------------------------------------------------------------------- Wed Jan 18 15:26:17 UTC 2023 - Darragh O'Reilly - Prevent XXE injections (bsc#1207035, CVE-2022-47950) ------------------------------------------------------------------- Mon May 18 06:57:10 UTC 2015 - vuntz@suse.com - Update _service to track tarball generated on tarballs.openstack.org. - Switch to packaging style of openstack packages. - Create a test subpackage. - Update to version 1.7.0.dev372: + Add .gitreview file. + Update package data + Add tox-based tests support + Fix pep8 errors + Update .gitignore + Fix listing bucket when key contains special URL charcters + Fix type errors with s3multi + Fix an 'if' condition. + Use HTTP_METHOD_NOT_ALLOWED when invalid method is specified + make handle_request return callable + Add setup.cfg and pbr support. + Remove unnecessary urllib.unquote calls + Improve coverage report + Use openstack.nose_plugin for tests + Make more use of Swob for code cleanup + Remove pbr dependency at run time + Split controllers + Added swift3.Response + test: add FakeSwift + Use InternalError for unexpected server errors + Use lxml for processing XML + tox: add support for pylint + Fix Pre-Signed URL + acl: fix PUT bucket acl + Add a wrapper for lxml to handle XML namespace + Define S3 errors as exceptions + Added swift3.Request + Raise SignatureDoesNotMatch for unauthorized requests + request: move status code check into swift3.Request + Split controllers into separate modules + test: split TestSwift3 based on controller modules + test: add support for functional tests + Don't intervene with non-AWS HTTP authentication + test/functional: remove bc dependency + response: remove StatusMap class + controller: add UnsupportedController for unsupported features + request: add missing subresources for signature calculation + tests/functional: remove unused parameters + Make the swift3 config global + Use tenant name and user name for user id + etree: add support for xml validation + bucket: fix success code of HEAD request + tox: update swift version + cleanup dependency in tox.ini + request: add support for virtual-hosted-style access + Return errors when unsupported headers are specified + test/unit: remove unused method + Fix HEAD bucket request string problem. + request: remove unnecessary check + obj: add support for altering response header values + test/unit: forbid empty path_info + request: return InvalidURI for non-utf8 URI + Add test case for HEAD bucket requests. + service: ignores subresource queries for service requests + request: add helper to check the target resource type + cfg: set default values for swift3 config parameters + bucket: make max_bucket_listing configurable + Fix typo in swift3/response.py + response: drain response body on error + response: include resource_type in the MethodNotAllowed response + Fix Location header of PUT bucket response + Clean up Location header in Bucket Response + request: forbid request.body + bucket: handle location constraint requests + Set x-amz-id-2 and x-amz-request-id headers based on Swift txid + Check the target resource more strictly + response: add double quotes to etag headers + bucket: add missing type conversion + multi_delete: make content-md5 mandatory + cfg: convert types automatically based on default values + Remove unused variable + cfg: allow attribute access + request: raise InvalidDigest for non-base64-alphabet CONTENT_MD5 + test/unit: allow running test directly + tox: update pep8 parameters based on the latest Swift + Make the swift3 logger global + test/unit: move swift3.etree test to test_etree.py + etree: handle invalid xml + multi_upload: preliminary support for S3 multi part upload + Unfold add_canonical_user() + Move x-amz-acl header handling into acl.py + multi_delete: limit the maximum number of objects + bucket: return delimiter only when it is specified in query + Remove string comparisons for illegal ACL + multi_delete: add support for quiet mode + multi_delete: return UserKeyMustBeSpecified when key is missing + etree: handle comments in xml + Add support for non-ascii string + tox: update swift version to 2.1.0 + Add helper to decode and encode utf8 + etree: add support for url-encoding + Check pipeline configuration + Add error response tests for object that are insufficient. + Update documentation to use keystoneauth name + Fix X-AMZ-ACL header is not applied + Fix Canned ACL Error with Empty Body + Fix set ACL fails to existing bucket + Add compatible with third party auth middleware. + Fix test_location unit test + Fix object copy requests. + Disable pylint failures + LOGGER can't output message to proxy.log. + Fix multipart upload is required SLO in pipeline + Draft: Acl class design for supporting S3 ACL + acl: add preliminary support for S3 ACL + acl: use S3 ACL for object and bucket APIs + Refactor test_s3_acl + Show warn/error log when no slo middleware + Draft: s3acl decorator + Support FakeSwift register overwritten + Fix 500 error when no DisplayName in request body. + Move tests related to s3_acl in the test_s3_acl.py to the appropriate files + Add S3 ACL for DELETE Multiple Objects + Fix object copy with empty source + Fix validation of invalid bucket name + acl: Skip acl check for all requests of Account. + Blind whole buckets with invalid name + Fix InternalError when RequestTimeout occurs + Add S3 ACL for Multipart Upload APIs + Draft: Split Request class for s3acl + ACL Handlers + Add unit test for GET Bucket includes subdir + Delete check of write permission of the object in PUT Object + Fix response of Get Bucket when IsTruncated is true and delimiter is specified + Return NotImplemented at POST object + Fix response of DELETE Multiple Objects without bucket write permission + Support x-amz-copy-source-if-* for PUT Object Copy + Support range for HEAD Object + Fix max-uploads, key-marker, prefix and upload-id-marker in queries of List Multipart Uploads + Fix max-parts, part-number-marker, and encoding-type in queries of List Parts + Add config paramater `pipeline_check` to enable/disable pipeline check + Support x-amz-copy-source-if-* for Upload Part Copy + Add check the range of partNumber for Upload part. + Assemble similar stuffs into a validation method + Fix a limit validation to be in integer range + Fix canned acl to be effective for s3_acl + Fix response of PUT Object Copy requests + Fix ACL of Multipart upload. + Cleanup pipeline_check config and its description + Fix response of Upload Part Copy requests + Fix response of Upload Part Copy requests + Fix to be able to change the maximum value of partNumber for Upload Part + Fix default maximum value of max-parts for List Parts + Fix Swift3 to skip S3 authorization after initial authentication + Support x-amz-meta-* for Initiate Multipart Upload + Fix the response of GET Service to get only buckets owner are request user + Use swift.common.utils.json + Force error instantiation + Remove handmade json patterns + Update README. + Keystone_token is no longer needed + Register swift3 info to swift APIs(/info). + Fix List Multipart Uploads to get multipart uploads contain slash in key + Fix the version of Swift that required to install Swift3 + Fix get_validated_param and APIs related to this method + output access log of subrequests from swift3 to proxy-server + Update doc about force_swift_request_proxy_log + Draft: Change functional tests to the new structure. + Enable reset to retry up to RETRAY_COUNT + Add documentation on s3_test_client + Refactor Functional Test Cases + Add Functional Tests for PUT Object Copy + Small refactor on list uploads + Support delimiter for List Multipart Uploads + Add document and refactor a bit + Add Functional Tests of normal for ACL + Add functional tests for normal statuses of Delete Multiple Objects + Add functional error tests for Delete Multiple Objects + Fix error handling of reset method in s3_test_client.py + Add functional tests of error for ACL + Add environment of s3acl to tox + Fix DELETE object response + Move container_info to Request class + Add Functional Tests of input param test of normal for DELETE Multiple Objects + Add Functional Tests of input parameter test of normal for Object + Make multi-range functional test to be more strict + Use common libraries for timestamp + Add src to src copy functional test + Use singular variable name for the single content + Add Functional Tests of input parameter test of normal for Bucket + Add assertion for Copied Object + Fix list multi uploads response + Object Creation Assertion, everywhare + assert_common_response_headers to TestCase class + Fix initiate multi_upload + Fix get_container_info authentication + list uploads should fail w/o the bucket + Add functional tests for normal statuses of Multipart Upload + Use singular variable name for the single content + More strict functional tests for multi-upload + Fix last-modified format on the copy result + Add mktime function to test.functional.utils + Fix lost response headers + Fix upload part error handling + Refactor container existence checking + Move acl related functions to acl_utils.py + Fix non-exist bucket bugs on multi-upload + Fix invalid canned acl response + Add functional error tests for Multipart Upload + S3 allows fewer etags than actual uploaded parts + Add unit tests for test_subresource + More tests for logging controller for coverage ------------------------------------------------------------------- Thu Nov 21 01:16:26 UTC 2013 - cloud-devel@suse.de - Update to latest git (9a2ce5e): + preven double-quoting object name + fix requests without object_name ------------------------------------------------------------------- Wed Nov 13 09:31:55 UTC 2013 - speilicke@suse.com - Update to version 1.7+git.1379116028.c367e2f: + Issue #49 - fixed Date and ExpireDate checking logic Cleaned up PEP8 and Flake8 formatting errors.canonical_string refactoring + fix typing in middleware comment + Undo part of patch by Willys + Add a error of EntityTooLarge + fix signature generation - Fix set_version service by changing the version from "v1.7..." to "1.7". Since RPM comparison says numbers are bigger than characters, it's just an ordinary version update ------------------------------------------------------------------- Tue Jul 2 11:43:51 UTC 2013 - speilicke@suse.com - Install HTML documentation ------------------------------------------------------------------- Tue Jul 2 11:35:57 UTC 2013 - speilicke@suse.com - Initial version