py
@@ -578,13 +578,19 @@ class CloudController(object):
                 source_group = db.security_group_get(context, rule.group_id)
                 r['groups'] += [{'groupName': source_group.name,
                                  'userId': source_group.project_id}]
-                for protocol, min_port, max_port in (('icmp', -1, -1),
-                                                     ('tcp', 1, 65535),
-                                                     ('udp', 1, 65536)):
-                    r['ipProtocol'] = protocol 
-                    r['fromPort'] = min_port
-                    r['toPort'] = max_port
+                if rule.protocol:
+                    r['ipProtocol'] = rule.protocol
+                    r['fromPort'] = rule.from_port
+                    r['toPort'] = rule.to_port
                     g['ipPermissions'] += [dict(r)]
+                else:
+                    for protocol, min_port, max_port in (('icmp', -1, -1),
+                                                         ('tcp', 1, 65535),
+                                                         ('udp', 1, 65536)):
+                        r['ipProtocol'] = protocol
+                        r['fromPort'] = min_port
+                        r['toPort'] = max_port
+                        g['ipPermissions'] += [dict(r)]
             else:
                 r['ipProtocol'] = rule.protocol
                 r['fromPort'] = rule.from_port
-- 
cgit