--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:glance
User: [email protected]
Usertags: pu
Hi,
I would like to close this bug through p-u:
https://bugs.debian.org/1131274
[ Reason ]
This fixes CVE-2026-34881 / OSSA-2026-004.
[ Impact ]
Before the fix, someone can trick Glance to attempt a web-download
from a server that will do a redirect to a LAN IP address. For example,
something like this:
openstack image import --method web-download --uri \
https://hacker-server.example.com/malicious-redirect \
my-image
may redirect to an IP in the LAN of the OpenStack deployment. As a
result, the content of the document on the LAN will be saved as a
glance image, and can be retrived through:
openstack image save --file stolen-document.txt my-image
The proposed fix checks if the web-download URL has a redirect
and denies the operation if that is the case.
[ Tests ]
The proposed patch includes new tests, and this has been tested
in upstream functional CI too.
[ Risks ]
We've put this patch in production, and it worked well for us.
I haven't tested specifically this version of Glance, but I
believe it should be fine, thanks to unit tests.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
I've attached debdiff for both Trixie and Bookworm. Please
allow me to upload to both p-u.
Note: I attempted a backport to Bullseye and failed, as the
code changed too much. Maybe someone from the LTS team wants
to take-over this work, but I'm giving up. As a mitigation,
it's possible to use a web proxy for Glance that wouldn't
give access to the LAN.
Cheers,
Thomas Goirand (zigo)
diff -Nru glance-25.1.0/debian/changelog glance-25.1.0/debian/changelog
--- glance-25.1.0/debian/changelog 2024-06-21 10:38:56.000000000 +0200
+++ glance-25.1.0/debian/changelog 2026-03-19 17:08:44.000000000 +0100
@@ -1,3 +1,13 @@
+glance (2:25.1.0-2+deb12u2) bookworm; urgency=medium
+
+ * Server-Side Request Forgery (SSRF) vulnerabilities in Glance image import.
+ By use of HTTP redirects, an authenticated user can bypass URL validation
+ checks and redirect to internal services. Add upstream patch:
+ - OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch.
+ (Closes: #1131274).
+
+ -- Thomas Goirand <[email protected]> Thu, 19 Mar 2026 17:08:44 +0100
+
glance (2:25.1.0-2+deb12u1) bookworm-security; urgency=high
* CVE-2024-32498: Arbitrary file access through custom QCOW2 external data.
diff -Nru
glance-25.1.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
glance-25.1.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
---
glance-25.1.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
1970-01-01 01:00:00.000000000 +0100
+++
glance-25.1.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
2026-03-19 17:08:44.000000000 +0100
@@ -0,0 +1,1267 @@
+Description: OSSA-2026-004: Fix SSRF vulnerabilities in image import API
+ Fixed Server-Side Request Forgery (SSRF) vulnerabilities in Glance's image
+ import functionality that could allow attackers to bypass URL validation
+ and access internal resources.
+ .
+ The fix includes:
+ - IP address validation using Python's ipaddress module to reject encoded
+ IP formats (decimal, hexadecimal, octal) that could bypass blacklist checks
+ - HTTP redirect validation for web-download, glance-download, and OVF
+ processing to prevent redirect-based SSRF attacks
+ - URI validation for OVF processing which previously had no protection
+ .
+ The implementation uses Python's built-in ipaddress module which inherently
+ rejects all non-standard IP encodings and only accepts standard formats,
+ providing robust protection against IP encoding bypass attacks.
+Author: Abhishek Kekane <[email protected]>
+Date: Tue, 20 Jan 2026 19:02:08 +0000
+Assisted-by: Used Cursor (Auto) for unit tests.
+Bug: https://launchpad.net/bugs/2138602
+Bug: https://launchpad.net/bugs/2138672
+Bug: https://launchpad.net/bugs/2138675
+Bug-Debian: https://bugs.debian.org/1131274
+Change-Id: Ib8d337dc68411d18c70d5712cc4f0986ef6205f4
+Signed-off-by: Abhishek Kekane <[email protected]>
+Origin: https://review.opendev.org/c/openstack/glance/+/981299
+Last-Update: 2026-03-19
+
+Index: glance/glance/async_/flows/_internal_plugins/glance_download.py
+===================================================================
+--- glance.orig/glance/async_/flows/_internal_plugins/glance_download.py
++++ glance/glance/async_/flows/_internal_plugins/glance_download.py
+@@ -24,6 +24,7 @@ from taskflow.patterns import linear_flo
+ from glance.async_.flows._internal_plugins import base_download
+ from glance.async_ import utils
+ from glance.common import exception
++from glance.common.scripts import utils as script_utils
+ from glance.common import utils as common_utils
+ from glance.i18n import _, _LI, _LE
+
+@@ -66,7 +67,9 @@ class _DownloadGlanceImage(base_download
+ token = self.context.auth_token
+ request = urllib.request.Request(image_download_url,
+ headers={'X-Auth-Token': token})
+- data = urllib.request.urlopen(request)
++ opener = urllib.request.build_opener(
++ script_utils.SafeRedirectHandler)
++ data = opener.open(request)
+ except Exception as e:
+ with excutils.save_and_reraise_exception():
+ LOG.error(
+Index: glance/glance/async_/flows/api_image_import.py
+===================================================================
+--- glance.orig/glance/async_/flows/api_image_import.py
++++ glance/glance/async_/flows/api_image_import.py
+@@ -817,7 +817,9 @@ class _ImportMetadata(task.Task):
+ token = self.context.auth_token
+ request = urllib.request.Request(image_download_metadata_url,
+ headers={'X-Auth-Token': token})
+- with urllib.request.urlopen(request) as payload:
++ opener = urllib.request.build_opener(
++ script_utils.SafeRedirectHandler)
++ with opener.open(request) as payload:
+ data = json.loads(payload.read().decode('utf-8'))
+
+ if data.get('status') != 'active':
+Index: glance/glance/async_/flows/ovf_process.py
+===================================================================
+--- glance.orig/glance/async_/flows/ovf_process.py
++++ glance/glance/async_/flows/ovf_process.py
+@@ -18,6 +18,7 @@ import re
+ import shutil
+ import tarfile
+ import urllib
++import urllib.request
+
+ try:
+ from defusedxml import cElementTree as ET
+@@ -30,6 +31,9 @@ from oslo_serialization import jsonutils
+ from taskflow.patterns import linear_flow as lf
+ from taskflow import task
+
++from glance.common import exception
++from glance.common.scripts import utils as script_utils
++from glance.common import utils as common_utils
+ from glance.i18n import _, _LW
+
+ LOG = logging.getLogger(__name__)
+@@ -78,7 +82,13 @@ class _OVF_Process(task.Task):
+ uri = uri.split("file://")[-1]
+ return open(uri, "rb")
+
+- return urllib.request.urlopen(uri)
++ if not common_utils.validate_import_uri(uri):
++ msg = (_("URI for OVF processing does not pass filtering: %s") %
++ uri)
++ raise exception.ImportTaskError(msg)
++
++ opener = urllib.request.build_opener(script_utils.SafeRedirectHandler)
++ return opener.open(uri)
+
+ def execute(self, image_id, file_path):
+ """
+Index: glance/glance/common/scripts/utils.py
+===================================================================
+--- glance.orig/glance/common/scripts/utils.py
++++ glance/glance/common/scripts/utils.py
+@@ -19,14 +19,18 @@ __all__ = [
+ 'set_base_image_properties',
+ 'validate_location_uri',
+ 'get_image_data_iter',
++ 'SafeRedirectHandler',
+ ]
+
+ import urllib
++import urllib.error
++import urllib.request
+
+ from oslo_log import log as logging
+ from oslo_utils import timeutils
+
+ from glance.common import exception
++from glance.common import utils as common_utils
+ from glance.i18n import _, _LE
+
+ LOG = logging.getLogger(__name__)
+@@ -116,6 +120,15 @@ def validate_location_uri(location):
+ raise urllib.error.URLError(msg)
+
+
++class SafeRedirectHandler(urllib.request.HTTPRedirectHandler):
++ """HTTP redirect handler that validates redirect destinations."""
++ def redirect_request(self, req, fp, code, msg, headers, newurl):
++ if not common_utils.validate_import_uri(newurl):
++ msg = (_("Redirect to disallowed URL: %s") % newurl)
++ raise exception.ImportTaskError(msg)
++ return super().redirect_request(req, fp, code, msg, headers, newurl)
++
++
+ def get_image_data_iter(uri):
+ """Returns iterable object either for local file or uri
+
+@@ -139,7 +152,8 @@ def get_image_data_iter(uri):
+ # into memory. Some images may be quite heavy.
+ return open(uri, "rb")
+
+- return urllib.request.urlopen(uri)
++ opener = urllib.request.build_opener(SafeRedirectHandler)
++ return opener.open(uri)
+
+
+ class CallbackIterator(object):
+Index: glance/glance/common/utils.py
+===================================================================
+--- glance.orig/glance/common/utils.py
++++ glance/glance/common/utils.py
+@@ -21,6 +21,7 @@ System-level utilities and helper functi
+ """
+
+ import errno
++import ipaddress
+
+ try:
+ from eventlet import sleep
+@@ -129,6 +130,65 @@ CONF.import_group('import_filtering_opts
+ 'glance.async_.flows._internal_plugins')
+
+
++def normalize_hostname(host):
++ """Normalize IP address to standard format or return hostname.
++
++ Uses ipaddress module to validate and normalize IP addresses, rejecting
++ encoded formats. For hostnames, requires DNS resolution to ensure they
++ are valid and not encoded IP attempts.
++
++ :param host: hostname or IP address
++ :returns: normalized IP address, hostname unchanged, or None
++ """
++ if not host:
++ return host
++
++ # NOTE(abhishekk): Try to parse as IPv4. ipaddress module only accepts
++ # standard format like 127.0.0.1. It rejects encoded formats like
++ # decimal (2130706433), hex (0x7f000001), or octal (017700000001).
++ try:
++ return str(ipaddress.IPv4Address(host))
++ except ValueError:
++ pass
++
++ # NOTE(abhishekk): Try to parse as IPv6. ipaddress module only accepts
++ # standard IPv6 format and rejects encoded formats.
++ try:
++ return str(ipaddress.IPv6Address(host))
++ except ValueError:
++ pass
++
++ # NOTE(abhishekk): Not valid IP address, check as hostname. Reject pure
++ # numeric strings like "2130706433" (decimal encoded IP). ipaddress module
++ # rejected it, but OS might still resolve using inet_aton() if not
blocked.
++ if host.isdigit():
++ return None
++
++ # NOTE(abhishekk): Reject all numeric strings with dots like "127.1" or
++ # "10.1". These are shorthand IP addresses. ipaddress module rejects them
++ # because they need 4 octets, but OS may still resolve them. We block to
++ # prevent SSRF bypass attacks.
++ if all(c.isdigit() or c == '.' for c in host):
++ return None
++
++ # NOTE(abhishekk): Add trailing dot to force DNS lookup instead of numeric
++ # parsing. This blocks encoded IP formats like 0x7f000001 or 127.0x0.0.1
++ # because they fail DNS lookup. Only real hostnames that resolve via DNS
++ # are allowed.
++ testhost = host
++ if not testhost.endswith('.'):
++ testhost += '.'
++
++ try:
++ socket.getaddrinfo(testhost, 80)
++ except socket.gaierror:
++ # NOTE(abhishekk): DNS resolution failed, reject the hostname
++ return None
++
++ # NOTE(abhishekk): Valid and resolvable hostname, return unchanged
++ return host
++
++
+ def validate_import_uri(uri):
+ """Validate requested uri for Image Import web-download.
+
+@@ -166,9 +226,14 @@ def validate_import_uri(uri):
+ if not scheme or ((wl_schemes and scheme not in wl_schemes) or
+ parsed_uri.scheme in bl_schemes):
+ return False
+- if not host or ((wl_hosts and host not in wl_hosts) or
+- host in bl_hosts):
++
++ normalized_host = normalize_hostname(host)
++
++ if not normalized_host or (
++ (wl_hosts and normalized_host not in wl_hosts) or
++ normalized_host in bl_hosts):
+ return False
++
+ if port and ((wl_ports and port not in wl_ports) or
+ port in bl_ports):
+ return False
+Index: glance/glance/tests/functional/v2/test_images.py
+===================================================================
+--- glance.orig/glance/tests/functional/v2/test_images.py
++++ glance/glance/tests/functional/v2/test_images.py
+@@ -15,9 +15,11 @@
+
+ import hashlib
+ import http.client as http
++import http.server as http_server
+ import os
+ import subprocess
+ import tempfile
++import threading
+ import time
+ import urllib
+ import uuid
+@@ -377,6 +379,164 @@ class TestImages(functional.FunctionalTe
+
+ self.stop_servers()
+
++ def test_web_download_redirect_validation(self):
++ """Test that redirect destinations are validated."""
++ self.config(allowed_ports=[80], group='import_filtering_opts')
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.start_servers(**self.__dict__.copy())
++
++ # Create an image
++ path = self._url('/v2/images')
++ headers = self._headers({'content-type': 'application/json'})
++ data = jsonutils.dumps({
++ 'name': 'redirect-test', 'type': 'kernel',
++ 'disk_format': 'aki', 'container_format': 'aki'})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(http.CREATED, response.status_code)
++ image = jsonutils.loads(response.text)
++ image_id = image['id']
++
++ # Try to import with redirect to disallowed host
++ # The redirect destination should be validated and rejected
++ # Create a local redirect server
++ def _get_redirect_handler_class():
++ class RedirectHTTPRequestHandler(
++ http_server.BaseHTTPRequestHandler):
++ def do_GET(self):
++ self.send_response(http.FOUND)
++ self.send_header('Location', 'http://127.0.0.1:80/')
++ self.end_headers()
++ return
++
++ def log_message(self, *args, **kwargs):
++ return
++
++ server_address = ('127.0.0.1', 0)
++ handler_class = _get_redirect_handler_class()
++ redirect_httpd = http_server.HTTPServer(server_address, handler_class)
++ redirect_port = redirect_httpd.socket.getsockname()[1]
++ redirect_thread =
threading.Thread(target=redirect_httpd.serve_forever)
++ redirect_thread.daemon = True
++ redirect_thread.start()
++
++ redirect_uri = 'http://127.0.0.1:%s/' % redirect_port
++ path = self._url('/v2/images/%s/import' % image_id)
++ headers = self._headers({
++ 'content-type': 'application/json',
++ 'X-Roles': 'admin',
++ })
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': redirect_uri
++ }})
++
++ # Import request may be accepted (202) but should fail during
++ # processing when redirect destination is validated
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(http.ACCEPTED, response.status_code)
++
++ # Clean up redirect server
++ redirect_httpd.shutdown()
++ redirect_httpd.server_close()
++
++ # Wait for the task to process and verify it failed
++ # The redirect validation in get_image_data_iter should prevent
++ # access to disallowed host (127.0.0.1)
++ time.sleep(5) # Give task time to process
++
++ # Verify the task failed due to redirect validation
++ path = self._url('/v2/images/%s/tasks' % image_id)
++ response = requests.get(path, headers=self._headers())
++ self.assertEqual(http.OK, response.status_code)
++ tasks = jsonutils.loads(response.text)['tasks']
++ tasks = sorted(tasks, key=lambda t: t['updated_at'])
++ self.assertGreater(len(tasks), 0)
++ task = tasks[-1]
++ self.assertEqual('failure', task['status'])
++
++ # Verify the image status is still queued (not active)
++ # since the import failed - this proves the SSRF was prevented
++ path = self._url('/v2/images/%s' % image_id)
++ response = requests.get(path, headers=self._headers())
++ self.assertEqual(http.OK, response.status_code)
++ image = jsonutils.loads(response.text)
++ self.assertEqual('queued', image['status'])
++ # Image should not have checksum or size since import failed
++ # If checksum/size exist, it means data was downloaded (SSRF
succeeded)
++ self.assertIsNone(image.get('checksum'))
++ # Image should not have size since import failed
++ self.assertIsNone(image.get('size'))
++
++ # Clean up
++ path = self._url('/v2/images/%s' % image_id)
++ response = requests.delete(path, headers=self._headers())
++ self.assertEqual(http.NO_CONTENT, response.status_code)
++
++ self.stop_servers()
++
++ def test_web_download_ip_normalization(self):
++ """Test that encoded IP addresses are normalized and blocked."""
++ self.config(allowed_ports=[80], group='import_filtering_opts')
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.start_servers(**self.__dict__.copy())
++
++ # Create an image
++ path = self._url('/v2/images')
++ headers = self._headers({'content-type': 'application/json'})
++ data = jsonutils.dumps({
++ 'name': 'ip-encoding-test', 'type': 'kernel',
++ 'disk_format': 'aki', 'container_format': 'aki'})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(http.CREATED, response.status_code)
++ image = jsonutils.loads(response.text)
++ image_id = image['id']
++
++ # Test that encoded IP (2130706433 = 127.0.0.1) is blocked
++ # after normalization
++ encoded_ip_uri = 'http://2130706433:80/'
++ path = self._url('/v2/images/%s/import' % image_id)
++ headers = self._headers({
++ 'content-type': 'application/json',
++ 'X-Roles': 'admin',
++ })
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': encoded_ip_uri
++ }})
++ # Should be rejected because encoded IP normalizes to 127.0.0.1
++ # which is in disallowed_hosts
++ # Validation happens at API level, so should return 400
++ response = requests.post(path, headers=headers, data=data)
++ # Should be rejected with 400 Bad Request
++ self.assertEqual(400, response.status_code)
++
++ # Test octal integer encoded IP (017700000001 = 127.0.0.1)
++ octal_int_uri = 'http://017700000001:80/'
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': octal_int_uri
++ }})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(400, response.status_code)
++
++ # Test octal dotted-decimal encoded IP (0177.0.0.01 = 127.0.0.1)
++ octal_dotted_uri = 'http://0177.0.0.01:80/'
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': octal_dotted_uri
++ }})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(400, response.status_code)
++
++ # Clean up
++ path = self._url('/v2/images/%s' % image_id)
++ response = requests.delete(path, headers=self._headers())
++ self.assertEqual(http.NO_CONTENT, response.status_code)
++
++ self.stop_servers()
++
+ def test_image_lifecycle(self):
+ # Image list should be empty
+ self.api_server.show_multiple_locations = True
+Index: glance/glance/tests/unit/async_/flows/test_api_image_import.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_api_image_import.py
++++ glance/glance/tests/unit/async_/flows/test_api_image_import.py
+@@ -25,6 +25,7 @@ import taskflow
+ import glance.async_.flows.api_image_import as import_flow
+ from glance.common import exception
+ from glance.common.scripts.image_import import main as image_import
++from glance.common.scripts import utils as script_utils
+ from glance import context
+ from glance.domain import ExtraProperties
+ from glance import gateway
+@@ -1176,6 +1177,11 @@ class TestImportMetadata(test_utils.Base
+ 'extra_metadata': 'hello',
+ 'size': '12345'
+ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "active"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1184,6 +1190,7 @@ class TestImportMetadata(test_utils.Base
+ 'https://other.cloud.foo/image/v2/images/%s' % (
+ IMAGE_ID1),
+ headers={'X-Auth-Token': self.context.auth_token})
++ mock_request.build_opener.assert_called_once()
+ mock_gge.assert_called_once_with(self.context, 'RegionTwo', 'public')
+ action.set_image_attribute.assert_called_once_with(
+ disk_format='qcow2',
+@@ -1212,8 +1219,11 @@ class TestImportMetadata(test_utils.Base
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+ def test_execute_fail_remote_glance_unreachable(self, mock_gge, mock_r):
+ action = self.wrapper.__enter__.return_value
+- mock_r.urlopen.side_effect = urllib.error.HTTPError(
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ mock_opener = mock.MagicMock()
++ mock_opener.open.side_effect = urllib.error.HTTPError(
+ '/file', 400, 'Test Fail', {}, None)
++ mock_r.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1231,6 +1241,11 @@ class TestImportMetadata(test_utils.Base
+ mock_json.loads.return_value = {
+ 'status': 'queued',
+ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "queued"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1254,6 +1269,11 @@ class TestImportMetadata(test_utils.Base
+ 'os_hash': 'hash',
+ 'extra_metadata': 'hello',
+ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "active"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1262,6 +1282,7 @@ class TestImportMetadata(test_utils.Base
+ 'https://other.cloud.foo/image/v2/images/%s' % (
+ IMAGE_ID1),
+ headers={'X-Auth-Token': self.context.auth_token})
++ mock_request.build_opener.assert_called_once()
+ mock_gge.assert_called_once_with(self.context, 'RegionTwo', 'public')
+ action.set_image_attribute.assert_called_once_with(
+ disk_format='qcow2',
+@@ -1271,6 +1292,71 @@ class TestImportMetadata(test_utils.Base
+ 'os_hash': 'hash'
+ })
+
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_import_metadata_redirect_validation(self, mock_gge,
++ mock_request):
++ """Test redirect destinations are validated during metadata fetch."""
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
++ self.context, self.wrapper,
++ self.import_req)
++ mock_opener = mock.MagicMock()
++ # Simulate redirect to disallowed URL
++ mock_opener.open.side_effect = exception.ImportTaskError(
++ "Redirect to disallowed URL: http://127.0.0.1:5000/";)
++ mock_request.build_opener.return_value = mock_opener
++ self.assertRaises(exception.ImportTaskError, task.execute)
++ # Verify SafeRedirectHandler is used
++ mock_request.build_opener.assert_called_once()
++ # Verify the handler passed is SafeRedirectHandler
++ call_args = mock_request.build_opener.call_args
++ # Check if SafeRedirectHandler class or instance is in args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be used for redirect validation")
++
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.flows.api_image_import.json')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_import_metadata_uses_safe_redirect_handler(self, mock_gge,
++ mock_json,
++ mock_request):
++ """Test that SafeRedirectHandler is used and allows valid
redirects."""
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ mock_json.loads.return_value = {
++ 'status': 'active',
++ 'disk_format': 'qcow2',
++ 'container_format': 'bare',
++ 'size': '12345'
++ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "active"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
++ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
++ self.context, self.wrapper,
++ self.import_req)
++ # Execute should succeed with valid redirect
++ result = task.execute()
++ # Verify build_opener was called with SafeRedirectHandler
++ mock_request.build_opener.assert_called_once()
++ call_args = mock_request.build_opener.call_args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be passed to build_opener")
++ # Verify execution succeeded (handler allows valid redirects)
++ self.assertEqual(12345, result)
++
+ def test_revert_rollback_metadata_value(self):
+ action = self.wrapper.__enter__.return_value
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+Index: glance/glance/tests/unit/async_/flows/test_glance_download.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_glance_download.py
++++ glance/glance/tests/unit/async_/flows/test_glance_download.py
+@@ -22,7 +22,8 @@ from oslo_utils.fixture import uuidsenti
+
+ from glance.async_.flows._internal_plugins import glance_download
+ from glance.async_.flows import api_image_import
+-import glance.common.exception
++from glance.common import exception
++from glance.common.scripts import utils as script_utils
+ import glance.context
+ from glance import domain
+ import glance.tests.utils as test_utils
+@@ -72,37 +73,49 @@ class TestGlanceDownloadTask(test_utils.
+ self.image_repo.get.return_value = mock.MagicMock(
+ extra_properties={'os_glance_import_task': self.task_id})
+
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
+ @mock.patch.object(filesystem.Store, 'add')
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+- def test_glance_download(self, mock_gge, mock_add):
++ def test_glance_download(self, mock_gge, mock_add, mock_getaddrinfo):
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
+ mock_gge.return_value = 'https://other.cloud.foo/image'
+ glance_download_task = glance_download._DownloadGlanceImage(
+ self.context, self.task.task_id, self.task_type,
+ self.action_wrapper, ['foo'],
+ 'RegionTwo', uuidsentinel.remote_image, 'public')
+ with mock.patch('urllib.request') as mock_request:
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
+ mock_add.return_value = ["path", 12345]
+ self.assertEqual(glance_download_task.execute(12345), "path")
+ mock_add.assert_called_once_with(
+ self.image_id,
+- mock_request.urlopen.return_value, 0)
++ mock_response, 0)
+ mock_request.Request.assert_called_once_with(
+ 'https://other.cloud.foo/image/v2/images/%s/file' % (
+ uuidsentinel.remote_image),
+ headers={'X-Auth-Token': self.context.auth_token})
++ mock_request.build_opener.assert_called_once()
+ mock_gge.assert_called_once_with(self.context, 'RegionTwo', 'public')
+
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
+ @mock.patch.object(filesystem.Store, 'add')
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+- def test_glance_download_failed(self, mock_gge, mock_add):
++ def test_glance_download_failed(self, mock_gge, mock_add,
++ mock_getaddrinfo):
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
+ mock_gge.return_value = 'https://other.cloud.foo/image'
+ glance_download_task = glance_download._DownloadGlanceImage(
+ self.context, self.task.task_id, self.task_type,
+ self.action_wrapper, ['foo'],
+ 'RegionTwo', uuidsentinel.remote_image, 'public')
+ with mock.patch('urllib.request') as mock_request:
+- mock_request.urlopen.side_effect = urllib.error.HTTPError(
++ mock_opener = mock.MagicMock()
++ mock_opener.open.side_effect = urllib.error.HTTPError(
+ '/file', 400, 'Test Fail', {}, None)
++ mock_request.build_opener.return_value = mock_opener
+ self.assertRaises(urllib.error.HTTPError,
+ glance_download_task.execute,
+ 12345)
+@@ -127,21 +140,28 @@ class TestGlanceDownloadTask(test_utils.
+ glance_download_task.execute, 12345)
+ mock_request.assert_not_called()
+
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
+ @mock.patch.object(filesystem.Store, 'add')
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+- def test_glance_download_size_mismatch(self, mock_gge, mock_add):
++ def test_glance_download_size_mismatch(self, mock_gge, mock_add,
++ mock_getaddrinfo):
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
+ mock_gge.return_value = 'https://other.cloud.foo/image'
+ glance_download_task = glance_download._DownloadGlanceImage(
+ self.context, self.task.task_id, self.task_type,
+ self.action_wrapper, ['foo'],
+ 'RegionTwo', uuidsentinel.remote_image, 'public')
+ with mock.patch('urllib.request') as mock_request:
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
+ mock_add.return_value = ["path", 1]
+ self.assertRaises(glance.common.exception.ImportTaskError,
+ glance_download_task.execute, 12345)
+ mock_add.assert_called_once_with(
+ self.image_id,
+- mock_request.urlopen.return_value, 0)
++ mock_response, 0)
+ mock_request.Request.assert_called_once_with(
+ 'https://other.cloud.foo/image/v2/images/%s/file' % (
+ uuidsentinel.remote_image),
+@@ -165,3 +185,70 @@ class TestGlanceDownloadTask(test_utils.
+ mock_validate.assert_called_once_with(
+ 'https://other.cloud.foo/image/v2/images/%s/file' % (
+ uuidsentinel.remote_image))
++
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_glance_download_redirect_validation(self, mock_gge,
++ mock_request,
++ mock_getaddrinfo):
++ """Test redirect destinations are validated during image download."""
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ glance_download_task = glance_download._DownloadGlanceImage(
++ self.context, self.task.task_id, self.task_type,
++ self.action_wrapper, ['foo'],
++ 'RegionTwo', uuidsentinel.remote_image, 'public')
++ mock_opener = mock.MagicMock()
++ # Simulate redirect to disallowed URL
++ mock_opener.open.side_effect = exception.ImportTaskError(
++ "Redirect to disallowed URL: http://127.0.0.1:5000/";)
++ mock_request.build_opener.return_value = mock_opener
++ self.assertRaises(exception.ImportTaskError,
++ glance_download_task.execute, 12345)
++ # Verify SafeRedirectHandler is used
++ mock_request.build_opener.assert_called_once()
++ # Verify the handler passed is SafeRedirectHandler
++ call_args = mock_request.build_opener.call_args
++ # Check if SafeRedirectHandler class or instance is in args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be used for redirect validation")
++
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
++ @mock.patch.object(filesystem.Store, 'add')
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_glance_download_uses_safe_redirect_handler(
++ self, mock_gge, mock_request, mock_add, mock_getaddrinfo):
++ """Test that SafeRedirectHandler is used and allows valid
execution."""
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ glance_download_task = glance_download._DownloadGlanceImage(
++ self.context, self.task.task_id, self.task_type,
++ self.action_wrapper, ['foo'],
++ 'RegionTwo', uuidsentinel.remote_image, 'public')
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
++ mock_add.return_value = ["path", 12345]
++ result = glance_download_task.execute(12345)
++ # Verify build_opener was called with SafeRedirectHandler
++ mock_request.build_opener.assert_called_once()
++ # Verify SafeRedirectHandler was passed
++ call_args = mock_request.build_opener.call_args
++ # Check if SafeRedirectHandler class or instance is in args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be passed to build_opener")
++ # Verify execution succeeded (handler allows valid execution)
++ self.assertEqual("path", result)
+Index: glance/glance/tests/unit/async_/flows/test_import.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_import.py
++++ glance/glance/tests/unit/async_/flows/test_import.py
+@@ -17,7 +17,6 @@ import io
+ import json
+ import os
+ from unittest import mock
+-import urllib
+
+ import glance_store
+ from oslo_concurrency import processutils as putils
+@@ -371,9 +370,15 @@ class TestImportTask(test_utils.BaseTest
+ self.img_repo.get.return_value = self.image
+ img_factory.new_image.side_effect = create_image
+
+- with mock.patch.object(urllib.request, 'urlopen') as umock:
+- content = b"TEST_IMAGE"
+- umock.return_value = io.BytesIO(content)
++ # Mock get_image_data_iter to avoid actual network calls
++ # and to work with our SafeRedirectHandler changes
++ content = b"TEST_IMAGE"
++ mock_response = io.BytesIO(content)
++ mock_response.headers = {}
++
++ with mock.patch(
++ 'glance.common.scripts.utils.get_image_data_iter') as umock:
++ umock.return_value = mock_response
+
+ with mock.patch.object(import_flow, "_get_import_flows") as imock:
+ imock.return_value = (x for x in [])
+Index: glance/glance/tests/unit/async_/flows/test_ovf_process.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_ovf_process.py
++++ glance/glance/tests/unit/async_/flows/test_ovf_process.py
+@@ -18,10 +18,12 @@ import shutil
+ import tarfile
+ import tempfile
+ from unittest import mock
++import urllib.error
+
+ from defusedxml.ElementTree import ParseError
+
+ from glance.async_.flows import ovf_process
++from glance.common import exception
+ import glance.tests.utils as test_utils
+ from oslo_config import cfg
+
+@@ -164,3 +166,56 @@ class TestOvfProcessTask(test_utils.Base
+ iextractor = ovf_process.OVAImageExtractor()
+ with open(ova_file_path, 'rb') as ova_file:
+ self.assertRaises(ParseError, iextractor._parse_OVF, ova_file)
++
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_get_ova_iter_objects_uri_validation_fails(self, mock_validate):
++ """Test that disallowed URIs raise ImportTaskError"""
++ mock_validate.return_value = False
++ oprocess = ovf_process._OVF_Process('task_id', 'ovf_proc',
++ self.img_repo)
++ self.assertRaises(exception.ImportTaskError,
++ oprocess._get_ova_iter_objects,
++ 'http://127.0.0.1:5000/package.ova')
++ mock_validate.assert_called_once_with(
++ 'http://127.0.0.1:5000/package.ova')
++
++ @mock.patch('urllib.request')
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_get_ova_iter_objects_uri_validation_passes(self, mock_validate,
++ mock_request):
++ """Test that allowed URIs use SafeRedirectHandler"""
++ mock_validate.return_value = True
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
++ oprocess = ovf_process._OVF_Process('task_id', 'ovf_proc',
++ self.img_repo)
++ result = oprocess._get_ova_iter_objects(
++ 'http://example.com/package.ova')
++ self.assertEqual(mock_response, result)
++ mock_validate.assert_called_once_with(
++ 'http://example.com/package.ova')
++ mock_request.build_opener.assert_called_once()
++
++ @mock.patch('urllib.request')
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_get_ova_iter_objects_redirect_validation(self, mock_validate,
++ mock_request):
++ """Test that redirects to disallowed URLs are blocked"""
++ # First call (initial URL) passes validation
++ # Second call (redirect destination) fails validation
++ mock_validate.side_effect = [True, False]
++ mock_opener = mock.MagicMock()
++ # Simulate redirect to disallowed URL
++ mock_opener.open.side_effect = urllib.error.URLError(
++ "Redirect to disallowed URL: http://127.0.0.1:5000/package.ova";)
++ mock_request.build_opener.return_value = mock_opener
++ oprocess = ovf_process._OVF_Process('task_id', 'ovf_proc',
++ self.img_repo)
++ self.assertRaises(urllib.error.URLError,
++ oprocess._get_ova_iter_objects,
++ 'http://example.com/package.ova')
++ mock_validate.assert_called_once_with(
++ 'http://example.com/package.ova')
++ mock_request.build_opener.assert_called_once()
+Index: glance/glance/tests/unit/common/scripts/test_scripts_utils.py
+===================================================================
+--- glance.orig/glance/tests/unit/common/scripts/test_scripts_utils.py
++++ glance/glance/tests/unit/common/scripts/test_scripts_utils.py
+@@ -15,6 +15,8 @@
+
+ from unittest import mock
+ import urllib
++import urllib.error
++import urllib.request
+
+ from glance.common import exception
+ from glance.common.scripts import utils as script_utils
+@@ -203,3 +205,110 @@ class TestCallbackIterator(test_utils.Ba
+ # call the callback with that.
+ callback.assert_has_calls([mock.call(2, 2),
+ mock.call(1, 3)])
++
++
++class TestSafeRedirectHandler(test_utils.BaseTestCase):
++ """Test SafeRedirectHandler for redirect validation."""
++
++ def setUp(self):
++ super(TestSafeRedirectHandler, self).setUp()
++
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_redirect_to_allowed_url(self, mock_validate):
++ """Test redirect to allowed URL is accepted."""
++ mock_validate.return_value = True
++ handler = script_utils.SafeRedirectHandler()
++
++ req = mock.Mock()
++ req.full_url = 'http://example.com/redirect'
++ fp = mock.Mock()
++ headers = mock.Mock()
++
++ # Redirect to allowed URL
++ # redirect_request should call super().redirect_request
++ # which returns a request
++ with mock.patch.object(urllib.request.HTTPRedirectHandler,
++ 'redirect_request') as mock_super:
++ mock_super.return_value = mock.Mock()
++ result = handler.redirect_request(
++ req, fp, 302, 'Found', headers, 'http://allowed.com/target'
++ )
++
++ mock_validate.assert_called_once_with('http://allowed.com/target')
++ # Should return a request object (not None)
++ self.assertIsNotNone(result)
++
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_redirect_to_disallowed_url(self, mock_validate):
++ """Test redirect to disallowed URL raises error."""
++ mock_validate.return_value = False
++ handler = script_utils.SafeRedirectHandler()
++
++ req = mock.Mock()
++ req.full_url = 'http://example.com/redirect'
++ fp = mock.Mock()
++ headers = mock.Mock()
++
++ # Redirect to disallowed URL should raise ImportTaskError
++ self.assertRaises(
++ exception.ImportTaskError,
++ handler.redirect_request,
++ req, fp, 302, 'Found', headers, 'http://127.0.0.1:5000/'
++ )
++
++ mock_validate.assert_called_once_with('http://127.0.0.1:5000/')
++
++
++class TestGetImageDataIter(test_utils.BaseTestCase):
++ """Test get_image_data_iter with redirect validation."""
++
++ def setUp(self):
++ super(TestGetImageDataIter, self).setUp()
++
++ @mock.patch('builtins.open', create=True)
++ def test_get_image_data_iter_file_uri(self, mock_open):
++ """Test file:// URI handling."""
++ mock_file = mock.Mock()
++ mock_open.return_value = mock_file
++
++ result = script_utils.get_image_data_iter("file:///tmp/test.img")
++
++ mock_open.assert_called_once_with("/tmp/test.img", "rb")
++ self.assertEqual(result, mock_file)
++
++ @mock.patch('urllib.request.build_opener')
++ def test_get_image_data_iter_http_uri(self, mock_build_opener):
++ """Test HTTP URI handling with redirect validation."""
++ mock_opener = mock.Mock()
++ mock_response = mock.Mock()
++ mock_opener.open.return_value = mock_response
++ mock_build_opener.return_value = mock_opener
++
++ result = script_utils.get_image_data_iter("http://example.com/image";)
++
++ # Should use build_opener with SafeRedirectHandler
++ mock_build_opener.assert_called_once()
++ # Check that SafeRedirectHandler was passed as an argument
++ call_args = mock_build_opener.call_args
++ # build_opener can be called with *args or keyword args
++ # Check both positional and keyword arguments
++ found_handler = False
++ if call_args.args:
++ found_handler = any(
++ isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args)
++ if not found_handler and call_args.kwargs:
++ found_handler = any(
++ isinstance(v, script_utils.SafeRedirectHandler)
++ for v in call_args.kwargs.values())
++ # Also check if it's passed as a handler class (not instance)
++ if not found_handler:
++ found_handler = (
++ script_utils.SafeRedirectHandler in call_args.args)
++
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be passed to build_opener")
++
++ mock_opener.open.assert_called_once_with("http://example.com/image";)
++ self.assertEqual(result, mock_response)
+Index: glance/glance/tests/unit/common/test_utils.py
+===================================================================
+--- glance.orig/glance/tests/unit/common/test_utils.py
++++ glance/glance/tests/unit/common/test_utils.py
+@@ -15,6 +15,8 @@
+ # under the License.
+
+ import io
++import ipaddress
++import socket
+ import tempfile
+ from unittest import mock
+
+@@ -818,3 +820,179 @@ class ImportURITestCase(test_utils.BaseT
+ group='import_filtering_opts')
+ self.assertTrue(utils.validate_import_uri("ftp://foo.com:8484";))
+ mock_run.assert_called_once()
++
++ def test_validate_import_uri_ip_rejection(self):
++ """Test that encoded IP addresses are rejected (not normalized)."""
++ # Test that standard IP is blocked when in blacklist
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.config(allowed_ports=[80],
++ group='import_filtering_opts')
++ self.assertFalse(utils.validate_import_uri("http://127.0.0.1:80/";))
++
++ # Test that encoded IP (decimal) is rejected
++ result = utils.validate_import_uri("http://2130706433:80/";)
++ self.assertFalse(result)
++
++ # Test that shorthand IP addresses are rejected
++ self.assertFalse(utils.validate_import_uri("http://127.1:80/";))
++ self.assertFalse(utils.validate_import_uri("http://10.1:80/";))
++ self.assertFalse(utils.validate_import_uri("http://192.168.1:80/";))
++
++ # Test with allowed host - encoded IP should still be rejected
++ self.config(disallowed_hosts=[],
++ group='import_filtering_opts')
++ self.config(allowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.assertTrue(utils.validate_import_uri("http://127.0.0.1:80/";))
++ self.assertFalse(utils.validate_import_uri("http://2130706433:80/";))
++
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
++ def test_normalize_hostname(self, mock_getaddrinfo):
++ """Test the normalize_hostname function."""
++ # Test standard IPv4 - should return normalized
++ result = utils.normalize_hostname("127.0.0.1")
++ self.assertEqual(result, "127.0.0.1")
++ mock_getaddrinfo.assert_not_called()
++
++ # Test standard IPv4 with different format - should normalize
++ result = utils.normalize_hostname("192.168.1.1")
++ self.assertEqual(result, "192.168.1.1")
++ mock_getaddrinfo.assert_not_called()
++
++ # Test encoded IP (decimal) - should be rejected (fails isdigit check)
++ result = utils.normalize_hostname("2130706433")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test hex encoded IP - should be rejected (DNS resolution fails)
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = socket.gaierror(
++ "Name or service not known")
++ result = utils.normalize_hostname("0x7f000001")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_called_once_with("0x7f000001.", 80)
++
++ # Test octal integer encoded IP - should be rejected
++ # (fails isdigit check)
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("017700000001")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test octal dotted-decimal encoded IP - should be rejected
++ # (all digits/dots)
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("0177.0.0.01")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test mixed octal/decimal dotted-decimal - should be rejected
++ # (all digits/dots)
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("0177.0.0.1")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test IPv6 address - should normalize to standard format
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("::1")
++ self.assertEqual(result, "::1")
++ mock_getaddrinfo.assert_not_called()
++
++ result = utils.normalize_hostname("2001:db8::1")
++ self.assertEqual(result, "2001:db8::1")
++ mock_getaddrinfo.assert_not_called()
++
++ # Test IPv6-mapped IPv4 - should normalize
++ result = utils.normalize_hostname("::ffff:127.0.0.1")
++ ipv6 = ipaddress.IPv6Address(result)
++ expected = ipaddress.IPv6Address("::ffff:127.0.0.1")
++ self.assertEqual(ipv6, expected)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test shorthand IP addresses - should be rejected
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("127.1")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ result = utils.normalize_hostname("10.1")
++ self.assertIsNone(result)
++
++ result = utils.normalize_hostname("192.168.1")
++ self.assertIsNone(result)
++
++ # Test valid hostname - should return unchanged
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = None
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ result = utils.normalize_hostname("example.com")
++ self.assertEqual(result, "example.com")
++ mock_getaddrinfo.assert_called_once_with("example.com.", 80)
++
++ # Test valid domain starting with digit (3m.com)
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = None
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ result = utils.normalize_hostname("3m.com")
++ self.assertEqual(result, "3m.com")
++ mock_getaddrinfo.assert_called_once_with("3m.com.", 80)
++
++ # Test valid domain starting with 0x (0xdeadbeef.com)
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = None
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ result = utils.normalize_hostname("0xdeadbeef.com")
++ self.assertEqual(result, "0xdeadbeef.com")
++ mock_getaddrinfo.assert_called_once_with(
++ "0xdeadbeef.com.", 80)
++
++ # Test invalid/unresolvable hostname - should be rejected
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = socket.gaierror(
++ "Name or service not known")
++ result = utils.normalize_hostname("invalid-hostname-12345")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_called_once_with(
++ "invalid-hostname-12345.", 80)
++
++ def test_validate_import_uri_ipv6_validation(self):
++ """Test IPv6 addresses are properly validated against blacklist."""
++ # Test that IPv6 localhost is blocked when in blacklist
++ self.config(disallowed_hosts=['::1'],
++ group='import_filtering_opts')
++ self.config(allowed_ports=[80],
++ group='import_filtering_opts')
++ # IPv6 addresses in URLs are in brackets, but urlparse removes them
++ # So we test with the hostname directly
++ self.assertFalse(
++ utils.validate_import_uri("http://[::1]:80/";))
++
++ # Test that IPv6 address not in blacklist is allowed
++ self.config(disallowed_hosts=[],
++ group='import_filtering_opts')
++ self.config(allowed_hosts=['2001:db8::1'],
++ group='import_filtering_opts')
++ self.assertTrue(utils.validate_import_uri("http://[2001:db8::1]:80/";))
++
++ # Test that IPv6 localhost can be blocked separately from IPv4
++ # This ensures IPv6 addresses are properly normalized and can be
++ # blacklisted
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.config(allowed_hosts=[], # Explicitly clear whitelist
++ group='import_filtering_opts')
++ self.config(allowed_ports=[80],
++ group='import_filtering_opts')
++ # IPv6 localhost should pass if not in blacklist (no whitelist)
++ # The fix ensures IPv6 is normalized and can be blacklisted separately
++ result = utils.validate_import_uri("http://[::1]:80/";)
++ # If ::1 is not in blacklist and no whitelist, it will pass
++ # Administrators should add both IPv4 and IPv6 to blacklist if needed
++ self.assertTrue(result)
++
++ # Test that IPv6 can be blacklisted separately
++ self.config(disallowed_hosts=['127.0.0.1', '::1'],
++ group='import_filtering_opts')
++ self.assertFalse(utils.validate_import_uri("http://[::1]:80/";))
+Index: glance/releasenotes/notes/bug-2138602-5720ad2e501b9e57.yaml
+===================================================================
+--- /dev/null
++++ glance/releasenotes/notes/bug-2138602-5720ad2e501b9e57.yaml
+@@ -0,0 +1,94 @@
++---
++security:
++ - |
++ Fixed multiple Server-Side Request Forgery (SSRF) vulnerabilities in
++ Glance's image import functionality. These vulnerabilities could allow
++ attackers to bypass URL validation and access internal resources.
++
++ **web-download Import Method SSRF:**
++
++ The web-download import method had two SSRF vulnerabilities:
++
++ *HTTP Redirect Bypass:*
++ The web-download import method did not validate redirect destinations when
++ following HTTP redirects. An attacker could provide an initial URL that
++ passed validation, but redirect to an internal or disallowed resource that
++ would bypass the security checks. This has been fixed by implementing
++ ``SafeRedirectHandler`` that validates redirect destinations before
++ following them using the same ``validate_import_uri()`` checks as the
++ initial URL.
++
++ *IP Address Encoding Bypass:*
++ The web-download import method's URL validation could be bypassed by
++ encoding IP addresses in alternative formats (decimal integer,
++ hexadecimal, octal). For example, ``127.0.0.1`` could be encoded as
++ ``2130706433`` (decimal) or ``0x7f000001`` (hexadecimal) to bypass
++ blacklist checks. This has been fixed by implementing
++ ``normalize_hostname()`` function that uses Python's ``ipaddress`` module
++ to validate IP addresses. The ``ipaddress`` module only accepts standard
++ dotted-decimal notation for IPv4 and standard format for IPv6,
automatically
++ rejecting all encoded formats (decimal, hexadecimal, octal). Any attempt
to
++ use encoded IP formats is rejected, preventing SSRF bypass attacks.
++
++ **glance-download Import Method SSRF:**
++
++ The glance-download import method had redirect validation bypass
++ vulnerabilities in two steps of the import flow:
++
++ *Image Data Download:*
++ When downloading image data from a remote Glance endpoint, redirects were
++ not validated, allowing attackers to redirect to internal services.
++
++ *Metadata Fetch:*
++ When fetching image metadata from a remote Glance endpoint, redirects were
++ not validated, allowing attackers to redirect to internal services.
++
++ Both steps have been fixed by using ``SafeRedirectHandler`` to validate
++ redirect destinations before following them.
++
++ **OVF Processing SSRF:**
++
++ The OVF processing functionality had a critical SSRF vulnerability with
++ zero protection - no URI validation, no redirect validation, and no IP
++ normalization. The code directly called ``urllib.request.urlopen(uri)``
++ without any validation checks. This has been fixed by adding URI
++ validation using ``validate_import_uri()`` and redirect validation using
++ ``SafeRedirectHandler``.
++
++ **Affected Components:**
++ - ``glance.common.scripts.utils.get_image_data_iter()``
++ - ``glance.common.utils.validate_import_uri()``
++ -
``glance.async_.flows._internal_plugins.glance_download._DownloadGlanceImage.execute()``
++ - ``glance.async_.flows.api_image_import._ImportMetadata.execute()``
++ - ``glance.async_.flows.ovf_process._OVF_Process._get_ova_iter_objects()``
++
++ **Impact:**
++ - Severity: High (web-download, glance-download), Critical (OVF
processing)
++ - Affected Versions: All versions prior to this fix
++ - Workaround: Administrators can temporarily disable affected import
++ methods by removing them from the ``enabled_import_methods``
++ configuration option
++
++ Bugs `#2138602 <https://bugs.launchpad.net/glance/+bug/2138602>`_,
++ `#2138672 <https://bugs.launchpad.net/glance/+bug/2138672>`_,
++ `#2138675 <https://bugs.launchpad.net/glance/+bug/2138675>`_
++
++fixes:
++ - |
++ Bug 2138602_: Fixed SSRF vulnerability in web-download import method via
++ HTTP redirect bypass and IP address encoding bypass. Added redirect
++ validation using SafeRedirectHandler and IP address validation using
++ Python's ``ipaddress`` module to reject encoded IP formats and prevent
++ bypass attacks.
++
++ Bug 2138672_: Fixed SSRF vulnerability in glance-download import method
++ via HTTP redirect bypass. Added redirect validation for both image data
++ download and metadata fetch operations.
++
++ Bug 2138675_: Fixed SSRF vulnerability in OVF processing functionality
++ which lacked URI validation. Added URI validation and redirect validation
++ to prevent SSRF attacks when processing OVA files.
++
++ .. _2138602: https://bugs.launchpad.net/bugs/2138602
++ .. _2138672: https://bugs.launchpad.net/bugs/2138672
++ .. _2138675: https://bugs.launchpad.net/bugs/2138675
diff -Nru glance-25.1.0/debian/patches/series
glance-25.1.0/debian/patches/series
--- glance-25.1.0/debian/patches/series 2024-06-21 10:38:56.000000000 +0200
+++ glance-25.1.0/debian/patches/series 2026-03-19 17:08:44.000000000 +0100
@@ -9,3 +9,4 @@
CVE-2024-32498_3_5_glance-stable-2023.1.patch
CVE-2024-32498_3_6_glance-stable-2023.1.patch
CVE-2024-32498_3_7_glance-stable-2023.1.patch
+OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
diff -Nru glance-30.0.0/debian/changelog glance-30.0.0/debian/changelog
--- glance-30.0.0/debian/changelog 2025-07-12 10:29:31.000000000 +0200
+++ glance-30.0.0/debian/changelog 2026-04-05 16:42:49.000000000 +0200
@@ -1,3 +1,14 @@
+glance (2:30.0.0-3+deb13u1) trixie; urgency=medium
+
+ * Server-Side Request Forgery (SSRF) vulnerabilities in Glance image import.
+ By use of HTTP redirects, an authenticated user can bypass URL validation
+ checks and redirect to internal services. Add upstream patch:
+ - OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch.
+ (Closes: #1131274).
+ * Refreshed debian/patches/sql_conn-registry.patch.
+
+ -- Thomas Goirand <[email protected]> Sun, 05 Apr 2026 16:42:49 +0200
+
glance (2:30.0.0-3) unstable; urgency=medium
* Fix uwsgi config.
diff -Nru
glance-30.0.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
glance-30.0.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
---
glance-30.0.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
1970-01-01 01:00:00.000000000 +0100
+++
glance-30.0.0/debian/patches/OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
2026-04-05 16:42:49.000000000 +0200
@@ -0,0 +1,1268 @@
+Description: OSSA-2026-004 Fix SSRF vulnerabilities in image import API
+ Fixed Server-Side Request Forgery (SSRF) vulnerabilities in Glance's image
+ import functionality that could allow attackers to bypass URL validation
+ and access internal resources.
+ .
+ The fix includes:
+ - IP address validation using Python's ipaddress module to reject encoded
+ IP formats (decimal, hexadecimal, octal) that could bypass blacklist checks
+ - HTTP redirect validation for web-download, glance-download, and OVF
+ processing to prevent redirect-based SSRF attacks
+ - URI validation for OVF processing which previously had no protection
+ .
+ The implementation uses Python's built-in ipaddress module which inherently
+ rejects all non-standard IP encodings and only accepts standard formats,
+ providing robust protection against IP encoding bypass attacks.
+ .
+Author: Abhishek Kekane <[email protected]>
+Date: Tue, 20 Jan 2026 19:02:08 +0000
+Assisted-by: Used Cursor (Auto) for unit tests.
+Bug: https://launchpad.net/bugs/2138602
+Bug: https://launchpad.net/bugs/2138672
+Bug: https://launchpad.net/bugs/2138675
+Bug-Debian: https://bugs.debian.org/1131274
+Change-Id: Ib8d337dc68411d18c70d5712cc4f0986ef6205f4
+Signed-off-by: Abhishek Kekane <[email protected]>
+Origin: upstream, https://review.opendev.org/c/openstack/glance/+/981298
+Last-Update: 2026-03-19
+
+Index: glance/glance/async_/flows/_internal_plugins/glance_download.py
+===================================================================
+--- glance.orig/glance/async_/flows/_internal_plugins/glance_download.py
++++ glance/glance/async_/flows/_internal_plugins/glance_download.py
+@@ -24,6 +24,7 @@ from taskflow.patterns import linear_flo
+ from glance.async_.flows._internal_plugins import base_download
+ from glance.async_ import utils
+ from glance.common import exception
++from glance.common.scripts import utils as script_utils
+ from glance.common import utils as common_utils
+ from glance.i18n import _, _LI, _LE
+
+@@ -66,7 +67,9 @@ class _DownloadGlanceImage(base_download
+ token = self.context.auth_token
+ request = urllib.request.Request(image_download_url,
+ headers={'X-Auth-Token': token})
+- data = urllib.request.urlopen(request)
++ opener = urllib.request.build_opener(
++ script_utils.SafeRedirectHandler)
++ data = opener.open(request)
+ except Exception as e:
+ with excutils.save_and_reraise_exception():
+ LOG.error(
+Index: glance/glance/async_/flows/api_image_import.py
+===================================================================
+--- glance.orig/glance/async_/flows/api_image_import.py
++++ glance/glance/async_/flows/api_image_import.py
+@@ -815,7 +815,9 @@ class _ImportMetadata(task.Task):
+ token = self.context.auth_token
+ request = urllib.request.Request(image_download_metadata_url,
+ headers={'X-Auth-Token': token})
+- with urllib.request.urlopen(request) as payload:
++ opener = urllib.request.build_opener(
++ script_utils.SafeRedirectHandler)
++ with opener.open(request) as payload:
+ data = json.loads(payload.read().decode('utf-8'))
+
+ if data.get('status') != 'active':
+Index: glance/glance/async_/flows/ovf_process.py
+===================================================================
+--- glance.orig/glance/async_/flows/ovf_process.py
++++ glance/glance/async_/flows/ovf_process.py
+@@ -18,6 +18,7 @@ import re
+ import shutil
+ import tarfile
+ import urllib
++import urllib.request
+
+ from defusedxml import ElementTree as etree
+
+@@ -27,6 +28,9 @@ from oslo_serialization import jsonutils
+ from taskflow.patterns import linear_flow as lf
+ from taskflow import task
+
++from glance.common import exception
++from glance.common.scripts import utils as script_utils
++from glance.common import utils as common_utils
+ from glance.i18n import _, _LW
+
+ LOG = logging.getLogger(__name__)
+@@ -75,7 +79,13 @@ class _OVF_Process(task.Task):
+ uri = uri.split("file://")[-1]
+ return open(uri, "rb")
+
+- return urllib.request.urlopen(uri)
++ if not common_utils.validate_import_uri(uri):
++ msg = (_("URI for OVF processing does not pass filtering: %s") %
++ uri)
++ raise exception.ImportTaskError(msg)
++
++ opener = urllib.request.build_opener(script_utils.SafeRedirectHandler)
++ return opener.open(uri)
+
+ def execute(self, image_id, file_path):
+ """
+Index: glance/glance/common/scripts/utils.py
+===================================================================
+--- glance.orig/glance/common/scripts/utils.py
++++ glance/glance/common/scripts/utils.py
+@@ -19,14 +19,18 @@ __all__ = [
+ 'set_base_image_properties',
+ 'validate_location_uri',
+ 'get_image_data_iter',
++ 'SafeRedirectHandler',
+ ]
+
+ import urllib
++import urllib.error
++import urllib.request
+
+ from oslo_log import log as logging
+ from oslo_utils import timeutils
+
+ from glance.common import exception
++from glance.common import utils as common_utils
+ from glance.i18n import _, _LE
+
+ LOG = logging.getLogger(__name__)
+@@ -125,6 +129,15 @@ def validate_location_uri(location):
+ raise urllib.error.URLError(msg)
+
+
++class SafeRedirectHandler(urllib.request.HTTPRedirectHandler):
++ """HTTP redirect handler that validates redirect destinations."""
++ def redirect_request(self, req, fp, code, msg, headers, newurl):
++ if not common_utils.validate_import_uri(newurl):
++ msg = (_("Redirect to disallowed URL: %s") % newurl)
++ raise exception.ImportTaskError(msg)
++ return super().redirect_request(req, fp, code, msg, headers, newurl)
++
++
+ def get_image_data_iter(uri):
+ """Returns iterable object either for local file or uri
+
+@@ -148,7 +161,8 @@ def get_image_data_iter(uri):
+ # into memory. Some images may be quite heavy.
+ return open(uri, "rb")
+
+- return urllib.request.urlopen(uri)
++ opener = urllib.request.build_opener(SafeRedirectHandler)
++ return opener.open(uri)
+
+
+ class CallbackIterator(object):
+Index: glance/glance/common/utils.py
+===================================================================
+--- glance.orig/glance/common/utils.py
++++ glance/glance/common/utils.py
+@@ -21,6 +21,7 @@ System-level utilities and helper functi
+ """
+
+ import errno
++import ipaddress
+
+ from eventlet.green import socket
+
+@@ -126,6 +127,65 @@ CONF.import_group('import_filtering_opts
+ 'glance.async_.flows._internal_plugins')
+
+
++def normalize_hostname(host):
++ """Normalize IP address to standard format or return hostname.
++
++ Uses ipaddress module to validate and normalize IP addresses, rejecting
++ encoded formats. For hostnames, requires DNS resolution to ensure they
++ are valid and not encoded IP attempts.
++
++ :param host: hostname or IP address
++ :returns: normalized IP address, hostname unchanged, or None
++ """
++ if not host:
++ return host
++
++ # NOTE(abhishekk): Try to parse as IPv4. ipaddress module only accepts
++ # standard format like 127.0.0.1. It rejects encoded formats like
++ # decimal (2130706433), hex (0x7f000001), or octal (017700000001).
++ try:
++ return str(ipaddress.IPv4Address(host))
++ except ValueError:
++ pass
++
++ # NOTE(abhishekk): Try to parse as IPv6. ipaddress module only accepts
++ # standard IPv6 format and rejects encoded formats.
++ try:
++ return str(ipaddress.IPv6Address(host))
++ except ValueError:
++ pass
++
++ # NOTE(abhishekk): Not valid IP address, check as hostname. Reject pure
++ # numeric strings like "2130706433" (decimal encoded IP). ipaddress module
++ # rejected it, but OS might still resolve using inet_aton() if not
blocked.
++ if host.isdigit():
++ return None
++
++ # NOTE(abhishekk): Reject all numeric strings with dots like "127.1" or
++ # "10.1". These are shorthand IP addresses. ipaddress module rejects them
++ # because they need 4 octets, but OS may still resolve them. We block to
++ # prevent SSRF bypass attacks.
++ if all(c.isdigit() or c == '.' for c in host):
++ return None
++
++ # NOTE(abhishekk): Add trailing dot to force DNS lookup instead of numeric
++ # parsing. This blocks encoded IP formats like 0x7f000001 or 127.0x0.0.1
++ # because they fail DNS lookup. Only real hostnames that resolve via DNS
++ # are allowed.
++ testhost = host
++ if not testhost.endswith('.'):
++ testhost += '.'
++
++ try:
++ socket.getaddrinfo(testhost, 80)
++ except socket.gaierror:
++ # NOTE(abhishekk): DNS resolution failed, reject the hostname
++ return None
++
++ # NOTE(abhishekk): Valid and resolvable hostname, return unchanged
++ return host
++
++
+ def validate_import_uri(uri):
+ """Validate requested uri for Image Import web-download.
+
+@@ -163,9 +223,14 @@ def validate_import_uri(uri):
+ if not scheme or ((wl_schemes and scheme not in wl_schemes) or
+ parsed_uri.scheme in bl_schemes):
+ return False
+- if not host or ((wl_hosts and host not in wl_hosts) or
+- host in bl_hosts):
++
++ normalized_host = normalize_hostname(host)
++
++ if not normalized_host or (
++ (wl_hosts and normalized_host not in wl_hosts) or
++ normalized_host in bl_hosts):
+ return False
++
+ if port and ((wl_ports and port not in wl_ports) or
+ port in bl_ports):
+ return False
+Index: glance/glance/tests/functional/v2/test_images.py
+===================================================================
+--- glance.orig/glance/tests/functional/v2/test_images.py
++++ glance/glance/tests/functional/v2/test_images.py
+@@ -15,9 +15,11 @@
+
+ import hashlib
+ import http.client as http
++import http.server as http_server
+ import os
+ import subprocess
+ import tempfile
++import threading
+ import time
+ import urllib
+ import uuid
+@@ -383,6 +385,164 @@ class TestImages(functional.FunctionalTe
+
+ self.stop_servers()
+
++ def test_web_download_redirect_validation(self):
++ """Test that redirect destinations are validated."""
++ self.config(allowed_ports=[80], group='import_filtering_opts')
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.start_servers(**self.__dict__.copy())
++
++ # Create an image
++ path = self._url('/v2/images')
++ headers = self._headers({'content-type': 'application/json'})
++ data = jsonutils.dumps({
++ 'name': 'redirect-test', 'type': 'kernel',
++ 'disk_format': 'aki', 'container_format': 'aki'})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(http.CREATED, response.status_code)
++ image = jsonutils.loads(response.text)
++ image_id = image['id']
++
++ # Try to import with redirect to disallowed host
++ # The redirect destination should be validated and rejected
++ # Create a local redirect server
++ def _get_redirect_handler_class():
++ class RedirectHTTPRequestHandler(
++ http_server.BaseHTTPRequestHandler):
++ def do_GET(self):
++ self.send_response(http.FOUND)
++ self.send_header('Location', 'http://127.0.0.1:80/')
++ self.end_headers()
++ return
++
++ def log_message(self, *args, **kwargs):
++ return
++
++ server_address = ('127.0.0.1', 0)
++ handler_class = _get_redirect_handler_class()
++ redirect_httpd = http_server.HTTPServer(server_address, handler_class)
++ redirect_port = redirect_httpd.socket.getsockname()[1]
++ redirect_thread =
threading.Thread(target=redirect_httpd.serve_forever)
++ redirect_thread.daemon = True
++ redirect_thread.start()
++
++ redirect_uri = 'http://127.0.0.1:%s/' % redirect_port
++ path = self._url('/v2/images/%s/import' % image_id)
++ headers = self._headers({
++ 'content-type': 'application/json',
++ 'X-Roles': 'admin',
++ })
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': redirect_uri
++ }})
++
++ # Import request may be accepted (202) but should fail during
++ # processing when redirect destination is validated
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(http.ACCEPTED, response.status_code)
++
++ # Clean up redirect server
++ redirect_httpd.shutdown()
++ redirect_httpd.server_close()
++
++ # Wait for the task to process and verify it failed
++ # The redirect validation in get_image_data_iter should prevent
++ # access to disallowed host (127.0.0.1)
++ time.sleep(5) # Give task time to process
++
++ # Verify the task failed due to redirect validation
++ path = self._url('/v2/images/%s/tasks' % image_id)
++ response = requests.get(path, headers=self._headers())
++ self.assertEqual(http.OK, response.status_code)
++ tasks = jsonutils.loads(response.text)['tasks']
++ tasks = sorted(tasks, key=lambda t: t['updated_at'])
++ self.assertGreater(len(tasks), 0)
++ task = tasks[-1]
++ self.assertEqual('failure', task['status'])
++
++ # Verify the image status is still queued (not active)
++ # since the import failed - this proves the SSRF was prevented
++ path = self._url('/v2/images/%s' % image_id)
++ response = requests.get(path, headers=self._headers())
++ self.assertEqual(http.OK, response.status_code)
++ image = jsonutils.loads(response.text)
++ self.assertEqual('queued', image['status'])
++ # Image should not have checksum or size since import failed
++ # If checksum/size exist, it means data was downloaded (SSRF
succeeded)
++ self.assertIsNone(image.get('checksum'))
++ # Image should not have size since import failed
++ self.assertIsNone(image.get('size'))
++
++ # Clean up
++ path = self._url('/v2/images/%s' % image_id)
++ response = requests.delete(path, headers=self._headers())
++ self.assertEqual(http.NO_CONTENT, response.status_code)
++
++ self.stop_servers()
++
++ def test_web_download_ip_normalization(self):
++ """Test that encoded IP addresses are normalized and blocked."""
++ self.config(allowed_ports=[80], group='import_filtering_opts')
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.start_servers(**self.__dict__.copy())
++
++ # Create an image
++ path = self._url('/v2/images')
++ headers = self._headers({'content-type': 'application/json'})
++ data = jsonutils.dumps({
++ 'name': 'ip-encoding-test', 'type': 'kernel',
++ 'disk_format': 'aki', 'container_format': 'aki'})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(http.CREATED, response.status_code)
++ image = jsonutils.loads(response.text)
++ image_id = image['id']
++
++ # Test that encoded IP (2130706433 = 127.0.0.1) is blocked
++ # after normalization
++ encoded_ip_uri = 'http://2130706433:80/'
++ path = self._url('/v2/images/%s/import' % image_id)
++ headers = self._headers({
++ 'content-type': 'application/json',
++ 'X-Roles': 'admin',
++ })
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': encoded_ip_uri
++ }})
++ # Should be rejected because encoded IP normalizes to 127.0.0.1
++ # which is in disallowed_hosts
++ # Validation happens at API level, so should return 400
++ response = requests.post(path, headers=headers, data=data)
++ # Should be rejected with 400 Bad Request
++ self.assertEqual(400, response.status_code)
++
++ # Test octal integer encoded IP (017700000001 = 127.0.0.1)
++ octal_int_uri = 'http://017700000001:80/'
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': octal_int_uri
++ }})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(400, response.status_code)
++
++ # Test octal dotted-decimal encoded IP (0177.0.0.01 = 127.0.0.1)
++ octal_dotted_uri = 'http://0177.0.0.01:80/'
++ data = jsonutils.dumps({'method': {
++ 'name': 'web-download',
++ 'uri': octal_dotted_uri
++ }})
++ response = requests.post(path, headers=headers, data=data)
++ self.assertEqual(400, response.status_code)
++
++ # Clean up
++ path = self._url('/v2/images/%s' % image_id)
++ response = requests.delete(path, headers=self._headers())
++ self.assertEqual(http.NO_CONTENT, response.status_code)
++
++ self.stop_servers()
++
+ def test_image_lifecycle(self):
+ # Image list should be empty
+ self.api_server.show_multiple_locations = True
+Index: glance/glance/tests/unit/async_/flows/test_api_image_import.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_api_image_import.py
++++ glance/glance/tests/unit/async_/flows/test_api_image_import.py
+@@ -25,6 +25,7 @@ import taskflow
+ import glance.async_.flows.api_image_import as import_flow
+ from glance.common import exception
+ from glance.common.scripts.image_import import main as image_import
++from glance.common.scripts import utils as script_utils
+ from glance import context
+ from glance.domain import ExtraProperties
+ from glance import gateway
+@@ -1176,6 +1177,11 @@ class TestImportMetadata(test_utils.Base
+ 'extra_metadata': 'hello',
+ 'size': '12345'
+ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "active"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1184,6 +1190,7 @@ class TestImportMetadata(test_utils.Base
+ 'https://other.cloud.foo/image/v2/images/%s' % (
+ IMAGE_ID1),
+ headers={'X-Auth-Token': self.context.auth_token})
++ mock_request.build_opener.assert_called_once()
+ mock_gge.assert_called_once_with(self.context, 'RegionTwo', 'public')
+ action.set_image_attribute.assert_called_once_with(
+ disk_format='qcow2',
+@@ -1212,8 +1219,11 @@ class TestImportMetadata(test_utils.Base
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+ def test_execute_fail_remote_glance_unreachable(self, mock_gge, mock_r):
+ action = self.wrapper.__enter__.return_value
+- mock_r.urlopen.side_effect = urllib.error.HTTPError(
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ mock_opener = mock.MagicMock()
++ mock_opener.open.side_effect = urllib.error.HTTPError(
+ '/file', 400, 'Test Fail', {}, None)
++ mock_r.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1231,6 +1241,11 @@ class TestImportMetadata(test_utils.Base
+ mock_json.loads.return_value = {
+ 'status': 'queued',
+ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "queued"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1254,6 +1269,11 @@ class TestImportMetadata(test_utils.Base
+ 'os_hash': 'hash',
+ 'extra_metadata': 'hello',
+ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "active"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+ self.context, self.wrapper,
+ self.import_req)
+@@ -1262,6 +1282,7 @@ class TestImportMetadata(test_utils.Base
+ 'https://other.cloud.foo/image/v2/images/%s' % (
+ IMAGE_ID1),
+ headers={'X-Auth-Token': self.context.auth_token})
++ mock_request.build_opener.assert_called_once()
+ mock_gge.assert_called_once_with(self.context, 'RegionTwo', 'public')
+ action.set_image_attribute.assert_called_once_with(
+ disk_format='qcow2',
+@@ -1271,6 +1292,71 @@ class TestImportMetadata(test_utils.Base
+ 'os_hash': 'hash'
+ })
+
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_import_metadata_redirect_validation(self, mock_gge,
++ mock_request):
++ """Test redirect destinations are validated during metadata fetch."""
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
++ self.context, self.wrapper,
++ self.import_req)
++ mock_opener = mock.MagicMock()
++ # Simulate redirect to disallowed URL
++ mock_opener.open.side_effect = exception.ImportTaskError(
++ "Redirect to disallowed URL: http://127.0.0.1:5000/";)
++ mock_request.build_opener.return_value = mock_opener
++ self.assertRaises(exception.ImportTaskError, task.execute)
++ # Verify SafeRedirectHandler is used
++ mock_request.build_opener.assert_called_once()
++ # Verify the handler passed is SafeRedirectHandler
++ call_args = mock_request.build_opener.call_args
++ # Check if SafeRedirectHandler class or instance is in args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be used for redirect validation")
++
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.flows.api_image_import.json')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_import_metadata_uses_safe_redirect_handler(self, mock_gge,
++ mock_json,
++ mock_request):
++ """Test that SafeRedirectHandler is used and allows valid
redirects."""
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ mock_json.loads.return_value = {
++ 'status': 'active',
++ 'disk_format': 'qcow2',
++ 'container_format': 'bare',
++ 'size': '12345'
++ }
++ mock_opener = mock.MagicMock()
++ mock_payload = mock.MagicMock()
++ mock_payload.read.return_value = b'{"status": "active"}'
++ mock_opener.open.return_value.__enter__.return_value = mock_payload
++ mock_request.build_opener.return_value = mock_opener
++ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
++ self.context, self.wrapper,
++ self.import_req)
++ # Execute should succeed with valid redirect
++ result = task.execute()
++ # Verify build_opener was called with SafeRedirectHandler
++ mock_request.build_opener.assert_called_once()
++ call_args = mock_request.build_opener.call_args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be passed to build_opener")
++ # Verify execution succeeded (handler allows valid redirects)
++ self.assertEqual(12345, result)
++
+ def test_revert_rollback_metadata_value(self):
+ action = self.wrapper.__enter__.return_value
+ task = import_flow._ImportMetadata(TASK_ID1, TASK_TYPE,
+Index: glance/glance/tests/unit/async_/flows/test_glance_download.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_glance_download.py
++++ glance/glance/tests/unit/async_/flows/test_glance_download.py
+@@ -22,7 +22,8 @@ from oslo_utils.fixture import uuidsenti
+
+ from glance.async_.flows._internal_plugins import glance_download
+ from glance.async_.flows import api_image_import
+-import glance.common.exception
++from glance.common import exception
++from glance.common.scripts import utils as script_utils
+ import glance.context
+ from glance import domain
+ import glance.tests.utils as test_utils
+@@ -72,37 +73,49 @@ class TestGlanceDownloadTask(test_utils.
+ self.image_repo.get.return_value = mock.MagicMock(
+ extra_properties={'os_glance_import_task': self.task_id})
+
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
+ @mock.patch.object(filesystem.Store, 'add')
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+- def test_glance_download(self, mock_gge, mock_add):
++ def test_glance_download(self, mock_gge, mock_add, mock_getaddrinfo):
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
+ mock_gge.return_value = 'https://other.cloud.foo/image'
+ glance_download_task = glance_download._DownloadGlanceImage(
+ self.context, self.task.task_id, self.task_type,
+ self.action_wrapper, ['foo'],
+ 'RegionTwo', uuidsentinel.remote_image, 'public')
+ with mock.patch('urllib.request') as mock_request:
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
+ mock_add.return_value = ["path", 12345]
+ self.assertEqual(glance_download_task.execute(12345), "path")
+ mock_add.assert_called_once_with(
+ self.image_id,
+- mock_request.urlopen.return_value, 0)
++ mock_response, 0)
+ mock_request.Request.assert_called_once_with(
+ 'https://other.cloud.foo/image/v2/images/%s/file' % (
+ uuidsentinel.remote_image),
+ headers={'X-Auth-Token': self.context.auth_token})
++ mock_request.build_opener.assert_called_once()
+ mock_gge.assert_called_once_with(self.context, 'RegionTwo', 'public')
+
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
+ @mock.patch.object(filesystem.Store, 'add')
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+- def test_glance_download_failed(self, mock_gge, mock_add):
++ def test_glance_download_failed(self, mock_gge, mock_add,
++ mock_getaddrinfo):
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
+ mock_gge.return_value = 'https://other.cloud.foo/image'
+ glance_download_task = glance_download._DownloadGlanceImage(
+ self.context, self.task.task_id, self.task_type,
+ self.action_wrapper, ['foo'],
+ 'RegionTwo', uuidsentinel.remote_image, 'public')
+ with mock.patch('urllib.request') as mock_request:
+- mock_request.urlopen.side_effect = urllib.error.HTTPError(
++ mock_opener = mock.MagicMock()
++ mock_opener.open.side_effect = urllib.error.HTTPError(
+ '/file', 400, 'Test Fail', {}, None)
++ mock_request.build_opener.return_value = mock_opener
+ self.assertRaises(urllib.error.HTTPError,
+ glance_download_task.execute,
+ 12345)
+@@ -127,21 +140,28 @@ class TestGlanceDownloadTask(test_utils.
+ glance_download_task.execute, 12345)
+ mock_request.assert_not_called()
+
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
+ @mock.patch.object(filesystem.Store, 'add')
+ @mock.patch('glance.async_.utils.get_glance_endpoint')
+- def test_glance_download_size_mismatch(self, mock_gge, mock_add):
++ def test_glance_download_size_mismatch(self, mock_gge, mock_add,
++ mock_getaddrinfo):
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
+ mock_gge.return_value = 'https://other.cloud.foo/image'
+ glance_download_task = glance_download._DownloadGlanceImage(
+ self.context, self.task.task_id, self.task_type,
+ self.action_wrapper, ['foo'],
+ 'RegionTwo', uuidsentinel.remote_image, 'public')
+ with mock.patch('urllib.request') as mock_request:
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
+ mock_add.return_value = ["path", 1]
+ self.assertRaises(glance.common.exception.ImportTaskError,
+ glance_download_task.execute, 12345)
+ mock_add.assert_called_once_with(
+ self.image_id,
+- mock_request.urlopen.return_value, 0)
++ mock_response, 0)
+ mock_request.Request.assert_called_once_with(
+ 'https://other.cloud.foo/image/v2/images/%s/file' % (
+ uuidsentinel.remote_image),
+@@ -165,3 +185,70 @@ class TestGlanceDownloadTask(test_utils.
+ mock_validate.assert_called_once_with(
+ 'https://other.cloud.foo/image/v2/images/%s/file' % (
+ uuidsentinel.remote_image))
++
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_glance_download_redirect_validation(self, mock_gge,
++ mock_request,
++ mock_getaddrinfo):
++ """Test redirect destinations are validated during image download."""
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ glance_download_task = glance_download._DownloadGlanceImage(
++ self.context, self.task.task_id, self.task_type,
++ self.action_wrapper, ['foo'],
++ 'RegionTwo', uuidsentinel.remote_image, 'public')
++ mock_opener = mock.MagicMock()
++ # Simulate redirect to disallowed URL
++ mock_opener.open.side_effect = exception.ImportTaskError(
++ "Redirect to disallowed URL: http://127.0.0.1:5000/";)
++ mock_request.build_opener.return_value = mock_opener
++ self.assertRaises(exception.ImportTaskError,
++ glance_download_task.execute, 12345)
++ # Verify SafeRedirectHandler is used
++ mock_request.build_opener.assert_called_once()
++ # Verify the handler passed is SafeRedirectHandler
++ call_args = mock_request.build_opener.call_args
++ # Check if SafeRedirectHandler class or instance is in args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be used for redirect validation")
++
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
++ @mock.patch.object(filesystem.Store, 'add')
++ @mock.patch('urllib.request')
++ @mock.patch('glance.async_.utils.get_glance_endpoint')
++ def test_glance_download_uses_safe_redirect_handler(
++ self, mock_gge, mock_request, mock_add, mock_getaddrinfo):
++ """Test that SafeRedirectHandler is used and allows valid
execution."""
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ mock_gge.return_value = 'https://other.cloud.foo/image'
++ glance_download_task = glance_download._DownloadGlanceImage(
++ self.context, self.task.task_id, self.task_type,
++ self.action_wrapper, ['foo'],
++ 'RegionTwo', uuidsentinel.remote_image, 'public')
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
++ mock_add.return_value = ["path", 12345]
++ result = glance_download_task.execute(12345)
++ # Verify build_opener was called with SafeRedirectHandler
++ mock_request.build_opener.assert_called_once()
++ # Verify SafeRedirectHandler was passed
++ call_args = mock_request.build_opener.call_args
++ # Check if SafeRedirectHandler class or instance is in args
++ found_handler = (
++ any(isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args) or
++ script_utils.SafeRedirectHandler in call_args.args)
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be passed to build_opener")
++ # Verify execution succeeded (handler allows valid execution)
++ self.assertEqual("path", result)
+Index: glance/glance/tests/unit/async_/flows/test_import.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_import.py
++++ glance/glance/tests/unit/async_/flows/test_import.py
+@@ -17,7 +17,6 @@ import io
+ import json
+ import os
+ from unittest import mock
+-import urllib
+
+ import glance_store
+ from oslo_concurrency import processutils as putils
+@@ -371,9 +370,15 @@ class TestImportTask(test_utils.BaseTest
+ self.img_repo.get.return_value = self.image
+ img_factory.new_image.side_effect = create_image
+
+- with mock.patch.object(urllib.request, 'urlopen') as umock:
+- content = b"TEST_IMAGE"
+- umock.return_value = io.BytesIO(content)
++ # Mock get_image_data_iter to avoid actual network calls
++ # and to work with our SafeRedirectHandler changes
++ content = b"TEST_IMAGE"
++ mock_response = io.BytesIO(content)
++ mock_response.headers = {}
++
++ with mock.patch(
++ 'glance.common.scripts.utils.get_image_data_iter') as umock:
++ umock.return_value = mock_response
+
+ with mock.patch.object(import_flow, "_get_import_flows") as imock:
+ imock.return_value = (x for x in [])
+Index: glance/glance/tests/unit/async_/flows/test_ovf_process.py
+===================================================================
+--- glance.orig/glance/tests/unit/async_/flows/test_ovf_process.py
++++ glance/glance/tests/unit/async_/flows/test_ovf_process.py
+@@ -18,10 +18,12 @@ import shutil
+ import tarfile
+ import tempfile
+ from unittest import mock
++import urllib.error
+
+ from defusedxml.ElementTree import ParseError
+
+ from glance.async_.flows import ovf_process
++from glance.common import exception
+ import glance.tests.utils as test_utils
+ from oslo_config import cfg
+
+@@ -164,3 +166,56 @@ class TestOvfProcessTask(test_utils.Base
+ iextractor = ovf_process.OVAImageExtractor()
+ with open(ova_file_path, 'rb') as ova_file:
+ self.assertRaises(ParseError, iextractor._parse_OVF, ova_file)
++
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_get_ova_iter_objects_uri_validation_fails(self, mock_validate):
++ """Test that disallowed URIs raise ImportTaskError"""
++ mock_validate.return_value = False
++ oprocess = ovf_process._OVF_Process('task_id', 'ovf_proc',
++ self.img_repo)
++ self.assertRaises(exception.ImportTaskError,
++ oprocess._get_ova_iter_objects,
++ 'http://127.0.0.1:5000/package.ova')
++ mock_validate.assert_called_once_with(
++ 'http://127.0.0.1:5000/package.ova')
++
++ @mock.patch('urllib.request')
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_get_ova_iter_objects_uri_validation_passes(self, mock_validate,
++ mock_request):
++ """Test that allowed URIs use SafeRedirectHandler"""
++ mock_validate.return_value = True
++ mock_opener = mock.MagicMock()
++ mock_response = mock.MagicMock()
++ mock_opener.open.return_value = mock_response
++ mock_request.build_opener.return_value = mock_opener
++ oprocess = ovf_process._OVF_Process('task_id', 'ovf_proc',
++ self.img_repo)
++ result = oprocess._get_ova_iter_objects(
++ 'http://example.com/package.ova')
++ self.assertEqual(mock_response, result)
++ mock_validate.assert_called_once_with(
++ 'http://example.com/package.ova')
++ mock_request.build_opener.assert_called_once()
++
++ @mock.patch('urllib.request')
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_get_ova_iter_objects_redirect_validation(self, mock_validate,
++ mock_request):
++ """Test that redirects to disallowed URLs are blocked"""
++ # First call (initial URL) passes validation
++ # Second call (redirect destination) fails validation
++ mock_validate.side_effect = [True, False]
++ mock_opener = mock.MagicMock()
++ # Simulate redirect to disallowed URL
++ mock_opener.open.side_effect = urllib.error.URLError(
++ "Redirect to disallowed URL: http://127.0.0.1:5000/package.ova";)
++ mock_request.build_opener.return_value = mock_opener
++ oprocess = ovf_process._OVF_Process('task_id', 'ovf_proc',
++ self.img_repo)
++ self.assertRaises(urllib.error.URLError,
++ oprocess._get_ova_iter_objects,
++ 'http://example.com/package.ova')
++ mock_validate.assert_called_once_with(
++ 'http://example.com/package.ova')
++ mock_request.build_opener.assert_called_once()
+Index: glance/glance/tests/unit/common/scripts/test_scripts_utils.py
+===================================================================
+--- glance.orig/glance/tests/unit/common/scripts/test_scripts_utils.py
++++ glance/glance/tests/unit/common/scripts/test_scripts_utils.py
+@@ -15,6 +15,8 @@
+
+ from unittest import mock
+ import urllib
++import urllib.error
++import urllib.request
+
+ from glance.common import exception
+ from glance.common.scripts import utils as script_utils
+@@ -230,3 +232,110 @@ class TestCallbackIterator(test_utils.Ba
+ # call the callback with that.
+ callback.assert_has_calls([mock.call(2, 2),
+ mock.call(1, 3)])
++
++
++class TestSafeRedirectHandler(test_utils.BaseTestCase):
++ """Test SafeRedirectHandler for redirect validation."""
++
++ def setUp(self):
++ super(TestSafeRedirectHandler, self).setUp()
++
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_redirect_to_allowed_url(self, mock_validate):
++ """Test redirect to allowed URL is accepted."""
++ mock_validate.return_value = True
++ handler = script_utils.SafeRedirectHandler()
++
++ req = mock.Mock()
++ req.full_url = 'http://example.com/redirect'
++ fp = mock.Mock()
++ headers = mock.Mock()
++
++ # Redirect to allowed URL
++ # redirect_request should call super().redirect_request
++ # which returns a request
++ with mock.patch.object(urllib.request.HTTPRedirectHandler,
++ 'redirect_request') as mock_super:
++ mock_super.return_value = mock.Mock()
++ result = handler.redirect_request(
++ req, fp, 302, 'Found', headers, 'http://allowed.com/target'
++ )
++
++ mock_validate.assert_called_once_with('http://allowed.com/target')
++ # Should return a request object (not None)
++ self.assertIsNotNone(result)
++
++ @mock.patch('glance.common.utils.validate_import_uri')
++ def test_redirect_to_disallowed_url(self, mock_validate):
++ """Test redirect to disallowed URL raises error."""
++ mock_validate.return_value = False
++ handler = script_utils.SafeRedirectHandler()
++
++ req = mock.Mock()
++ req.full_url = 'http://example.com/redirect'
++ fp = mock.Mock()
++ headers = mock.Mock()
++
++ # Redirect to disallowed URL should raise ImportTaskError
++ self.assertRaises(
++ exception.ImportTaskError,
++ handler.redirect_request,
++ req, fp, 302, 'Found', headers, 'http://127.0.0.1:5000/'
++ )
++
++ mock_validate.assert_called_once_with('http://127.0.0.1:5000/')
++
++
++class TestGetImageDataIter(test_utils.BaseTestCase):
++ """Test get_image_data_iter with redirect validation."""
++
++ def setUp(self):
++ super(TestGetImageDataIter, self).setUp()
++
++ @mock.patch('builtins.open', create=True)
++ def test_get_image_data_iter_file_uri(self, mock_open):
++ """Test file:// URI handling."""
++ mock_file = mock.Mock()
++ mock_open.return_value = mock_file
++
++ result = script_utils.get_image_data_iter("file:///tmp/test.img")
++
++ mock_open.assert_called_once_with("/tmp/test.img", "rb")
++ self.assertEqual(result, mock_file)
++
++ @mock.patch('urllib.request.build_opener')
++ def test_get_image_data_iter_http_uri(self, mock_build_opener):
++ """Test HTTP URI handling with redirect validation."""
++ mock_opener = mock.Mock()
++ mock_response = mock.Mock()
++ mock_opener.open.return_value = mock_response
++ mock_build_opener.return_value = mock_opener
++
++ result = script_utils.get_image_data_iter("http://example.com/image";)
++
++ # Should use build_opener with SafeRedirectHandler
++ mock_build_opener.assert_called_once()
++ # Check that SafeRedirectHandler was passed as an argument
++ call_args = mock_build_opener.call_args
++ # build_opener can be called with *args or keyword args
++ # Check both positional and keyword arguments
++ found_handler = False
++ if call_args.args:
++ found_handler = any(
++ isinstance(arg, script_utils.SafeRedirectHandler)
++ for arg in call_args.args)
++ if not found_handler and call_args.kwargs:
++ found_handler = any(
++ isinstance(v, script_utils.SafeRedirectHandler)
++ for v in call_args.kwargs.values())
++ # Also check if it's passed as a handler class (not instance)
++ if not found_handler:
++ found_handler = (
++ script_utils.SafeRedirectHandler in call_args.args)
++
++ self.assertTrue(
++ found_handler,
++ "SafeRedirectHandler should be passed to build_opener")
++
++ mock_opener.open.assert_called_once_with("http://example.com/image";)
++ self.assertEqual(result, mock_response)
+Index: glance/glance/tests/unit/common/test_utils.py
+===================================================================
+--- glance.orig/glance/tests/unit/common/test_utils.py
++++ glance/glance/tests/unit/common/test_utils.py
+@@ -15,6 +15,8 @@
+ # under the License.
+
+ import io
++import ipaddress
++import socket
+ import tempfile
+ from unittest import mock
+
+@@ -1013,3 +1015,179 @@ class ImportURITestCase(test_utils.BaseT
+ group='import_filtering_opts')
+ self.assertTrue(utils.validate_import_uri("ftp://foo.com:8484";))
+ mock_run.assert_called_once()
++
++ def test_validate_import_uri_ip_rejection(self):
++ """Test that encoded IP addresses are rejected (not normalized)."""
++ # Test that standard IP is blocked when in blacklist
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.config(allowed_ports=[80],
++ group='import_filtering_opts')
++ self.assertFalse(utils.validate_import_uri("http://127.0.0.1:80/";))
++
++ # Test that encoded IP (decimal) is rejected
++ result = utils.validate_import_uri("http://2130706433:80/";)
++ self.assertFalse(result)
++
++ # Test that shorthand IP addresses are rejected
++ self.assertFalse(utils.validate_import_uri("http://127.1:80/";))
++ self.assertFalse(utils.validate_import_uri("http://10.1:80/";))
++ self.assertFalse(utils.validate_import_uri("http://192.168.1:80/";))
++
++ # Test with allowed host - encoded IP should still be rejected
++ self.config(disallowed_hosts=[],
++ group='import_filtering_opts')
++ self.config(allowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.assertTrue(utils.validate_import_uri("http://127.0.0.1:80/";))
++ self.assertFalse(utils.validate_import_uri("http://2130706433:80/";))
++
++ @mock.patch('glance.common.utils.socket.getaddrinfo')
++ def test_normalize_hostname(self, mock_getaddrinfo):
++ """Test the normalize_hostname function."""
++ # Test standard IPv4 - should return normalized
++ result = utils.normalize_hostname("127.0.0.1")
++ self.assertEqual(result, "127.0.0.1")
++ mock_getaddrinfo.assert_not_called()
++
++ # Test standard IPv4 with different format - should normalize
++ result = utils.normalize_hostname("192.168.1.1")
++ self.assertEqual(result, "192.168.1.1")
++ mock_getaddrinfo.assert_not_called()
++
++ # Test encoded IP (decimal) - should be rejected (fails isdigit check)
++ result = utils.normalize_hostname("2130706433")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test hex encoded IP - should be rejected (DNS resolution fails)
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = socket.gaierror(
++ "Name or service not known")
++ result = utils.normalize_hostname("0x7f000001")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_called_once_with("0x7f000001.", 80)
++
++ # Test octal integer encoded IP - should be rejected
++ # (fails isdigit check)
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("017700000001")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test octal dotted-decimal encoded IP - should be rejected
++ # (all digits/dots)
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("0177.0.0.01")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test mixed octal/decimal dotted-decimal - should be rejected
++ # (all digits/dots)
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("0177.0.0.1")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test IPv6 address - should normalize to standard format
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("::1")
++ self.assertEqual(result, "::1")
++ mock_getaddrinfo.assert_not_called()
++
++ result = utils.normalize_hostname("2001:db8::1")
++ self.assertEqual(result, "2001:db8::1")
++ mock_getaddrinfo.assert_not_called()
++
++ # Test IPv6-mapped IPv4 - should normalize
++ result = utils.normalize_hostname("::ffff:127.0.0.1")
++ ipv6 = ipaddress.IPv6Address(result)
++ expected = ipaddress.IPv6Address("::ffff:127.0.0.1")
++ self.assertEqual(ipv6, expected)
++ mock_getaddrinfo.assert_not_called()
++
++ # Test shorthand IP addresses - should be rejected
++ mock_getaddrinfo.reset_mock()
++ result = utils.normalize_hostname("127.1")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_not_called()
++
++ result = utils.normalize_hostname("10.1")
++ self.assertIsNone(result)
++
++ result = utils.normalize_hostname("192.168.1")
++ self.assertIsNone(result)
++
++ # Test valid hostname - should return unchanged
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = None
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ result = utils.normalize_hostname("example.com")
++ self.assertEqual(result, "example.com")
++ mock_getaddrinfo.assert_called_once_with("example.com.", 80)
++
++ # Test valid domain starting with digit (3m.com)
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = None
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ result = utils.normalize_hostname("3m.com")
++ self.assertEqual(result, "3m.com")
++ mock_getaddrinfo.assert_called_once_with("3m.com.", 80)
++
++ # Test valid domain starting with 0x (0xdeadbeef.com)
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = None
++ mock_getaddrinfo.return_value = [('', '', '', '', ('', 80))]
++ result = utils.normalize_hostname("0xdeadbeef.com")
++ self.assertEqual(result, "0xdeadbeef.com")
++ mock_getaddrinfo.assert_called_once_with(
++ "0xdeadbeef.com.", 80)
++
++ # Test invalid/unresolvable hostname - should be rejected
++ mock_getaddrinfo.reset_mock()
++ mock_getaddrinfo.side_effect = socket.gaierror(
++ "Name or service not known")
++ result = utils.normalize_hostname("invalid-hostname-12345")
++ self.assertIsNone(result)
++ mock_getaddrinfo.assert_called_once_with(
++ "invalid-hostname-12345.", 80)
++
++ def test_validate_import_uri_ipv6_validation(self):
++ """Test IPv6 addresses are properly validated against blacklist."""
++ # Test that IPv6 localhost is blocked when in blacklist
++ self.config(disallowed_hosts=['::1'],
++ group='import_filtering_opts')
++ self.config(allowed_ports=[80],
++ group='import_filtering_opts')
++ # IPv6 addresses in URLs are in brackets, but urlparse removes them
++ # So we test with the hostname directly
++ self.assertFalse(
++ utils.validate_import_uri("http://[::1]:80/";))
++
++ # Test that IPv6 address not in blacklist is allowed
++ self.config(disallowed_hosts=[],
++ group='import_filtering_opts')
++ self.config(allowed_hosts=['2001:db8::1'],
++ group='import_filtering_opts')
++ self.assertTrue(utils.validate_import_uri("http://[2001:db8::1]:80/";))
++
++ # Test that IPv6 localhost can be blocked separately from IPv4
++ # This ensures IPv6 addresses are properly normalized and can be
++ # blacklisted
++ self.config(disallowed_hosts=['127.0.0.1'],
++ group='import_filtering_opts')
++ self.config(allowed_hosts=[], # Explicitly clear whitelist
++ group='import_filtering_opts')
++ self.config(allowed_ports=[80],
++ group='import_filtering_opts')
++ # IPv6 localhost should pass if not in blacklist (no whitelist)
++ # The fix ensures IPv6 is normalized and can be blacklisted separately
++ result = utils.validate_import_uri("http://[::1]:80/";)
++ # If ::1 is not in blacklist and no whitelist, it will pass
++ # Administrators should add both IPv4 and IPv6 to blacklist if needed
++ self.assertTrue(result)
++
++ # Test that IPv6 can be blacklisted separately
++ self.config(disallowed_hosts=['127.0.0.1', '::1'],
++ group='import_filtering_opts')
++ self.assertFalse(utils.validate_import_uri("http://[::1]:80/";))
+Index: glance/releasenotes/notes/bug-2138602-5720ad2e501b9e57.yaml
+===================================================================
+--- /dev/null
++++ glance/releasenotes/notes/bug-2138602-5720ad2e501b9e57.yaml
+@@ -0,0 +1,94 @@
++---
++security:
++ - |
++ Fixed multiple Server-Side Request Forgery (SSRF) vulnerabilities in
++ Glance's image import functionality. These vulnerabilities could allow
++ attackers to bypass URL validation and access internal resources.
++
++ **web-download Import Method SSRF:**
++
++ The web-download import method had two SSRF vulnerabilities:
++
++ *HTTP Redirect Bypass:*
++ The web-download import method did not validate redirect destinations when
++ following HTTP redirects. An attacker could provide an initial URL that
++ passed validation, but redirect to an internal or disallowed resource that
++ would bypass the security checks. This has been fixed by implementing
++ ``SafeRedirectHandler`` that validates redirect destinations before
++ following them using the same ``validate_import_uri()`` checks as the
++ initial URL.
++
++ *IP Address Encoding Bypass:*
++ The web-download import method's URL validation could be bypassed by
++ encoding IP addresses in alternative formats (decimal integer,
++ hexadecimal, octal). For example, ``127.0.0.1`` could be encoded as
++ ``2130706433`` (decimal) or ``0x7f000001`` (hexadecimal) to bypass
++ blacklist checks. This has been fixed by implementing
++ ``normalize_hostname()`` function that uses Python's ``ipaddress`` module
++ to validate IP addresses. The ``ipaddress`` module only accepts standard
++ dotted-decimal notation for IPv4 and standard format for IPv6,
automatically
++ rejecting all encoded formats (decimal, hexadecimal, octal). Any attempt
to
++ use encoded IP formats is rejected, preventing SSRF bypass attacks.
++
++ **glance-download Import Method SSRF:**
++
++ The glance-download import method had redirect validation bypass
++ vulnerabilities in two steps of the import flow:
++
++ *Image Data Download:*
++ When downloading image data from a remote Glance endpoint, redirects were
++ not validated, allowing attackers to redirect to internal services.
++
++ *Metadata Fetch:*
++ When fetching image metadata from a remote Glance endpoint, redirects were
++ not validated, allowing attackers to redirect to internal services.
++
++ Both steps have been fixed by using ``SafeRedirectHandler`` to validate
++ redirect destinations before following them.
++
++ **OVF Processing SSRF:**
++
++ The OVF processing functionality had a critical SSRF vulnerability with
++ zero protection - no URI validation, no redirect validation, and no IP
++ normalization. The code directly called ``urllib.request.urlopen(uri)``
++ without any validation checks. This has been fixed by adding URI
++ validation using ``validate_import_uri()`` and redirect validation using
++ ``SafeRedirectHandler``.
++
++ **Affected Components:**
++ - ``glance.common.scripts.utils.get_image_data_iter()``
++ - ``glance.common.utils.validate_import_uri()``
++ -
``glance.async_.flows._internal_plugins.glance_download._DownloadGlanceImage.execute()``
++ - ``glance.async_.flows.api_image_import._ImportMetadata.execute()``
++ - ``glance.async_.flows.ovf_process._OVF_Process._get_ova_iter_objects()``
++
++ **Impact:**
++ - Severity: High (web-download, glance-download), Critical (OVF
processing)
++ - Affected Versions: All versions prior to this fix
++ - Workaround: Administrators can temporarily disable affected import
++ methods by removing them from the ``enabled_import_methods``
++ configuration option
++
++ Bugs `#2138602 <https://bugs.launchpad.net/glance/+bug/2138602>`_,
++ `#2138672 <https://bugs.launchpad.net/glance/+bug/2138672>`_,
++ `#2138675 <https://bugs.launchpad.net/glance/+bug/2138675>`_
++
++fixes:
++ - |
++ Bug 2138602_: Fixed SSRF vulnerability in web-download import method via
++ HTTP redirect bypass and IP address encoding bypass. Added redirect
++ validation using SafeRedirectHandler and IP address validation using
++ Python's ``ipaddress`` module to reject encoded IP formats and prevent
++ bypass attacks.
++
++ Bug 2138672_: Fixed SSRF vulnerability in glance-download import method
++ via HTTP redirect bypass. Added redirect validation for both image data
++ download and metadata fetch operations.
++
++ Bug 2138675_: Fixed SSRF vulnerability in OVF processing functionality
++ which lacked URI validation. Added URI validation and redirect validation
++ to prevent SSRF attacks when processing OVA files.
++
++ .. _2138602: https://bugs.launchpad.net/bugs/2138602
++ .. _2138672: https://bugs.launchpad.net/bugs/2138672
++ .. _2138675: https://bugs.launchpad.net/bugs/2138675
diff -Nru glance-30.0.0/debian/patches/series
glance-30.0.0/debian/patches/series
--- glance-30.0.0/debian/patches/series 2025-07-12 10:29:31.000000000 +0200
+++ glance-30.0.0/debian/patches/series 2026-04-05 16:42:49.000000000 +0200
@@ -1,2 +1,3 @@
sql_conn-registry.patch
missing-files.patch
+OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
diff -Nru glance-30.0.0/debian/patches/sql_conn-registry.patch
glance-30.0.0/debian/patches/sql_conn-registry.patch
--- glance-30.0.0/debian/patches/sql_conn-registry.patch 2025-07-12
10:29:31.000000000 +0200
+++ glance-30.0.0/debian/patches/sql_conn-registry.patch 2026-04-05
16:42:49.000000000 +0200
@@ -7,7 +7,7 @@
===================================================================
--- glance.orig/etc/glance-api.conf
+++ glance/etc/glance-api.conf
-@@ -1753,6 +1753,7 @@
+@@ -1732,6 +1732,7 @@
# The SQLAlchemy connection string to use to connect to the database. (string
# value)
#connection = <None>
--- End Message ---
