From 586af323ca7e87414b1f499499e28e6fec752a26 Mon Sep 17 00:00:00 2001
From: "abhishek.talwar" <abhishek.talwar@tcs.com>
Date: Tue, 18 Nov 2014 15:20:51 +0530
Subject: [PATCH] Check for default sec-group made case insensitive

Currently creating another security group with name
"default" is not allowed, however we can create
another security group with name "DEFAULT"
(or any other CASE pattern).

When trying to boot a VM without specifying
a security group it should always pick the
"default" security group. However, if another
security group of the name DEFAULT is present,
the VM gets associated with the wrong
security group (i.e DEFAULT and not default).

So, updated the code so that a security group
with name DEFAULT (or any other case pattern)
is not allowed.
Closes-Bug: #1384505

Change-Id: I3bc4e48cf723bcf74e098d7ef66df0333f6a8686
---
 neutron/extensions/securitygroup.py                 | 2 +-
 neutron/tests/unit/test_extension_security_group.py | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/neutron/extensions/securitygroup.py b/neutron/extensions/securitygroup.py
index 3524117ee..cdbe29dcd 100644
--- a/neutron/extensions/securitygroup.py
+++ b/neutron/extensions/securitygroup.py
@@ -174,7 +174,7 @@ def convert_ip_prefix_to_cidr(ip_prefix):
 
 
 def _validate_name_not_default(data, valid_values=None):
-    if data == "default":
+    if data.lower() == "default":
         raise SecurityGroupDefaultAlreadyExists()
 
 
diff --git a/neutron/tests/unit/test_extension_security_group.py b/neutron/tests/unit/test_extension_security_group.py
index e0061940b..17484b965 100644
--- a/neutron/tests/unit/test_extension_security_group.py
+++ b/neutron/tests/unit/test_extension_security_group.py
@@ -332,6 +332,13 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
         self.deserialize(self.fmt, res)
         self.assertEqual(res.status_int, webob.exc.HTTPConflict.code)
 
+    def test_create_default_security_group_check_case_insensitive(self):
+        name = 'DEFAULT'
+        description = 'my webservers'
+        res = self._create_security_group(self.fmt, name, description)
+        self.deserialize(self.fmt, res)
+        self.assertEqual(res.status_int, webob.exc.HTTPConflict.code)
+
     def test_list_security_groups(self):
         with contextlib.nested(self.security_group(name='sg1',
                                                    description='sg'),
-- 
2.45.2