Value Type of http_connect_timeout is Wrong
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
keystonemiddleware |
Fix Released
|
Medium
|
Masahito Muroi | ||
python-keystoneclient |
Won't Fix
|
Undecided
|
Unassigned | ||
python-keystoneclient (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned | ||
Vivid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
we can't configure http_connect_
To be able to configure the value, keystoneclient and keystonemiddleware should change the type of the config to Int.
[Test Case]
- Edit the [keystone_
http_connect_
- Restart the service
- If debug is enabled the following entries should be printed on log:
- 2015-08-10 13:50:16.372 11612 INFO urllib3.
2015-08-10 13:50:16.403 11612 DEBUG urllib3.
Without the patch the read timeout is set to an incorrect boolean value.
[Regression Potential]
The change is minimal. That said, however, since the timeout value has only been set to limited values in the past, the fix enables a wider range of timeout values. This needs to be considered as part of the SRU testing.
Related branches
- Corey Bryant: Approve
-
Diff: 145 lines (+123/-0)4 files modifieddebian/changelog (+17/-0)
debian/patches/CVE-2015-1852.patch (+79/-0)
debian/patches/fix-1368545.patch (+25/-0)
debian/patches/series (+2/-0)
- Ubuntu Server Developers: Pending requested
-
Diff: 52 lines (+33/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-1368545.patch (+25/-0)
debian/patches/series (+1/-0)
- Corey Bryant: Approve
-
Diff: 209 lines (+159/-1)7 files modifieddebian/changelog (+24/-0)
debian/control (+1/-0)
debian/patches/CVE-2014-7144.patch (+24/-0)
debian/patches/CVE-2015-1852.patch (+81/-0)
debian/patches/fix-1368545.patch (+25/-0)
debian/patches/series (+3/-0)
debian/rules (+1/-1)
- Ubuntu Server Developers: Pending requested
-
Diff: 54 lines (+34/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-1368545.patch (+26/-0)
debian/patches/series (+1/-0)
- Ubuntu Server Developers: Pending requested
-
Diff: 209 lines (+159/-1)7 files modifieddebian/changelog (+24/-0)
debian/control (+1/-0)
debian/patches/CVE-2014-7144.patch (+24/-0)
debian/patches/CVE-2015-1852.patch (+81/-0)
debian/patches/fix-1368545.patch (+25/-0)
debian/patches/series (+3/-0)
debian/rules (+1/-1)
Changed in keystonemiddleware: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in keystonemiddleware: | |
assignee: | nobody → Masahito Muroi (muroi-masahito) |
Changed in keystonemiddleware: | |
status: | Confirmed → In Progress |
Changed in keystonemiddleware: | |
milestone: | none → 1.3.0 |
Changed in keystonemiddleware: | |
status: | Fix Committed → Fix Released |
tags: | added: sts |
Changed in python-keystoneclient (Ubuntu): | |
status: | New → In Progress |
Changed in python-keystoneclient (Ubuntu Trusty): | |
status: | New → In Progress |
Changed in python-keystoneclient (Ubuntu Vivid): | |
status: | New → In Progress |
description: | updated |
The middleware code in python- keystoneclient is frozen and will not see any bug fixes or new development unless it is a security vulnerability fix. The code in python- keystoneclient is being maintained strictly for compatibility reasons (not breaking existing deployments).