969112 – Deleting an alias with just one or two dots as its name ends up deleting the application

Bug 969112 - Deleting an alias with just one or two dots as its name ends up deleting the application

Summary: Deleting an alias with just one or two dots as its name ends up deleting the ...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Online
Classification:	Red Hat
Component:	Master
Sub Component:
Version:	2.x
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	Lili Nader
QA Contact:	libra bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-05-30 16:44 UTC by Abhishek Gupta
Modified:	2015-05-15 00:54 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	968952
Environment:
Last Closed:	2013-06-24 14:49:45 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Abhishek Gupta 2013-05-30 16:44:52 UTC

+++ This bug was initially created as a clone of Bug #968952 +++

Description of problem:
Alias name which only has dot, such as "." ".." could be added to application now, actually, they couldn't work well at all. 
And if I add alias ".." to an app, when I try to remove the alias name via rhc client, the app would be deleted.
Considering such alias name couldn't work well, we should mark such alias name as invalid.

Version-Release number of selected component (if applicable):
rhc-1.9.6-1.git.0.e6fd8d2.el6.noarch
devenv_3289

How reproducible:
Always

Steps to Reproduce:
1. Create an app, and add alias name ".." to it
[root@ip-10-141-154-81 ~]# rhc alias add app1 ..
Alias '..' has been added.
[root@ip-10-141-154-81 ~]# rhc app show app1
app1 @ http://app1-000.dev.rhcloud.com/ (uuid: 373974725158129627037696)
------------------------------------------------------------------------
  Created: 6:02 AM
  Gears:   1 (defaults to small)
  Git URL: ssh://373974725158129627037696.rhcloud.com/~/git/app1.git/
  SSH:     373974725158129627037696.rhcloud.com
  Aliases: ..

  ruby-1.8 (Ruby 1.8)
  -------------------
    Gears: 1 small

[root@ip-10-141-154-81 ~]# curl -H "Host: .."  10.141.154.81
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.2.15 (Red Hat) Server at .. Port 80</address>
</body></html>


2. Remove the alias name
[root@ip-10-141-154-81 ~]# rhc alias remove app1 ..
Alias '..' has been removed.
[root@ip-10-141-154-81 ~]# rhc app show app1
Application 'app1' not found for domain '000'


Actual results:
The alias name ".." couldn't work and application would be deleted when removing the alias.

Expected results:
Alias which only contains dot should be an invalid alias name.

Additional info:
Removing alias name action could be done normally by REST API, after removing alias name via REST API, the app is still there.
But when this action moved to rhc client, the broker would get a deleting application action request shown in user_action.log
...
SUCCESS DATE=2013-05-30 TIME=06:08:24 ACTION=AUTHENTICATE REQ_ID=aa0a8277876e5d2181863a6a4bef33ea USER_ID=51a723bbecf6c7c984000309 LOGIN=gpei IP=127.0.0.1 SCOPES=session Authenticated
SUCCESS DATE=2013-05-30 TIME=06:08:32 ACTION=DELETE_APPLICATION REQ_ID=aa0a8277876e5d2181863a6a4bef33ea USER_ID=51a723bbecf6c7c984000309 LOGIN=gpei APP=app1 DOMAIN=000 APP_UUID=373974725158129627037696 Application app1 is deleted.
...

Comment 1 Jordan Liggitt 2013-05-30 17:29:16 UTC

The broker is constructing the href links incorrectly for an alias named ..

Create an app with the alias .., and view the rest api response for it:

...
"DELETE": {
    "href": "https://ec2-54-226-151-3.compute-1.amazonaws.com/broker/rest/domains/test1/applications/foo/",
    "method": "DELETE",
    "optional_params": [ ],
    "rel": "Delete alias",
    "required_params": [ ]

}

The ".." gets normalized to point to the parent directory.

RHC is simply calling DELETE on the provided href, which ends up deleting the app.

This is a concern for anything where we embed the name into the URL without escaping it. Search for URI::join in the broker to check for other places where embedding .. could be problematic

Comment 2 Jordan Liggitt 2013-05-30 17:36:01 UTC

"." could also be an issue in other places

Comment 3 Abhishek Gupta 2013-05-30 17:38:27 UTC

If we fix Bug 968952 and fix our alias validations, then this bug would not exist except for existing aliases that have this issue.

Comment 4 Rob Millner 2013-05-30 18:41:09 UTC

RFC 1123 (sect 2.1) specifies that a host name must start with a letter or number.  Adding that check would eliminate this problem.  I'll add it at the host level and but going forward it would be good if the broker also did this check.

Comment 5 Abhishek Gupta 2013-05-30 21:01:59 UTC

Lowering severity since the bug 968952 is being fixed with the pull request --> https://github.com/openshift/origin-server/pull/2697

The broker is fixing its validation for the alias.

Comment 6 openshift-github-bot 2013-05-30 23:52:30 UTC

Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/dfac49170367101e4887b7e7d9c774e77fe615ad
Bug 969112 - RFC 1121 (sect 2.1) specifies that a host name must start with a letter or number.

Comment 7 zhaozhanqi 2013-06-17 10:46:48 UTC

Tested this bug on devenv_3368, it has fixed.


[zqzhao@dhcp-13-222 zqpy27]$ rhc alias add zqruby18 ..
Invalid Server Alias '..' specified

Note You need to log in before you can comment on or make changes to this bug.