Bug 1204271 - uninitialized constant EmsAmazon::AWS error validating login
Summary: uninitialized constant EmsAmazon::AWS error validating login
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Providers
Version: 5.3.0
Hardware: All
OS: All
high
high
Target Milestone: GA
: 5.3.5
Assignee: Greg Blomquist
QA Contact: Jan Krocil
URL:
Whiteboard:
Depends On: 1186502
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-03-20 18:21 UTC by Greg Blomquist
Modified: 2019-07-11 08:49 UTC (History)
12 users (show)

Fixed In Version: 5.3.5.1
Doc Type: Bug Fix
Doc Text:
In the previous version, usernames or passwords used in the http_proxy setting used non-url-friendly characters. As a result, there was an error when validating the login for Amazon AWS. This bug has been fixed by escaping the user name and password in code.
Clone Of: 1186502
Environment:
Last Closed: 2015-07-15 12:54:37 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:1223 0 normal SHIPPED_LIVE cfme (5.3.5) bug fix and enhancement update 2015-07-15 16:54:20 UTC

Comment 1 CFME Bot 2015-03-20 18:36:20 UTC 
New commit detected on cfme/5.3.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=e3ff30ab220bce68aaaa79c59e614370d87c77b1

commit e3ff30ab220bce68aaaa79c59e614370d87c77b1
Author:     Greg Blomquist <gblomqui>
AuthorDate: Fri Mar 20 14:25:20 2015 -0400
Commit:     Greg Blomquist <gblomqui>
CommitDate: Fri Mar 20 14:25:20 2015 -0400

    CGI Escape user/pw in proxy settings
    
    Usernames or passwords used in the http_proxy setting that use non-url-friendly
    characters cause the following error:
    
      URI::InvalidComponentError: bad component(expected user component)
    
    By escaping the username and password, this error is avoided.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1204271

 vmdb/lib/vmdb/config.rb | 2 ++
 1 file changed, 2 insertions(+)
Comment 9 CFME Bot 2015-06-26 19:18:30 UTC 
New commit detected on cfme/5.3.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=a487bb20eb8f03a86e71e6c4a9e1730217ccb15f

commit a487bb20eb8f03a86e71e6c4a9e1730217ccb15f
Author:     Greg Blomquist <gblomqui>
AuthorDate: Fri May 8 14:22:14 2015 -0400
Commit:     Greg Blomquist <gblomqui>
CommitDate: Fri May 8 14:38:17 2015 -0400

    Update aws-sdk lib to 1.56
    
    In upstream PR https://github.com/ManageIQ/manageiq/pull/1627, the http_proxy
    username and password were CGI escaped to prevent errors attempting to build the
    URL with non-cgi compliant usernames and passwords.
    
    This worked fine upstream, however, the version of aws-sdk downstream had a bug
    that would blindly CGI re-encode usernames and passwords causing them to be
    doubly CGI encoded.
    
    By updating the downstream aws-sdk library to the version we have upstream we
    avoid this bug and avoid doubly CGI encoded http_proxy usernames and passwords.
    
    Here is my local diff of Gemfile.lock before and after I updated the aws-sdk
    library:
    
    --- Gemfile.lock.5.3.z  2015-05-08 14:19:08.705533613 -0400
    +++ Gemfile.lock        2015-05-08 14:20:46.161454778 -0400
    @@ -208,10 +208,11 @@
         arrayfields (4.9.2)
         ast (2.0.0)
         awesome_spawn (1.3.0)
    -    aws-sdk (1.11.3)
    +    aws-sdk (1.56.0)
    +      aws-sdk-v1 (= 1.56.0)
    +    aws-sdk-v1 (1.56.0)
           json (~> 1.4)
    -      nokogiri (< 1.6.0)
    -      uuidtools (~> 2.1)
    +      nokogiri (>= 1.4.4)
         bcrypt-ruby (3.0.1)
         binary_struct (2.0.0)
         brakeman (2.6.3)
    @@ -499,7 +500,7 @@
       american_date
       ancestry (~> 1.2.4)
       awesome_spawn (~> 1.2)
    -  aws-sdk (~> 1.11.3)
    +  aws-sdk (~> 1.56.0)
       bcrypt-ruby (~> 3.0.1)
       binary_struct (~> 2.0)
       brakeman (~> 2.0)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1204271

 vmdb/Gemfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 10 CFME Bot 2015-06-26 19:18:36 UTC 
New commit detected on cfme/5.3.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=82aa94740d2b15f8ff14bc55935496617e2238e1

commit 82aa94740d2b15f8ff14bc55935496617e2238e1
Merge: 1169027 a487bb2
Author:     Jason Frey <jfrey>
AuthorDate: Fri Jun 26 15:08:47 2015 -0400
Commit:     Jason Frey <jfrey>
CommitDate: Fri Jun 26 15:08:47 2015 -0400

    Merge branch 'bz1204271-update-aws_sdk' into '5.3.z'
    
    Update aws-sdk lib to 1.56
    
    In upstream PR https://github.com/ManageIQ/manageiq/pull/1627, the http_proxy
    username and password were CGI escaped to prevent errors attempting to build the
    URL with non-cgi compliant usernames and passwords.
    
    This worked fine upstream, however, the version of aws-sdk downstream had a bug
    that would blindly CGI re-encode usernames and passwords causing them to be
    doubly CGI encoded.
    
    By updating the downstream aws-sdk library to the version we have upstream we
    avoid this bug and avoid doubly CGI encoded http_proxy usernames and passwords.
    
    Here is my local diff of Gemfile.lock before and after I updated the aws-sdk
    library:
    
    ```
    --- Gemfile.lock.5.3.z  2015-05-08 14:19:08.705533613 -0400
    +++ Gemfile.lock        2015-05-08 14:20:46.161454778 -0400
    @@ -208,10 +208,11 @@
         arrayfields (4.9.2)
         ast (2.0.0)
         awesome_spawn (1.3.0)
    -    aws-sdk (1.11.3)
    +    aws-sdk (1.56.0)
    +      aws-sdk-v1 (= 1.56.0)
    +    aws-sdk-v1 (1.56.0)
           json (~> 1.4)
    -      nokogiri (< 1.6.0)
    -      uuidtools (~> 2.1)
    +      nokogiri (>= 1.4.4)
         bcrypt-ruby (3.0.1)
         binary_struct (2.0.0)
         brakeman (2.6.3)
    @@ -499,7 +500,7 @@
       american_date
       ancestry (~> 1.2.4)
       awesome_spawn (~> 1.2)
    -  aws-sdk (~> 1.11.3)
    +  aws-sdk (~> 1.56.0)
       bcrypt-ruby (~> 3.0.1)
       binary_struct (~> 2.0)
       brakeman (~> 2.0)
    ```
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1204271
    
    See merge request !45

 vmdb/Gemfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 12 Jan Krocil 2015-07-01 08:01:23 UTC 
Verified fixed in 5.3.5.1.

Current gem versions are correct:
aws-sdk (1.56.0)
aws-sdk-v1 (1.56.0)

And I also tested the creds mentioned above and it indeed does work now.
Comment 14 errata-xmlrpc 2015-07-15 12:54:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1223.html
Note You need to log in before you can comment on or make changes to this bug.