Fix up protocol case handling for security groups.

Fix bug 985184.

When creating security group rules, any case for the protocol was
accepted as input, such as TCP, Tcp, tcp, etc., and was stored in the
database as specified.  However, unless specified as all lowercase, the
code to apply the rules would break and result in some rules not being
applied.

(cherry picked from commit ff06c7c)

Change-Id: If737104f492aacd3688f04d78eb9bc993ffa33fc

nova/api/ec2/cloud.py

@@ -610,7 +610,7 @@ def _rule_dict_last_step(self, context, to_port=None, from_port=None,
                       to_port=to_port, msg="For ICMP, the"
                                            " type:code must be valid")
 
-            values['protocol'] = ip_protocol
+            values['protocol'] = ip_protocol.lower()
             values['from_port'] = from_port
             values['to_port'] = to_port
         else:

nova/api/openstack/compute/contrib/security_groups.py

@@ -497,7 +497,7 @@ def _rule_args_to_dict(self, context, to_port=None, from_port=None,
                       to_port=to_port, msg="For ICMP, the"
                                            " type:code must be valid")
 
-            values['protocol'] = ip_protocol
+            values['protocol'] = ip_protocol.lower()
             values['from_port'] = from_port
             values['to_port'] = to_port
         else:

nova/virt/firewall.py

@@ -300,8 +300,8 @@ def instance_rules(self, instance, network_info):
                 else:
                     fw_rules = ipv6_rules
 
-                protocol = rule.protocol
-                if version == 6 and rule.protocol == 'icmp':
+                protocol = rule.protocol.lower()
+                if version == 6 and protocol == 'icmp':
                     protocol = 'icmpv6'
 
                 args = ['-j ACCEPT']