Add mechanism to limit Request ID size

Adding 'max_request_id_length' defaulting to 0 for backportability. DocImpact SecurityImpact Closes-Bug: #1482301 Change-Id: Ie68afe7610a414bbcc42ff3bee33a9779303c115
2015-08-06 16:29:28 +00:00 · 2015-08-06 16:29:28 +00:00 · 9fdc92b57b
commit 9fdc92b57b
parent ade3ef630a
3 changed files with 19 additions and 1 deletions
--- a/doc/source/configuring.rst
+++ b/doc/source/configuring.rst
@ -192,6 +192,13 @@ will prevent any new processes from being created.

 Optional. Default: The number of CPUs available will be used by default.

+* ``max_request_id_length=LENGTH``
+
+Limits the maximum size of the x-openstack-request-id header which is
+logged. Affects only if context middleware is configured in pipeline.
+
+Optional. Default: ``0`` (Limited by max_header_line default: 16384)
+
 Configuring SSL Support
 ~~~~~~~~~~~~~~~~~~~~~~~~~

--- a/glance/api/middleware/context.py
+++ b/glance/api/middleware/context.py
@ -38,6 +38,8 @@ context_opts = [
                help=_('Allow unauthenticated users to access the API with '
                       'read-only privileges. This only applies when using '
                       'ContextMiddleware.')),
+    cfg.IntOpt('max_request_id_length', default=0,
+               help=_('Limits request ID length.')),
 ]

 CONF = cfg.CONF
@ -110,6 +112,13 @@ class ContextMiddleware(BaseContextMiddleware):
                raise webob.exc.HTTPInternalServerError(
                    _('Invalid service catalog json.'))

+        request_id = req.headers.get('X-Openstack-Request-ID')
+        if request_id and (0 < CONF.max_request_id_length <
+                           len(request_id)):
+            msg = (_('x-openstack-request-id is too long, max size %s') %
+                   CONF.max_request_id_length)
+            return webob.exc.HTTPRequestHeaderFieldsTooLarge(comment=msg)
+
        kwargs = {
            'user': req.headers.get('X-User-Id'),
            'tenant': req.headers.get('X-Tenant-Id'),
@ -119,7 +128,7 @@ class ContextMiddleware(BaseContextMiddleware):
            'owner_is_tenant': CONF.owner_is_tenant,
            'service_catalog': service_catalog,
            'policy_enforcer': self.policy_enforcer,
-            'request_id': req.headers.get('X-Openstack-Request-ID'),
+            'request_id': request_id,
        }

        return glance.context.RequestContext(**kwargs)
--- a/glance/tests/unit/test_opts.py
+++ b/glance/tests/unit/test_opts.py
@ -81,6 +81,7 @@ class OptsTestCase(utils.BaseTestCase):
            'enable_v3_api',
            'enable_v1_registry',
            'enable_v2_registry',
+            'max_request_id_length',
            'pydev_worker_debug_host',
            'pydev_worker_debug_port',
            'metadata_encryption_key',
@ -169,6 +170,7 @@ class OptsTestCase(utils.BaseTestCase):
            'enable_v1_registry',
            'enable_v2_registry',
            'pydev_worker_debug_host',
+            'max_request_id_length',
            'pydev_worker_debug_port',
            'metadata_encryption_key',
            'bind_host',