** Impact ** If the glance api server is behind a conforming HTTP/1.1 reverse proxy (pound, in this example), all uploaded images will be corrupted. This is because glance.client sends both the "Content-Length" and "Transfer- Encoding: chunked" headers. The HTTP/1.1 spec (http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.4) says:
"If a message is received with both a Transfer-Encoding header field and a Content-Length header field, the latter MUST be ignored." The glance client is sending Content-Length first, and pound sanitizes the request, so it rightfully strips out the Transfer-Encoding. This means that the chunk sizes in the body of the request are written as data to the image, resulting in a corrupted image. This affects diablo, essex, and folsom, though it will only affect non- sendfile platforms on essex and folsom (since that codepath is not affected). ** Development Fix ** This is fixed in the development trunk at: https://review.openstack.org/6563 and in quantal ** Stable Fix ** This is fixed in the stable/essex branch at: https://review.openstack.org/6776 ** Test Case ** Run the glance unit tests ** Regression Potental ** Minimal, this code path is not used in Ubuntu by default. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/981332 Title: Content-Length and Transfer-Encoding are mutually exclusive HTTP headers To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/981332/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
