Project

General

Profile

Bug #13598

radosgw-admin: inconsistency in uid/email handling

Added by Patrick Ringl about 2 years ago. Updated about 1 year ago.

Status:
Resolved
Priority:
High
Assignee:
Target version:
-
Start date:
10/26/2015
Due date:
% Done:

0%

Source:
other
Tags:
Backport:
hammer, jewel
Regression:
No
Severity:
2 - major
Reviewed:
Affected Versions:
ceph-qa-suite:
Release:
hammer
Needs Doc:
No

Description

Hi,

when using radosgw-admin to create users, the 'uid' is not treated as sole unique constraint of the to-be-added user in question, but the email is.
Now while this looks systematically broken, it gets worse: the uniqueness of an 'email'-address of a rgw-user is not enforced properly, since radosgw-admin distinguishes between case sensitivity.

Although RFC 5321, section: 2.3.11 states that the local-part@ can be case-sensitive, the current implementations out there in fact do diverge from that! ;-) .. but, the real bummer is: RFC1035, section 2.3.3, stating:

(...)
For all parts of the DNS that are part of the official protocol, all
comparisons between character strings (e.g., labels, domain names, etc.)
are done in a case-insensitive manner
(...)

So, creating a user with:

a) different uid
b) same email, but a different case (i.e. vs. )
c) same display-name

will work - but, creating a user with:

a) different uid
b) same email (and same case)
c) same display-name

does not. This is quite inconsistent! :-|

Examples of even more inconsistent/broken behavior of radosgw-admin:

radosgw-admin user create --uid=test1 --email="" --display-name="test1"
=> works as expected

radosgw-admin user create --uid=test2 --email="" --display-name="test1"
=> returns just the JSON of user1

radosgw-admin user create --uid=test2 --email="" --display-name="test2"
=> could not create user: unable to create user, user: test1 exists

radosgw-admin user create --uid=test2 --email="" --display-name="test2"
=> creates the user 'test2'


Related issues

Copied to rgw - Backport #16318: hammer: radosgw-admin: inconsistency in uid/email handling Resolved
Copied to rgw - Backport #16319: jewel: radosgw-admin: inconsistency in uid/email handling Resolved

History

#1 Updated by Samuel Just about 2 years ago

  • Project changed from Ceph to rgw
  • Category deleted (radosgw)

#2 Updated by Yehuda Sadeh about 2 years ago

  • Assignee set to Casey Bodley
  • Affected Versions deleted (v0.20, v0.21, v0.21.1, v0.21.2, v0.21.3, v0.21.4, v0.22, v0.22.1, v0.22.2, v0.22.3, v0.23, v0.23.1, v0.23.2, v0.24, v0.24.1, v0.24.2, v0.24.3, v0.25, v0.25.1, v0.25.2, v0.25.3, v0.26, v0.26.1, v0.27, v0.27.1, v0.28, v0.29, v0.30, v0.31, v0.32, v0.33, v0.34, v0.35, v0.36, v0.37, v0.38, v0.39, v0.40, v0.41, v0.42, v0.43, v0.44, v0.45, v0.46, v0.47, v0.48, v0.49, v0.50, v0.51, v0.52a, v0.53a, v0.53b, v0.53c, v0.54a, v0.54b, v0.55a, v0.55b, v0.55c, v0.55d, v0.56, v0.57a, v0.57b, v0.57c, v0.58, v0.59, v0.60, v0.61 - Cuttlefish, v0.62a, v0.62b, v0.63, v0.64, v0.65, v0.66, v0.67 - Dumpling, v0.67rc, v0.67rc - continued, v0.68, v0.68 - continued, v0.69, v0.70, v0.71, v0.72 Emperor, v0.73, v0.74, v0.75, v0.76a, v0.76b, v0.77, 0.78, 0.79, 0.80rc, 0.80, v0.81, 0.82, 0.83, 0.83 cont., 0.84, 0.84 cont., 0.85, 0.85 cont., 0.86, 0.88, 0.89, 0.90, v.91, v.actually90, v.actually91, v0.92, v0.93 - Last Hammer Sprint, v0.94, v0.95, v9.0.2, v9.0.3, v9.0.4, v9.0.5, v9.0.6, v9.0.7, v9.0.8, v0.80.10, v0.80.11, v0.94.2, v0.94.3, v0.94.4)

#3 Updated by Yehuda Sadeh about 2 years ago

  • Assignee changed from Casey Bodley to Matt Benjamin

Two different issues here:
- when email is used, there's no check to see whether the uid matches
- email should be canonicalized

#4 Updated by Matt Benjamin almost 2 years ago

Pushed PR #7273 addressing the material issues here, as discussed on #ceph-devel.

That is, it seems that
1. email addresses should be case normalized (lower)
2. email addresses should be enforced unique, but should err explicitly (not process an update of the conflicting user, returning its json)

Matt

#5 Updated by Orit Wasserman over 1 year ago

  • Status changed from New to Pending Backport
  • Backport set to hammer, jewel

#6 Updated by Nathan Cutler over 1 year ago

  • Copied to Backport #16318: hammer: radosgw-admin: inconsistency in uid/email handling added

#7 Updated by Nathan Cutler over 1 year ago

  • Copied to Backport #16319: jewel: radosgw-admin: inconsistency in uid/email handling added

#8 Updated by Nathan Cutler about 1 year ago

  • Status changed from Pending Backport to Resolved
  • Needs Doc set to No

Also available in: Atom PDF