Package: glance
Version: 2012.1.1-3
Severity: grave
Tags: upstream
Here's the advisory as I received it. Upload is following soon.
Title: Backend password leak in Glance error message
Reporter: Dan Prince (Red Hat)
Products: Glance
Affects: All versions
Dan Prince of Red Hat discovered an issue in Glance error reporting. By
creating an image in Glance by URL that references a mis-configured
Swift endpoint, or if the Swift endpoint that a previously-ACTIVE image
references for any reason becomes unusable, an authenticated user may
access the Glance operator's Swift credentials for that endpoint. Only
setups that use the single-tenant Swift store are affected.
Proposed patches:
See attached patches for current development tree (Grizzly) and the
Folsom and Essex series. Unless a flaw is discovered in them, these
proposed patches will be merged to Glance master, stable/folsom and
stable/essex branches on the public disclosure date.
CVE:
No CVE was assigned yet to those issues, so please let us know what we
should use.
Proposed public disclosure date/time:
*Tuesday January 29th, 1500UTC*
Please do not make the issue public (or release public patches) before
the coordinated embargo date.
Regards,
-- Thierry Carrez OpenStack Vulnerability Management Team
grizzly.patch
diff --git a/glance/store/swift.py b/glance/store/swift.py
index 2899fce..dfe3696 100644
--- a/glance/store/swift.py
+++ b/glance/store/swift.py
@@ -136,7 +136,7 @@ class StoreLocation(glance.store.location.StoreLocation):
", you need to change it to use the "
"swift+http:// scheme, like so: "
"swift+http://user:p...@authurl.com/v1/container/obj";)
- LOG.debug(_("Invalid store uri %(uri)s: %(reason)s") % locals())
+ LOG.debug(_("Invalid store URI: %(reason)s") % locals())
raise exception.BadStoreUri(message=reason)
pieces = urlparse.urlparse(uri)
@@ -162,8 +162,7 @@ class StoreLocation(glance.store.location.StoreLocation):
if creds:
cred_parts = creds.split(':')
if len(cred_parts) != 2:
- reason = (_("Badly formed credentials '%(creds)s' in Swift "
- "URI") % locals())
+ reason = (_("Badly formed credentials in Swift URI."))
LOG.debug(reason)
raise exception.BadStoreUri()
user, key = cred_parts
@@ -181,7 +180,7 @@ class StoreLocation(glance.store.location.StoreLocation):
path_parts.insert(0, netloc)
self.auth_or_store_url = '/'.join(path_parts)
except IndexError:
- reason = _("Badly formed Swift URI: %s") % uri
+ reason = _("Badly formed Swift URI.")
LOG.debug(reason)
raise exception.BadStoreUri()
@@ -241,8 +240,8 @@ class BaseStore(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
@@ -375,8 +374,7 @@ class BaseStore(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.CONFLICT:
raise exception.Duplicate(_("Swift already has an image at "
- "location %s") %
- location.get_uri())
+ "this location"))
msg = (_("Failed to add object to Swift.\n"
"Got error from Swift: %(e)s") % locals())
LOG.error(msg)
@@ -419,8 +417,8 @@ class BaseStore(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
@@ -578,8 +576,8 @@ class MultiTenantStore(BaseStore):
except swiftclient.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
folsom.patch
diff --git a/glance/store/swift.py b/glance/store/swift.py
index 59f0f57..64ef21b 100644
--- a/glance/store/swift.py
+++ b/glance/store/swift.py
@@ -136,7 +136,7 @@ class StoreLocation(glance.store.location.StoreLocation):
"like so: "
"swift+http://user:p...@authurl.com/v1/container/obj";
)
- LOG.error(_("Invalid store uri %(uri)s: %(reason)s") % locals())
+ LOG.error(_("Invalid store URI: %(reason)s") % locals())
raise exception.BadStoreUri(message=reason)
pieces = urlparse.urlparse(uri)
@@ -162,8 +162,7 @@ class StoreLocation(glance.store.location.StoreLocation):
if creds:
cred_parts = creds.split(':')
if len(cred_parts) != 2:
- reason = (_("Badly formed credentials '%(creds)s' in Swift "
- "URI") % locals())
+ reason = (_("Badly formed credentials in Swift URI."))
LOG.error(reason)
raise exception.BadStoreUri()
user, key = cred_parts
@@ -181,7 +180,7 @@ class StoreLocation(glance.store.location.StoreLocation):
path_parts.insert(0, netloc)
self.auth_or_store_url = '/'.join(path_parts)
except IndexError:
- reason = _("Badly formed Swift URI: %s") % uri
+ reason = _("Badly formed Swift URI.")
LOG.error(reason)
raise exception.BadStoreUri()
@@ -293,8 +292,8 @@ class Store(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_store_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
@@ -543,7 +542,7 @@ class Store(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.CONFLICT:
raise exception.Duplicate(_("Swift already has an image at "
- "location %s") % location.get_uri())
+ "this location."))
msg = (_("Failed to add object to Swift.\n"
"Got error from Swift: %(e)s") % locals())
LOG.error(msg)
@@ -596,8 +595,8 @@ class Store(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_store_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
@@ -637,8 +636,8 @@ class Store(glance.store.base.Store):
except swiftclient.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_store_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
essex.patch
diff --git a/glance/store/swift.py b/glance/store/swift.py
index ae3a626..7d94d45 100644
--- a/glance/store/swift.py
+++ b/glance/store/swift.py
@@ -109,7 +109,7 @@ class StoreLocation(glance.store.location.StoreLocation):
"like so: "
"swift+http://user:p...@authurl.com/v1/container/obj";
)
- logger.error(_("Invalid store uri %(uri)s: %(reason)s") % locals())
+ logger.error(_("Invalid store URI: %(reason)s") % locals())
raise exception.BadStoreUri()
pieces = urlparse.urlparse(uri)
@@ -139,8 +139,7 @@ class StoreLocation(glance.store.location.StoreLocation):
# the account and user. Combine them into a single username of
# account:user
if len(cred_parts) == 1:
- reason = (_("Badly formed credentials '%(creds)s' in Swift "
- "URI") % locals())
+ reason = (_("Badly formed credentials in Swift URI."))
logger.error(reason)
raise exception.BadStoreUri()
elif len(cred_parts) == 3:
@@ -161,7 +160,7 @@ class StoreLocation(glance.store.location.StoreLocation):
path_parts.insert(0, netloc)
self.authurl = '/'.join(path_parts)
except IndexError:
- reason = _("Badly formed Swift URI: %s") % uri
+ reason = _("Badly formed Swift URI.")
logger.error(reason)
raise exception.BadStoreUri()
@@ -265,8 +264,8 @@ class Store(glance.store.base.Store):
except swift_client.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_store_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
@@ -464,7 +463,7 @@ class Store(glance.store.base.Store):
except swift_client.ClientException, e:
if e.http_status == httplib.CONFLICT:
raise exception.Duplicate(_("Swift already has an image at "
- "location %s") % location.get_uri())
+ "this location."))
msg = (_("Failed to add object to Swift.\n"
"Got error from Swift: %(e)s") % locals())
logger.error(msg)
@@ -513,8 +512,8 @@ class Store(glance.store.base.Store):
except swift_client.ClientException, e:
if e.http_status == httplib.NOT_FOUND:
uri = location.get_store_uri()
- raise exception.NotFound(_("Swift could not find image at "
- "uri %(uri)s") % locals())
+ msg = _("Swift could not find image at URI.")
+ raise exception.NotFound(msg)
else:
raise
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
