x
/
vmware-nsx
Code Issues Proposed changes
vmware-nsx/neutron
History
Aaron Rosen 954efa91f0 Add X-Tenant-ID to metadata request 
Previously, one could update a port's device_id to be that of
another tenant's instance_id and then be able to retrieve that
instance's metadata. In order to prevent this X-Tenant-ID is now
passed in the metadata request to nova and nova then checks that
X-Tenant-ID also matches the tenant_id for the instance against it's
database to ensure it's not being spoofed.

DocImpact - When upgrading OpenStack nova and neturon, neutron
            should be updated first (and neutron-metadata-agent
            restarted before nova is upgraded) in order to minimize
            downtime. This is because there is also a patch to nova
            which has checks X-Tenant-ID against it's database
            therefore neutron-metadata-agent needs to pass that
            before nova is upgraded for metadata to work.

Change-Id: I2b8fa2f561a7f2914608e68133abf15efa95015a
Closes-Bug: #1235450
 		2013-12-11 14:47:16 +00:00
..
agent Add X-Tenant-ID to metadata request 2013-12-11 14:47:16 +00:00
api Support uncompressed ipv6 address and abbreviated ipv4 address 2013-11-27 22:09:00 +08:00
cmd remove binaries under bin 2013-08-16 10:10:30 +08:00
common Change hard coded numbers to constants in security group tests 2013-09-23 10:21:24 -04:00
db Merge "Fix DB integrity issues when using postgres" into stable/havana 2013-11-27 20:46:37 +00:00
debug Fix message i18n error 2013-09-08 15:58:12 +08:00
extensions Change hard coded numbers to constants in security group tests 2013-09-23 10:21:24 -04:00
locale Imported Translations from Transifex 2013-10-02 06:10:31 +00:00
openstack Merge "Sync rpc fix from oslo-incubator" into stable/havana 2013-12-08 02:10:00 +00:00
plugins Merge "Ensure NVP API connection port is always an integer" into stable/havana 2013-12-07 10:57:02 +00:00
scheduler Ensure router exists when auto_schedule_routers 2013-09-26 22:48:46 +08:00
server Disable lazy translation 2013-10-01 23:16:23 +00:00
services Use L3 api from vpn ipsec driver via service plugin 2013-10-11 22:39:18 -04:00
tests Add X-Tenant-ID to metadata request 2013-12-11 14:47:16 +00:00
__init__.py Rename Quantum to Neutron 2013-07-06 15:02:43 -04:00
auth.py Rename Quantum to Neutron 2013-07-06 15:02:43 -04:00
context.py Allow for skipping admin roles loading on context creation 2013-08-28 14:06:43 +04:00
hooks.py Fixes Windows setup dependency bug 2013-08-15 22:58:14 +03:00
manager.py Add agent scheduling for LBaaS namespace agent 2013-07-19 13:25:04 +04:00
neutron_plugin_base_v2.py Remove openstack.common.exception usage 2013-08-06 10:42:02 +02:00
policy.py Fix message i18n error 2013-09-08 15:58:12 +08:00
quota.py Fallback to Quota Conf Driver if Quotas table is not defined 2013-10-11 19:59:59 -04:00
service.py Creates multiple worker processes for API server 2013-12-04 21:35:39 +00:00
version.py Rename Quantum to Neutron 2013-07-06 15:02:43 -04:00
wsgi.py Creates multiple worker processes for API server 2013-12-04 21:35:39 +00:00