Blank passwords should be allowed on server changePassword action
Bug #992661 reported by
Brian Waldon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Brian Waldon |
Bug Description
1) The spec does not actually require non-blank passwords in the three cases the attribute is accepted: create, rebuild, and changePassword.
2) The handling of blank passwords isn't handled consistently in our implementation of the v2 API spec. Server create and changePassword both reject blank passwords (differently based on content-type of request) while a rebuild seems to allow blank passwords.
The spec doesn't require us to reject passwords with a length of zero, so we shouldn't be doing it at all.
Changed in nova: | |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | folsom-1 → 2012.2 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/6973
Review: https:/