Barbican

order create with secret.bit_length=None returns 201 (expected 400)

Bug #1338725 reported by Steve Heyman
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Barbican
Fix Released
Medium
Paul Glass
Barbican 2014.2 "juno"

Bug Description

Running Cafe test test_negative_create_order_w_bit_length_null which creates an order with a secret with bit_length set to None. It expects to get back an http 400 error.

Prior to https://review.openstack.org/#/c/102009/4 this test passed by getting an http 400 back from the order POST.

After that fix the test gets back an http 201 which causes the test to fail.

The validation for secrets schema validation passes, then the check for the value of the bit_length uses the default (0) which passes the updated tests (looking for mod 8). Previous test also looked for < 0.

One suggestion for a fix is to check for the bit_length == 0 after we get it out of the secret.

See https://review.openstack.org/#/c/102009/4/barbican/common/validators.py

Steve Heyman (sheyman)
Changed in barbican:
status: New → Confirmed
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to barbican (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/105273

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to barbican (master)

Reviewed: https://review.openstack.org/105273
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=7eb5438b84c4d4905b3dce36208873340041df7f
Submitter: Jenkins
Branch: master

commit 7eb5438b84c4d4905b3dce36208873340041df7f
Author: Paul Glass <email address hidden>
Date: Mon Jul 7 14:44:58 2014 -0500

    Correct default bit_length to match schema constraint

    Closes-Bug: #1338725
    Change-Id: I37a903d1d6bbf32b299378f97c1a99cce24c5758

Changed in barbican:
status: Confirmed → Fix Committed
Douglas Mendizábal (dougmendizabal)
Changed in barbican:
milestone: none → juno-2
assignee: nobody → Paul Glass (pnglass)
Russell Bryant (russellb)
Changed in barbican:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in barbican:
milestone: juno-2 → 2014.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.