swift 2.23.2__py3-none-any.whl → 2.35.0__py3-none-any.whl

swift/common/middleware/crypto/encrypter.py

@@ -25,9 +25,9 @@ from swift.common.request_helpers import get_object_transient_sysmeta, \
     strip_user_meta_prefix, is_user_meta, update_etag_is_at_header, \
     get_container_update_override_key
 from swift.common.swob import Request, Match, HTTPException, \
-    HTTPUnprocessableEntity, wsgi_to_bytes, bytes_to_wsgi
+    HTTPUnprocessableEntity, wsgi_to_bytes, bytes_to_wsgi, normalize_etag
 from swift.common.utils import get_logger, config_true_value, \
-    MD5_OF_EMPTY_STRING
+    MD5_OF_EMPTY_STRING, md5, InputProxy
 
 
 def encrypt_header_val(crypto, value, key):
@@ -66,11 +66,11 @@ def _hmac_etag(key, etag):
     return base64.b64encode(result).decode()
 
 
-class EncInputWrapper(object):
+class EncInputWrapper(InputProxy):
     """File-like object to be swapped in for wsgi.input."""
     def __init__(self, crypto, keys, req, logger):
+        super().__init__(req.environ['wsgi.input'])
         self.env = req.environ
-        self.wsgi_input = req.environ['wsgi.input']
         self.path = req.path
         self.crypto = crypto
         self.body_crypto_ctxt = None
@@ -91,8 +91,8 @@ class EncInputWrapper(object):
             self.body_crypto_meta['key_id'] = self.keys['id']
             self.body_crypto_ctxt = self.crypto.create_encryption_ctxt(
                 body_key, self.body_crypto_meta.get('iv'))
-            self.plaintext_md5 = hashlib.md5()
-            self.ciphertext_md5 = hashlib.md5()
+            self.plaintext_md5 = md5(usedforsecurity=False)
+            self.ciphertext_md5 = md5(usedforsecurity=False)
 
     def install_footers_callback(self, req):
         # the proxy controller will call back for footer metadata after
@@ -166,7 +166,7 @@ class EncInputWrapper(object):
                 # value, with the crypto parameters appended. We use the
                 # container key here so that only that key is required to
                 # decrypt all etag values in a container listing when handling
-                # a container GET request. Don't encrypt an EMPTY_ETAG
+                # a container GET request. Don't encrypt an MD5_OF_EMPTY_STRING
                 # unless there actually was some body content, in which case
                 # the container-listing etag is possibly conveying some
                 # non-obvious information.
@@ -180,15 +180,7 @@ class EncInputWrapper(object):
 
         req.environ['swift.callback.update_footers'] = footers_callback
 
-    def read(self, *args, **kwargs):
-        return self.readChunk(self.wsgi_input.read, *args, **kwargs)
-
-    def readline(self, *args, **kwargs):
-        return self.readChunk(self.wsgi_input.readline, *args, **kwargs)
-
-    def readChunk(self, read_method, *args, **kwargs):
-        chunk = read_method(*args, **kwargs)
-
+    def chunk_update(self, chunk, eof, *args, **kwargs):
         if chunk:
             self._init_encryption_context()
             self.plaintext_md5.update(chunk)
@@ -263,7 +255,7 @@ class EncrypterObjContext(CryptoWSGIContext):
             ciphertext_etag = enc_input_proxy.ciphertext_md5.hexdigest()
             mod_resp_headers = [
                 (h, v if (h.lower() != 'etag' or
-                          v.strip('"') != ciphertext_etag)
+                          normalize_etag(v) != ciphertext_etag)
                     else plaintext_etag)
                 for h, v in mod_resp_headers]
 
@@ -369,7 +361,10 @@ class Encrypter(object):
             return self.app(env, start_response)
         try:
             req.split_path(4, 4, True)
+            is_object_request = True
         except ValueError:
+            is_object_request = False
+        if not is_object_request:
             return self.app(env, start_response)
 
         if req.method in ('GET', 'HEAD'):

swift/common/middleware/crypto/keymaster.py

@@ -14,7 +14,6 @@
 # limitations under the License.
 import hashlib
 import hmac
-import six
 
 from swift.common.exceptions import UnknownSecretIdError
 from swift.common.middleware.crypto.crypto_utils import CRYPTO_KEY_CALLBACK
@@ -101,14 +100,9 @@ class KeyMasterContext(WSGIContext):
                 # Older py3 proxies may have written down crypto meta as WSGI
                 # strings; we still need to be able to read that
                 try:
-                    if six.PY2:
-                        alt_path = tuple(
-                            part.decode('utf-8').encode('latin1')
-                            for part in (key_acct, key_cont, key_obj))
-                    else:
-                        alt_path = tuple(
-                            part.encode('latin1').decode('utf-8')
-                            for part in (key_acct, key_cont, key_obj))
+                    alt_path = tuple(
+                        part.encode('latin1').decode('utf-8')
+                        for part in (key_acct, key_cont, key_obj))
                 except UnicodeError:
                     # Well, it was worth a shot
                     pass
@@ -208,10 +202,10 @@ class BaseKeyMaster(object):
 
     This provides some basic helpers for:
 
-        - loading from a separate config path,
-        - deriving keys based on path, and
-        - installing a ``swift.callback.fetch_crypto_keys`` hook
-          in the request environment.
+    - loading from a separate config path,
+    - deriving keys based on path, and
+    - installing a ``swift.callback.fetch_crypto_keys`` hook
+      in the request environment.
 
     Subclasses should define ``log_route``, ``keymaster_opts``, and
     ``keymaster_conf_section`` attributes, and implement the
@@ -336,8 +330,7 @@ class BaseKeyMaster(object):
             self.logger.warning('Unrecognised secret id: %s' % secret_id)
             raise UnknownSecretIdError(secret_id)
         else:
-            if not six.PY2:
-                path = path.encode('utf-8')
+            path = path.encode('utf-8')
             return hmac.new(key, path, digestmod=hashlib.sha256).digest()
 
 

swift/common/middleware/crypto/kms_keymaster.py

@@ -34,7 +34,7 @@ class KmsKeyMaster(BaseKeyMaster):
                       'domain_id', 'domain_name', 'project_id',
                       'project_domain_id', 'reauthenticate',
                       'auth_endpoint', 'api_class', 'key_id*',
-                      'active_root_secret_id')
+                      'barbican_endpoint', 'active_root_secret_id')
     keymaster_conf_section = 'kms_keymaster'
 
     def _get_root_secret(self, conf):
@@ -67,6 +67,7 @@ class KmsKeyMaster(BaseKeyMaster):
         oslo_conf = cfg.ConfigOpts()
         options.set_defaults(
             oslo_conf, auth_endpoint=conf.get('auth_endpoint'),
+            barbican_endpoint=conf.get('barbican_endpoint'),
             api_class=conf.get('api_class')
         )
         options.enable_logging()

swift/common/middleware/dlo.py

@@ -120,18 +120,17 @@ Here's an example using ``curl`` with tiny 1-byte segments::
 
 import json
 
-import six
-
-from hashlib import md5
 from swift.common import constraints
 from swift.common.exceptions import ListingIterError, SegmentError
 from swift.common.http import is_success
-from swift.common.swob import Request, Response, \
+from swift.common.swob import Request, Response, HTTPException, \
     HTTPRequestedRangeNotSatisfiable, HTTPBadRequest, HTTPConflict, \
-    str_to_wsgi, wsgi_to_str, wsgi_quote, wsgi_unquote
+    str_to_wsgi, wsgi_to_str, wsgi_quote, wsgi_unquote, normalize_etag
 from swift.common.utils import get_logger, \
-    RateLimitedIterator, quote, close_if_possible, closing_if_possible
-from swift.common.request_helpers import SegmentedIterable
+    RateLimitedIterator, quote, close_if_possible, closing_if_possible, \
+    drain_and_close, md5
+from swift.common.request_helpers import SegmentedIterable, \
+    update_ignore_range_header
 from swift.common.wsgi import WSGIContext, make_subrequest, load_app_config
 
 
@@ -206,8 +205,6 @@ class GetContext(WSGIContext):
                     break
 
                 seg_name = segment['name']
-                if six.PY2:
-                    seg_name = seg_name.encode("utf-8")
 
                 # We deliberately omit the etag and size here;
                 # SegmentedIterable will check size and etag if
@@ -331,9 +328,9 @@ class GetContext(WSGIContext):
         if have_complete_listing:
             response_headers = [(h, v) for h, v in response_headers
                                 if h.lower() != "etag"]
-            etag = md5()
+            etag = md5(usedforsecurity=False)
             for seg_dict in segments:
-                etag.update(seg_dict['hash'].strip('"').encode('utf8'))
+                etag.update(normalize_etag(seg_dict['hash']).encode('utf8'))
             response_headers.append(('Etag', '"%s"' % etag.hexdigest()))
 
         app_iter = None
@@ -353,6 +350,8 @@ class GetContext(WSGIContext):
 
             try:
                 app_iter.validate_first_segment()
+            except HTTPException as err_resp:
+                return err_resp
             except (SegmentError, ListingIterError):
                 return HTTPConflict(request=req)
 
@@ -369,11 +368,16 @@ class GetContext(WSGIContext):
 
         Otherwise, simply pass it through.
         """
+        update_ignore_range_header(req, 'X-Object-Manifest')
         resp_iter = self._app_call(req.environ)
 
         # make sure this response is for a dynamic large object manifest
         for header, value in self._response_headers:
             if (header.lower() == 'x-object-manifest'):
+                content_length = self._response_header_value('content-length')
+                if content_length is not None and int(content_length) < 1024:
+                    # Go ahead and consume small bodies
+                    drain_and_close(resp_iter)
                 close_if_possible(resp_iter)
                 response = self.get_or_head_response(
                     req, wsgi_to_str(wsgi_unquote(value)))

swift/common/middleware/domain_remap.py

@@ -99,9 +99,9 @@ storage end points as sync destinations.
 """
 
 from swift.common.middleware import RewriteContext
-from swift.common.swob import Request, HTTPBadRequest
-from swift.common.utils import config_true_value, list_from_csv, \
-    register_swift_info
+from swift.common.swob import Request, HTTPBadRequest, wsgi_quote
+from swift.common.utils import config_true_value, list_from_csv
+from swift.common.registry import register_swift_info
 
 
 class _DomainRemapContext(RewriteContext):
@@ -192,7 +192,8 @@ class DomainRemapMiddleware(object):
             new_path = '/'.join(new_path_parts)
             env['PATH_INFO'] = new_path
 
-            context = _DomainRemapContext(self.app, requested_path, new_path)
+            context = _DomainRemapContext(
+                self.app, wsgi_quote(requested_path), wsgi_quote(new_path))
             return context.handle_request(env, start_response)
 
         return self.app(env, start_response)

swift/common/middleware/etag_quoter.py

@@ -0,0 +1,128 @@
+# Copyright (c) 2010-2020 OpenStack Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This middleware fix the Etag header of responses so that it is RFC compliant.
+`RFC 7232 <https://tools.ietf.org/html/rfc7232#section-2.3>`__ specifies that
+the value of the Etag header must be double quoted.
+
+It must be placed at the beggining of the pipeline, right after cache::
+
+   [pipeline:main]
+   pipeline = ...  cache etag-quoter ...
+
+   [filter:etag-quoter]
+   use = egg:swift#etag_quoter
+
+Set ``X-Account-Rfc-Compliant-Etags: true`` at the account
+level to have any Etags in object responses be double quoted, as in
+``"d41d8cd98f00b204e9800998ecf8427e"``. Alternatively, you may
+only fix Etags in a single container by setting
+``X-Container-Rfc-Compliant-Etags: true`` on the container.
+This may be necessary for Swift to work properly with some CDNs.
+
+Either option may also be explicitly *disabled*, so you may enable quoted
+Etags account-wide as above but turn them off for individual containers
+with ``X-Container-Rfc-Compliant-Etags: false``. This may be
+useful if some subset of applications expect Etags to be bare MD5s.
+"""
+
+from swift.common.constraints import valid_api_version
+from swift.common.http import is_success
+from swift.common.swob import Request
+from swift.common.utils import config_true_value
+from swift.common.registry import register_swift_info
+from swift.proxy.controllers.base import get_account_info, get_container_info
+
+
+class EtagQuoterMiddleware(object):
+    def __init__(self, app, conf):
+        self.app = app
+        self.conf = conf
+
+    def __call__(self, env, start_response):
+        req = Request(env)
+        try:
+            version, account, container, obj = req.split_path(
+                2, 4, rest_with_last=True)
+            is_swifty_request = valid_api_version(version)
+        except ValueError:
+            is_swifty_request = False
+
+        if not is_swifty_request:
+            return self.app(env, start_response)
+
+        if not obj:
+            typ = 'Container' if container else 'Account'
+            client_header = 'X-%s-Rfc-Compliant-Etags' % typ
+            sysmeta_header = 'X-%s-Sysmeta-Rfc-Compliant-Etags' % typ
+            if client_header in req.headers:
+                if req.headers[client_header]:
+                    req.headers[sysmeta_header] = config_true_value(
+                        req.headers[client_header])
+                else:
+                    req.headers[sysmeta_header] = ''
+            if req.headers.get(client_header.replace('X-', 'X-Remove-', 1)):
+                req.headers[sysmeta_header] = ''
+
+            def translating_start_response(status, headers, exc_info=None):
+                return start_response(status, [
+                    (client_header if h.title() == sysmeta_header else h,
+                     v) for h, v in headers
+                ], exc_info)
+
+            return self.app(env, translating_start_response)
+
+        container_info = get_container_info(env, self.app, 'EQ')
+        if not container_info or not is_success(container_info['status']):
+            return self.app(env, start_response)
+
+        flag = container_info.get('sysmeta', {}).get('rfc-compliant-etags')
+        if flag is None:
+            account_info = get_account_info(env, self.app, 'EQ')
+            if not account_info or not is_success(account_info['status']):
+                return self.app(env, start_response)
+
+            flag = account_info.get('sysmeta', {}).get(
+                'rfc-compliant-etags')
+
+        if flag is None:
+            flag = self.conf.get('enable_by_default', 'false')
+
+        if not config_true_value(flag):
+            return self.app(env, start_response)
+
+        status, headers, resp_iter = req.call_application(self.app)
+
+        headers = [
+            (header, value) if header.lower() != 'etag' or (
+                value.startswith(('"', 'W/"')) and value.endswith('"'))
+            else (header, '"%s"' % value)
+            for header, value in headers]
+
+        start_response(status, headers)
+        return resp_iter
+
+
+def filter_factory(global_conf, **local_conf):
+    conf = global_conf.copy()
+    conf.update(local_conf)
+    register_swift_info(
+        'etag_quoter', enable_by_default=config_true_value(
+            conf.get('enable_by_default', 'false')))
+
+    def etag_quoter_filter(app):
+        return EtagQuoterMiddleware(app, conf)
+    return etag_quoter_filter

swift/common/middleware/formpost.py

@@ -84,11 +84,11 @@ desired.
 The expires attribute is the Unix timestamp before which the form
 must be submitted before it is invalidated.
 
-The signature attribute is the HMAC-SHA1 signature of the form. Here is
+The signature attribute is the HMAC signature of the form. Here is
 sample code for computing the signature::
 
     import hmac
-    from hashlib import sha1
+    from hashlib import sha512
     from time import time
     path = '/v1/account/container/object_prefix'
     redirect = 'https://srv.com/some-page'  # set to '' if redirect not in form
@@ -98,7 +98,7 @@ sample code for computing the signature::
     key = 'mykey'
     hmac_body = '%s\n%s\n%s\n%s\n%s' % (path, redirect,
         max_file_size, max_file_count, expires)
-    signature = hmac.new(key, hmac_body, sha1).hexdigest()
+    signature = hmac.new(key, hmac_body, sha512).hexdigest()
 
 The key is the value of either the account (X-Account-Meta-Temp-URL-Key,
 X-Account-Meta-Temp-Url-Key-2) or the container
@@ -123,20 +123,22 @@ the file are simply ignored).
 __all__ = ['FormPost', 'filter_factory', 'READ_CHUNK_SIZE', 'MAX_VALUE_LENGTH']
 
 import hmac
-from hashlib import sha1
 from time import time
 
-import six
-from six.moves.urllib.parse import quote
+from urllib.parse import quote
 
 from swift.common.constraints import valid_api_version
 from swift.common.exceptions import MimeInvalid
 from swift.common.middleware.tempurl import get_tempurl_keys_from_metadata
-from swift.common.utils import streq_const_time, register_swift_info, \
-    parse_content_disposition, parse_mime_headers, \
-    iter_multipart_mime_documents, reiterate, close_if_possible
-from swift.common.wsgi import make_pre_authed_env
+from swift.common.digest import get_allowed_digests, \
+    extract_digest_and_algorithm, DEFAULT_ALLOWED_DIGESTS
+from swift.common.utils import streq_const_time, parse_content_disposition, \
+    parse_mime_headers, iter_multipart_mime_documents, reiterate, \
+    closing_if_possible, get_logger, InputProxy
+from swift.common.registry import register_swift_info
+from swift.common.wsgi import WSGIContext, make_pre_authed_env
 from swift.common.swob import HTTPUnauthorized, wsgi_to_str, str_to_wsgi
+from swift.common.http import is_success
 from swift.proxy.controllers.base import get_account_info, get_container_info
 
 
@@ -156,7 +158,7 @@ class FormUnauthorized(Exception):
     pass
 
 
-class _CappedFileLikeObject(object):
+class _CappedFileLikeObject(InputProxy):
     """
     A file-like object wrapping another file-like object that raises
     an EOFError if the amount of data read exceeds a given
@@ -168,26 +170,15 @@ class _CappedFileLikeObject(object):
     """
 
     def __init__(self, fp, max_file_size):
-        self.fp = fp
+        super().__init__(fp)
         self.max_file_size = max_file_size
-        self.amount_read = 0
         self.file_size_exceeded = False
 
-    def read(self, size=None):
-        ret = self.fp.read(size)
-        self.amount_read += len(ret)
-        if self.amount_read > self.max_file_size:
+    def chunk_update(self, chunk, eof, *args, **kwargs):
+        if self.bytes_received > self.max_file_size:
             self.file_size_exceeded = True
             raise EOFError('max_file_size exceeded')
-        return ret
-
-    def readline(self):
-        ret = self.fp.readline()
-        self.amount_read += len(ret)
-        if self.amount_read > self.max_file_size:
-            self.file_size_exceeded = True
-            raise EOFError('max_file_size exceeded')
-        return ret
+        return chunk
 
 
 class FormPost(object):
@@ -204,11 +195,17 @@ class FormPost(object):
     :param conf: The configuration dict for the middleware.
     """
 
-    def __init__(self, app, conf):
+    def __init__(self, app, conf, logger=None):
         #: The next WSGI application/filter in the paste.deploy pipeline.
         self.app = app
         #: The filter configuration dict.
         self.conf = conf
+        self.logger = logger or get_logger(conf, log_route='formpost')
+        # Defaulting to SUPPORTED_DIGESTS just so we don't completely
+        # deprecate sha1 yet. We'll change this to DEFAULT_ALLOWED_DIGESTS
+        # later.
+        self.allowed_digests = conf.get(
+            'allowed_digests', DEFAULT_ALLOWED_DIGESTS.split())
 
     def __call__(self, env, start_response):
         """
@@ -239,9 +236,7 @@ class FormPost(object):
                      ('Content-Length', str(len(body)))))
                 return [body]
             except (FormInvalid, EOFError) as err:
-                body = 'FormPost: %s' % err
-                if six.PY3:
-                    body = body.encode('utf-8')
+                body = ('FormPost: %s' % err).encode('utf-8')
                 start_response(
                     '400 Bad Request',
                     (('Content-Type', 'text/plain'),
@@ -263,11 +258,12 @@ class FormPost(object):
         :returns: status_line, headers_list, body
         """
         keys = self._get_keys(env)
-        if six.PY3:
-            boundary = boundary.encode('utf-8')
+        boundary = boundary.encode('utf-8')
         status = message = ''
         attributes = {}
+        file_attributes = {}
         subheaders = []
+        resp_body = None
         file_count = 0
         for fp in iter_multipart_mime_documents(
                 env['wsgi.input'], boundary, read_chunk_size=READ_CHUNK_SIZE):
@@ -283,16 +279,19 @@ class FormPost(object):
                         break
                 except ValueError:
                     raise FormInvalid('max_file_count not an integer')
-                attributes['filename'] = attrs['filename'] or 'filename'
+                file_attributes = attributes.copy()
+                file_attributes['filename'] = attrs['filename'] or 'filename'
                 if 'content-type' not in attributes and 'content-type' in hdrs:
-                    attributes['content-type'] = \
+                    file_attributes['content-type'] = \
                         hdrs['Content-Type'] or 'application/octet-stream'
                 if 'content-encoding' not in attributes and \
                         'content-encoding' in hdrs:
-                    attributes['content-encoding'] = hdrs['Content-Encoding']
-                status, subheaders = \
-                    self._perform_subrequest(env, attributes, fp, keys)
-                if not status.startswith('2'):
+                    file_attributes['content-encoding'] = \
+                        hdrs['Content-Encoding']
+                status, subheaders, resp_body = \
+                    self._perform_subrequest(env, file_attributes, fp, keys)
+                status_code = int(status.split(' ', 1)[0])
+                if not is_success(status_code):
                     break
             else:
                 data = b''
@@ -305,14 +304,14 @@ class FormPost(object):
                     data += chunk
                 while fp.read(READ_CHUNK_SIZE):
                     pass
-                if six.PY3:
-                    data = data.decode('utf-8')
+                data = data.decode('utf-8')
                 if 'name' in attrs:
                     attributes[attrs['name'].lower()] = data.rstrip('\r\n--')
         if not status:
             status = '400 Bad Request'
             message = 'no files to process'
 
+        status_code = int(status.split(' ', 1)[0])
         headers = [(k, v) for k, v in subheaders
                    if k.lower().startswith('access-control')]
 
@@ -321,21 +320,21 @@ class FormPost(object):
             body = status
             if message:
                 body = status + '\r\nFormPost: ' + message.title()
+            body = body.encode('utf-8')
+            if not is_success(status_code) and resp_body:
+                body = resp_body
             headers.extend([('Content-Type', 'text/plain'),
                             ('Content-Length', len(body))])
-            if six.PY3:
-                body = body.encode('utf-8')
             return status, headers, body
-        status = status.split(' ', 1)[0]
         if '?' in redirect:
             redirect += '&'
         else:
             redirect += '?'
-        redirect += 'status=%s&message=%s' % (quote(status), quote(message))
+        redirect += 'status=%s&message=%s' % (quote(str(status_code)),
+                                              quote(message))
         body = '<html><body><p><a href="%s">' \
                'Click to continue...</a></p></body></html>' % redirect
-        if six.PY3:
-            body = body.encode('utf-8')
+        body = body.encode('utf-8')
         headers.extend(
             [('Location', redirect), ('Content-Length', str(len(body)))])
         return '303 See Other', headers, body
@@ -397,37 +396,35 @@ class FormPost(object):
             attributes.get('max_file_size') or '0',
             attributes.get('max_file_count') or '0',
             attributes.get('expires') or '0')
-        if six.PY3:
-            hmac_body = hmac_body.encode('utf-8')
+        hmac_body = hmac_body.encode('utf-8')
 
         has_valid_sig = False
+        signature = attributes.get('signature', '')
+        try:
+            hash_name, signature = extract_digest_and_algorithm(signature)
+        except ValueError:
+            raise FormUnauthorized('invalid signature')
+        if hash_name not in self.allowed_digests:
+            raise FormUnauthorized('invalid signature')
+
         for key in keys:
             # Encode key like in swift.common.utls.get_hmac.
-            if not isinstance(key, six.binary_type):
+            if not isinstance(key, bytes):
                 key = key.encode('utf8')
-            sig = hmac.new(key, hmac_body, sha1).hexdigest()
-            if streq_const_time(sig, (attributes.get('signature') or
-                                      'invalid')):
+            sig = hmac.new(key, hmac_body, hash_name).hexdigest()
+            if streq_const_time(sig, signature):
                 has_valid_sig = True
         if not has_valid_sig:
             raise FormUnauthorized('invalid signature')
-
-        substatus = [None]
-        subheaders = [None]
-
+        self.logger.increment('formpost.digests.%s' % hash_name)
+        wsgi_ctx = WSGIContext(self.app)
         wsgi_input = subenv['wsgi.input']
-
-        def _start_response(status, headers, exc_info=None):
-            if wsgi_input.file_size_exceeded:
-                raise EOFError("max_file_size exceeded")
-
-            substatus[0] = status
-            subheaders[0] = headers
-
-        # reiterate to ensure the response started,
-        # but drop any data on the floor
-        close_if_possible(reiterate(self.app(subenv, _start_response)))
-        return substatus[0], subheaders[0]
+        resp = wsgi_ctx._app_call(subenv)
+        if wsgi_input.file_size_exceeded:
+            raise EOFError("max_file_size exceeded")
+        with closing_if_possible(reiterate(resp)):
+            body = b''.join(resp)
+        return wsgi_ctx._response_status, wsgi_ctx._response_headers, body
 
     def _get_keys(self, env):
         """
@@ -463,6 +460,12 @@ def filter_factory(global_conf, **local_conf):
     conf = global_conf.copy()
     conf.update(local_conf)
 
-    register_swift_info('formpost')
-
+    logger = get_logger(conf, log_route='formpost')
+    allowed_digests, deprecated_digests = get_allowed_digests(
+        conf.get('allowed_digests', '').split(), logger)
+    info = {'allowed_digests': sorted(allowed_digests)}
+    if deprecated_digests:
+        info['deprecated_digests'] = sorted(deprecated_digests)
+    register_swift_info('formpost', **info)
+    conf.update(info)
     return lambda app: FormPost(app, conf)