NOTE(melwitt): This is the combination of two commits, the bug fix and
a followup change to the unit test to enable it also run on
Python < 3.6.
Our console proxies (novnc, serial, spice) run in a websockify server
whose request handler inherits from the python standard
SimpleHTTPRequestHandler. There is a known issue [1] in the
SimpleHTTPRequestHandler which allows open redirects by way of URLs
in the following format:
which if visited, will redirect a user to example.com.
We can intercept a request and reject requests that pass a redirection
URL beginning with "//" by implementing the
SimpleHTTPRequestHandler.send_head() method containing the
vulnerability to reject such requests with a 400 Bad Request.
This code is copied from a patch suggested in one of the issue comments
[2].
NOTE(melwitt): The conflict is because change
I23ac1cc79482d0fabb359486a4b934463854cae5 (Allow TLS ciphers/protocols
to be configurable for console proxies) is not in Train.
NOTE(melwitt): The difference from the cherry picked change:
HTTPStatus.BAD_REQUEST => 400 is due to the fact that HTTPStatus does
not exist in Python 2.7.
Reduce mocking in test_reject_open_redirect for compat
This is a followup for change Ie36401c782f023d1d5f2623732619105dc2cfa24
to reduce mocking in the unit test coverage for it.
While backporting the bug fix, it was found to be incompatible with
earlier versions of Python < 3.6 due to a difference in internal
implementation [1].
This reduces the mocking in the unit test to be more agnostic to the
internals of the StreamRequestHandler (ancestor of
SimpleHTTPRequestHandler) and work across Python versions >= 2.7.
Reviewed: https:/ /review. opendev. org/c/openstack /nova/+ /791807 /opendev. org/openstack/ nova/commit/ 04d48527b62a35d 912f93bc75613a6 cca606df66
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/train
commit 04d48527b62a35d 912f93bc75613a6 cca606df66
Author: melanie witt <email address hidden>
Date: Thu May 13 05:43:42 2021 +0000
Reject open redirection in the console proxy
NOTE(melwitt): This is the combination of two commits, the bug fix and
a followup change to the unit test to enable it also run on
Python < 3.6.
Our console proxies (novnc, serial, spice) run in a websockify server equestHandler. There is a known issue [1] in the equestHandler which allows open redirects by way of URLs
whose request handler inherits from the python standard
SimpleHTTPR
SimpleHTTPR
in the following format:
http:// vncproxy. my.domain. com//example. com/%2F..
which if visited, will redirect a user to example.com.
We can intercept a request and reject requests that pass a redirection equestHandler. send_head( ) method containing the
URL beginning with "//" by implementing the
SimpleHTTPR
vulnerability to reject such requests with a 400 Bad Request.
This code is copied from a patch suggested in one of the issue comments
[2].
Closes-Bug: #1927677
[1] https:/ /bugs.python. org/issue32084 /bugs.python. org/issue32084# msg306545
[2] https:/
Conflicts:
nova/tests/ unit/console/ test_websocketp roxy.py
NOTE(melwitt): The conflict is because change 82d0fabb359486a 4b934463854cae5 (Allow TLS ciphers/protocols
I23ac1cc794
to be configurable for console proxies) is not in Train.
NOTE(melwitt): The difference from the cherry picked change: BAD_REQUEST => 400 is due to the fact that HTTPStatus does
HTTPStatus.
not exist in Python 2.7.
Reduce mocking in test_reject_ open_redirect for compat
This is a followup for change Ie36401c782f023 d1d5f2623732619 105dc2cfa24
to reduce mocking in the unit test coverage for it.
While backporting the bug fix, it was found to be incompatible with
earlier versions of Python < 3.6 due to a difference in internal
implementation [1].
This reduces the mocking in the unit test to be more agnostic to the ndler (ancestor of equestHandler) and work across Python versions >= 2.7.
internals of the StreamRequestHa
SimpleHTTPR
Related-Bug: #1927677
[1] https:/ /github. com/python/ cpython/ commit/ 34eeed42901666f ce099947f93dfdf c05411f286
Change-Id: I546d376869a992 601b443fb95acf1 034da2a8f36 b4f5941d994c6cc 11107fc4af) f9cb05a08d328c1 0e1d16c4f1) 18de0081a769750 19997b8709) 53e7bce70f720a4 4f7688141f)
(cherry picked from commit 214cabe6848a1fd
(cherry picked from commit 9c2f29783734cb5
(cherry picked from commit 94e265f3ca615aa
(cherry picked from commit d43b88a33407b12
Change-Id: Ie36401c782f023 d1d5f2623732619 105dc2cfa24 98f742c85dab58a 075c8b793e) d9b1233f54f5a96 c02b2d4f70) 712f88b6435ba2c 6500133e5b) 50632e0c2cf5cc9 a018344e7b)
(cherry picked from commit 781612b33282ed2
(cherry picked from commit 470925614223c8d
(cherry picked from commit 6b70350bdcf59a9
(cherry picked from commit 719e651e6be2779