PyPI - swift - Versions diffs - 2.23.3__py3-none-any.whl → 2.35.0__py3-none-any.whl - Mend

swift 2.23.3py3-none-any.whl → 2.35.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (206) hide show

swift/__init__.py +29 -50
swift/account/auditor.py +21 -118
swift/account/backend.py +33 -28
swift/account/reaper.py +37 -28
swift/account/replicator.py +22 -0
swift/account/server.py +60 -26
swift/account/utils.py +28 -11
swift-2.23.3.data/scripts/swift-account-audit → swift/cli/account_audit.py +23 -13
swift-2.23.3.data/scripts/swift-config → swift/cli/config.py +2 -2
swift/cli/container_deleter.py +5 -11
swift-2.23.3.data/scripts/swift-dispersion-populate → swift/cli/dispersion_populate.py +8 -7
swift/cli/dispersion_report.py +10 -9
swift-2.23.3.data/scripts/swift-drive-audit → swift/cli/drive_audit.py +63 -21
swift/cli/form_signature.py +3 -7
swift-2.23.3.data/scripts/swift-get-nodes → swift/cli/get_nodes.py +8 -2
swift/cli/info.py +154 -14
swift/cli/manage_shard_ranges.py +705 -37
swift-2.23.3.data/scripts/swift-oldies → swift/cli/oldies.py +25 -14
swift-2.23.3.data/scripts/swift-orphans → swift/cli/orphans.py +7 -3
swift/cli/recon.py +196 -67
swift-2.23.3.data/scripts/swift-recon-cron → swift/cli/recon_cron.py +17 -20
swift-2.23.3.data/scripts/swift-reconciler-enqueue → swift/cli/reconciler_enqueue.py +2 -3
swift/cli/relinker.py +807 -126
swift/cli/reload.py +135 -0
swift/cli/ringbuilder.py +217 -20
swift/cli/ringcomposer.py +0 -1
swift/cli/shard-info.py +4 -3
swift/common/base_storage_server.py +9 -20
swift/common/bufferedhttp.py +48 -74
swift/common/constraints.py +20 -15
swift/common/container_sync_realms.py +9 -11
swift/common/daemon.py +25 -8
swift/common/db.py +195 -128
swift/common/db_auditor.py +168 -0
swift/common/db_replicator.py +95 -55
swift/common/digest.py +141 -0
swift/common/direct_client.py +144 -33
swift/common/error_limiter.py +93 -0
swift/common/exceptions.py +25 -1
swift/common/header_key_dict.py +2 -9
swift/common/http_protocol.py +373 -0
swift/common/internal_client.py +129 -59
swift/common/linkat.py +3 -4
swift/common/manager.py +284 -67
swift/common/memcached.py +390 -145
swift/common/middleware/__init__.py +4 -0
swift/common/middleware/account_quotas.py +211 -46
swift/common/middleware/acl.py +3 -8
swift/common/middleware/backend_ratelimit.py +230 -0
swift/common/middleware/bulk.py +22 -34
swift/common/middleware/catch_errors.py +1 -3
swift/common/middleware/cname_lookup.py +6 -11
swift/common/middleware/container_quotas.py +1 -1
swift/common/middleware/container_sync.py +39 -17
swift/common/middleware/copy.py +12 -0
swift/common/middleware/crossdomain.py +22 -9
swift/common/middleware/crypto/__init__.py +2 -1
swift/common/middleware/crypto/crypto_utils.py +11 -15
swift/common/middleware/crypto/decrypter.py +28 -11
swift/common/middleware/crypto/encrypter.py +12 -17
swift/common/middleware/crypto/keymaster.py +8 -15
swift/common/middleware/crypto/kms_keymaster.py +2 -1
swift/common/middleware/dlo.py +15 -11
swift/common/middleware/domain_remap.py +5 -4
swift/common/middleware/etag_quoter.py +128 -0
swift/common/middleware/formpost.py +73 -70
swift/common/middleware/gatekeeper.py +8 -1
swift/common/middleware/keystoneauth.py +33 -3
swift/common/middleware/list_endpoints.py +4 -4
swift/common/middleware/listing_formats.py +85 -49
swift/common/middleware/memcache.py +4 -95
swift/common/middleware/name_check.py +3 -2
swift/common/middleware/proxy_logging.py +160 -92
swift/common/middleware/ratelimit.py +17 -10
swift/common/middleware/read_only.py +6 -4
swift/common/middleware/recon.py +59 -22
swift/common/middleware/s3api/acl_handlers.py +25 -3
swift/common/middleware/s3api/acl_utils.py +6 -1
swift/common/middleware/s3api/controllers/__init__.py +6 -0
swift/common/middleware/s3api/controllers/acl.py +3 -2
swift/common/middleware/s3api/controllers/bucket.py +242 -137
swift/common/middleware/s3api/controllers/logging.py +2 -2
swift/common/middleware/s3api/controllers/multi_delete.py +43 -20
swift/common/middleware/s3api/controllers/multi_upload.py +219 -133
swift/common/middleware/s3api/controllers/obj.py +112 -8
swift/common/middleware/s3api/controllers/object_lock.py +44 -0
swift/common/middleware/s3api/controllers/s3_acl.py +2 -2
swift/common/middleware/s3api/controllers/tagging.py +57 -0
swift/common/middleware/s3api/controllers/versioning.py +36 -7
swift/common/middleware/s3api/etree.py +22 -9
swift/common/middleware/s3api/exception.py +0 -4
swift/common/middleware/s3api/s3api.py +113 -41
swift/common/middleware/s3api/s3request.py +384 -218
swift/common/middleware/s3api/s3response.py +126 -23
swift/common/middleware/s3api/s3token.py +16 -17
swift/common/middleware/s3api/schema/delete.rng +1 -1
swift/common/middleware/s3api/subresource.py +7 -10
swift/common/middleware/s3api/utils.py +27 -10
swift/common/middleware/slo.py +665 -358
swift/common/middleware/staticweb.py +64 -37
swift/common/middleware/symlink.py +51 -18
swift/common/middleware/tempauth.py +76 -58
swift/common/middleware/tempurl.py +191 -173
swift/common/middleware/versioned_writes/__init__.py +51 -0
swift/common/middleware/{versioned_writes.py → versioned_writes/legacy.py} +27 -26
swift/common/middleware/versioned_writes/object_versioning.py +1482 -0
swift/common/middleware/x_profile/exceptions.py +1 -4
swift/common/middleware/x_profile/html_viewer.py +18 -19
swift/common/middleware/x_profile/profile_model.py +1 -2
swift/common/middleware/xprofile.py +10 -10
swift-2.23.3.data/scripts/swift-container-server → swift/common/recon.py +13 -8
swift/common/registry.py +147 -0
swift/common/request_helpers.py +324 -57
swift/common/ring/builder.py +67 -25
swift/common/ring/composite_builder.py +1 -1
swift/common/ring/ring.py +177 -51
swift/common/ring/utils.py +1 -1
swift/common/splice.py +10 -6
swift/common/statsd_client.py +205 -0
swift/common/storage_policy.py +49 -44
swift/common/swob.py +86 -102
swift/common/{utils.py → utils/__init__.py} +2163 -2772
swift/common/utils/base.py +131 -0
swift/common/utils/config.py +433 -0
swift/common/utils/ipaddrs.py +256 -0
swift/common/utils/libc.py +345 -0
swift/common/utils/logs.py +859 -0
swift/common/utils/timestamp.py +412 -0
swift/common/wsgi.py +553 -535
swift/container/auditor.py +14 -100
swift/container/backend.py +490 -231
swift/container/reconciler.py +126 -37
swift/container/replicator.py +96 -22
swift/container/server.py +358 -165
swift/container/sharder.py +1540 -684
swift/container/sync.py +94 -88
swift/container/updater.py +53 -32
swift/obj/auditor.py +153 -35
swift/obj/diskfile.py +466 -217
swift/obj/expirer.py +406 -124
swift/obj/mem_diskfile.py +7 -4
swift/obj/mem_server.py +1 -0
swift/obj/reconstructor.py +523 -262
swift/obj/replicator.py +249 -188
swift/obj/server.py +207 -122
swift/obj/ssync_receiver.py +145 -85
swift/obj/ssync_sender.py +113 -54
swift/obj/updater.py +652 -139
swift/obj/watchers/__init__.py +0 -0
swift/obj/watchers/dark_data.py +213 -0
swift/proxy/controllers/account.py +11 -11
swift/proxy/controllers/base.py +848 -604
swift/proxy/controllers/container.py +433 -92
swift/proxy/controllers/info.py +3 -2
swift/proxy/controllers/obj.py +1000 -489
swift/proxy/server.py +185 -112
{swift-2.23.3.dist-info → swift-2.35.0.dist-info}/AUTHORS +58 -11
{swift-2.23.3.dist-info → swift-2.35.0.dist-info}/METADATA +51 -56
swift-2.35.0.dist-info/RECORD +201 -0
{swift-2.23.3.dist-info → swift-2.35.0.dist-info}/WHEEL +1 -1
{swift-2.23.3.dist-info → swift-2.35.0.dist-info}/entry_points.txt +43 -0
swift-2.35.0.dist-info/pbr.json +1 -0
swift/locale/de/LC_MESSAGES/swift.po +0 -1216
swift/locale/en_GB/LC_MESSAGES/swift.po +0 -1207
swift/locale/es/LC_MESSAGES/swift.po +0 -1085
swift/locale/fr/LC_MESSAGES/swift.po +0 -909
swift/locale/it/LC_MESSAGES/swift.po +0 -894
swift/locale/ja/LC_MESSAGES/swift.po +0 -965
swift/locale/ko_KR/LC_MESSAGES/swift.po +0 -964
swift/locale/pt_BR/LC_MESSAGES/swift.po +0 -881
swift/locale/ru/LC_MESSAGES/swift.po +0 -891
swift/locale/tr_TR/LC_MESSAGES/swift.po +0 -832
swift/locale/zh_CN/LC_MESSAGES/swift.po +0 -833
swift/locale/zh_TW/LC_MESSAGES/swift.po +0 -838
swift-2.23.3.data/scripts/swift-account-auditor +0 -23
swift-2.23.3.data/scripts/swift-account-info +0 -51
swift-2.23.3.data/scripts/swift-account-reaper +0 -23
swift-2.23.3.data/scripts/swift-account-replicator +0 -34
swift-2.23.3.data/scripts/swift-account-server +0 -23
swift-2.23.3.data/scripts/swift-container-auditor +0 -23
swift-2.23.3.data/scripts/swift-container-info +0 -55
swift-2.23.3.data/scripts/swift-container-reconciler +0 -21
swift-2.23.3.data/scripts/swift-container-replicator +0 -34
swift-2.23.3.data/scripts/swift-container-sharder +0 -37
swift-2.23.3.data/scripts/swift-container-sync +0 -23
swift-2.23.3.data/scripts/swift-container-updater +0 -23
swift-2.23.3.data/scripts/swift-dispersion-report +0 -24
swift-2.23.3.data/scripts/swift-form-signature +0 -20
swift-2.23.3.data/scripts/swift-init +0 -119
swift-2.23.3.data/scripts/swift-object-auditor +0 -29
swift-2.23.3.data/scripts/swift-object-expirer +0 -33
swift-2.23.3.data/scripts/swift-object-info +0 -60
swift-2.23.3.data/scripts/swift-object-reconstructor +0 -33
swift-2.23.3.data/scripts/swift-object-relinker +0 -41
swift-2.23.3.data/scripts/swift-object-replicator +0 -37
swift-2.23.3.data/scripts/swift-object-server +0 -27
swift-2.23.3.data/scripts/swift-object-updater +0 -23
swift-2.23.3.data/scripts/swift-proxy-server +0 -23
swift-2.23.3.data/scripts/swift-recon +0 -24
swift-2.23.3.data/scripts/swift-ring-builder +0 -24
swift-2.23.3.data/scripts/swift-ring-builder-analyzer +0 -22
swift-2.23.3.data/scripts/swift-ring-composer +0 -22
swift-2.23.3.dist-info/RECORD +0 -220
swift-2.23.3.dist-info/pbr.json +0 -1
{swift-2.23.3.dist-info → swift-2.35.0.dist-info}/LICENSE +0 -0
{swift-2.23.3.dist-info → swift-2.35.0.dist-info}/top_level.txt +0 -0

swift/common/middleware/s3api/s3api.py CHANGED Viewed

@@ -141,31 +141,41 @@ https://github.com/swiftstack/s3compat in detail.
 """
-from cgi import parse_header
 import json
 from paste.deploy import loadwsgi
+from urllib.parse import parse_qs
 from swift.common.constraints import valid_api_version
 from swift.common.middleware.listing_formats import \
     MAX_CONTAINER_LISTING_CONTENT_LENGTH
+from swift.common.request_helpers import append_log_info
 from swift.common.wsgi import PipelineWrapper, loadcontext, WSGIContext
+from swift.common.middleware import app_property
 from swift.common.middleware.s3api.exception import NotS3Request, \
     InvalidSubresource
 from swift.common.middleware.s3api.s3request import get_request_class
 from swift.common.middleware.s3api.s3response import ErrorResponse, \
     InternalError, MethodNotAllowed, S3ResponseBase, S3NotImplemented
-from swift.common.utils import get_logger, register_swift_info, \
-    config_true_value, config_positive_int_value, split_path, \
-    closing_if_possible
+from swift.common.utils import get_logger, config_true_value, \
+    config_positive_int_value, split_path, closing_if_possible, \
+    list_from_csv, parse_header
 from swift.common.middleware.s3api.utils import Config
 from swift.common.middleware.s3api.acl_handlers import get_acl_handler
+from swift.common.registry import register_swift_info, \
+    register_sensitive_header, register_sensitive_param
 class ListingEtagMiddleware(object):
     def __init__(self, app):
         self.app = app
+    # Pass these along so get_container_info will have the configured
+    # odds to skip cache
+    _pipeline_final_app = app_property('_pipeline_final_app')
+    _pipeline_request_logging_app = app_property(
+        '_pipeline_request_logging_app')
     def __call__(self, env, start_response):
         # a lot of this is cribbed from listing_formats / swob.Request
         if env['REQUEST_METHOD'] != 'GET':
@@ -242,59 +252,109 @@ class ListingEtagMiddleware(object):
 class S3ApiMiddleware(object):
     """S3Api: S3 compatibility middleware"""
-    def __init__(self, app, conf, *args, **kwargs):
+    def __init__(self, app, wsgi_conf, *args, **kwargs):
         self.app = app
         self.conf = Config()
         # Set default values if they are not configured
         self.conf.allow_no_owner = config_true_value(
-            conf.get('allow_no_owner', False))
-        self.conf.location = conf.get('location', 'us-east-1')
+            wsgi_conf.get('allow_no_owner', False))
+        self.conf.location = wsgi_conf.get('location', 'us-east-1')
         self.conf.dns_compliant_bucket_names = config_true_value(
-            conf.get('dns_compliant_bucket_names', True))
+            wsgi_conf.get('dns_compliant_bucket_names', True))
         self.conf.max_bucket_listing = config_positive_int_value(
-            conf.get('max_bucket_listing', 1000))
+            wsgi_conf.get('max_bucket_listing', 1000))
         self.conf.max_parts_listing = config_positive_int_value(
-            conf.get('max_parts_listing', 1000))
+            wsgi_conf.get('max_parts_listing', 1000))
         self.conf.max_multi_delete_objects = config_positive_int_value(
-            conf.get('max_multi_delete_objects', 1000))
+            wsgi_conf.get('max_multi_delete_objects', 1000))
         self.conf.multi_delete_concurrency = config_positive_int_value(
-            conf.get('multi_delete_concurrency', 2))
+            wsgi_conf.get('multi_delete_concurrency', 2))
         self.conf.s3_acl = config_true_value(
-            conf.get('s3_acl', False))
-        self.conf.storage_domain = conf.get('storage_domain', '')
+            wsgi_conf.get('s3_acl', False))
+        self.conf.storage_domains = list_from_csv(
+            wsgi_conf.get('storage_domain', ''))
         self.conf.auth_pipeline_check = config_true_value(
-            conf.get('auth_pipeline_check', True))
+            wsgi_conf.get('auth_pipeline_check', True))
         self.conf.max_upload_part_num = config_positive_int_value(
-            conf.get('max_upload_part_num', 1000))
+            wsgi_conf.get('max_upload_part_num', 1000))
         self.conf.check_bucket_owner = config_true_value(
-            conf.get('check_bucket_owner', False))
+            wsgi_conf.get('check_bucket_owner', False))
         self.conf.force_swift_request_proxy_log = config_true_value(
-            conf.get('force_swift_request_proxy_log', False))
+            wsgi_conf.get('force_swift_request_proxy_log', False))
         self.conf.allow_multipart_uploads = config_true_value(
-            conf.get('allow_multipart_uploads', True))
+            wsgi_conf.get('allow_multipart_uploads', True))
         self.conf.min_segment_size = config_positive_int_value(
-            conf.get('min_segment_size', 5242880))
+            wsgi_conf.get('min_segment_size', 5242880))
+        self.conf.allowable_clock_skew = config_positive_int_value(
+            wsgi_conf.get('allowable_clock_skew', 15 * 60))
+        self.conf.cors_preflight_allow_origin = list_from_csv(wsgi_conf.get(
+            'cors_preflight_allow_origin', ''))
+        if '*' in self.conf.cors_preflight_allow_origin and \
+                len(self.conf.cors_preflight_allow_origin) > 1:
+            raise ValueError('if cors_preflight_allow_origin should include '
+                             'all domains, * must be the only entry')
+        self.conf.ratelimit_as_client_error = config_true_value(
+            wsgi_conf.get('ratelimit_as_client_error', False))
         self.logger = get_logger(
-            conf, log_route=conf.get('log_name', 's3api'))
-        self.slo_enabled = self.conf.allow_multipart_uploads
-        self.check_pipeline(self.conf)
+            wsgi_conf, log_route='s3api', statsd_tail_prefix='s3api')
+        self.check_pipeline(wsgi_conf)
+    def is_s3_cors_preflight(self, env):
+        if env['REQUEST_METHOD'] != 'OPTIONS' or not env.get('HTTP_ORIGIN'):
+            # Not a CORS preflight
+            return False
+        acrh = env.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS', '').lower()
+        if 'authorization' in acrh and \
+                not env['PATH_INFO'].startswith(('/v1/', '/v1.0/')):
+            return True
+        q = parse_qs(env.get('QUERY_STRING', ''))
+        if 'AWSAccessKeyId' in q or 'X-Amz-Credential' in q:
+            return True
+        # Not S3, apparently
+        return False
     def __call__(self, env, start_response):
+        origin = env.get('HTTP_ORIGIN')
+        if self.conf.cors_preflight_allow_origin and \
+                self.is_s3_cors_preflight(env):
+            # I guess it's likely going to be an S3 request? *shrug*
+            if self.conf.cors_preflight_allow_origin != ['*'] and \
+                    origin not in self.conf.cors_preflight_allow_origin:
+                start_response('401 Unauthorized', [
+                    ('Allow', 'GET, HEAD, PUT, POST, DELETE, OPTIONS'),
+                ])
+                return [b'']
+            headers = [
+                ('Allow', 'GET, HEAD, PUT, POST, DELETE, OPTIONS'),
+                ('Access-Control-Allow-Origin', origin),
+                ('Access-Control-Allow-Methods',
+                 'GET, HEAD, PUT, POST, DELETE, OPTIONS'),
+                ('Vary', 'Origin, Access-Control-Request-Headers'),
+            ]
+            acrh = set(list_from_csv(
+                env.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS', '').lower()))
+            if acrh:
+                headers.append((
+                    'Access-Control-Allow-Headers',
+                    ', '.join(acrh)))
+            start_response('200 OK', headers)
+            return [b'']
         try:
             req_class = get_request_class(env, self.conf.s3_acl)
-            req = req_class(
-                env, self.app, self.slo_enabled, self.conf.storage_domain,
-                self.conf.location, self.conf.force_swift_request_proxy_log,
-                self.conf.dns_compliant_bucket_names,
-                self.conf.allow_multipart_uploads, self.conf.allow_no_owner)
+            req = req_class(env, self.app, self.conf)
             resp = self.handle_request(req)
         except NotS3Request:
             resp = self.app
         except InvalidSubresource as e:
             self.logger.debug(e.cause)
         except ErrorResponse as err_resp:
+            self.logger.increment(err_resp.metric_name)
+            append_log_info(env, 's3:err:%s' % err_resp.summary)
             if isinstance(err_resp, InternalError):
                 self.logger.exception(err_resp)
             resp = err_resp
@@ -306,6 +366,9 @@ class S3ApiMiddleware(object):
             resp.headers['x-amz-id-2'] = env['swift.trans_id']
             resp.headers['x-amz-request-id'] = env['swift.trans_id']
+        if 's3api.backend_path' in env and 'swift.backend_path' not in env:
+            env['swift.backend_path'] = env['s3api.backend_path']
         return resp(env, start_response)
     def handle_request(self, req):
@@ -330,16 +393,19 @@ class S3ApiMiddleware(object):
             raise MethodNotAllowed(req.method,
                                    req.controller.resource_type())
+        if req.policy_index is not None:
+            res.headers.setdefault('X-Backend-Storage-Policy-Index',
+                                   req.policy_index)
         return res
-    def check_pipeline(self, conf):
+    def check_pipeline(self, wsgi_conf):
         """
         Check that proxy-server.conf has an appropriate pipeline for s3api.
         """
-        if conf.get('__file__', None) is None:
+        if wsgi_conf.get('__file__', None) is None:
             return
-        ctx = loadcontext(loadwsgi.APP, conf.__file__)
+        ctx = loadcontext(loadwsgi.APP, wsgi_conf['__file__'])
         pipeline = str(PipelineWrapper(ctx)).split(' ')
         # Add compatible with 3rd party middleware.
@@ -349,13 +415,13 @@ class S3ApiMiddleware(object):
                                  pipeline.index('proxy-server')]
         # Check SLO middleware
-        if self.slo_enabled and 'slo' not in auth_pipeline:
-            self.slo_enabled = False
+        if self.conf.allow_multipart_uploads and 'slo' not in auth_pipeline:
+            self.conf.allow_multipart_uploads = False
             self.logger.warning('s3api middleware requires SLO middleware '
                                 'to support multi-part upload, please add it '
                                 'in pipeline')
-        if not conf.auth_pipeline_check:
+        if not self.conf.auth_pipeline_check:
             self.logger.debug('Skip pipeline auth check.')
             return
@@ -402,15 +468,21 @@ def filter_factory(global_conf, **local_conf):
     register_swift_info(
         's3api',
         # TODO: make default values as variables
-        max_bucket_listing=conf.get('max_bucket_listing', 1000),
-        max_parts_listing=conf.get('max_parts_listing', 1000),
-        max_upload_part_num=conf.get('max_upload_part_num', 1000),
-        max_multi_delete_objects=conf.get('max_multi_delete_objects', 1000),
-        allow_multipart_uploads=conf.get('allow_multipart_uploads', True),
-        min_segment_size=conf.get('min_segment_size', 5242880),
-        s3_acl=conf.get('s3_acl', False)
+        max_bucket_listing=int(conf.get('max_bucket_listing', 1000)),
+        max_parts_listing=int(conf.get('max_parts_listing', 1000)),
+        max_upload_part_num=int(conf.get('max_upload_part_num', 1000)),
+        max_multi_delete_objects=int(
+            conf.get('max_multi_delete_objects', 1000)),
+        allow_multipart_uploads=config_true_value(
+            conf.get('allow_multipart_uploads', True)),
+        min_segment_size=int(conf.get('min_segment_size', 5242880)),
+        s3_acl=config_true_value(conf.get('s3_acl', False)),
     )
+    register_sensitive_header('authorization')
+    register_sensitive_param('Signature')
+    register_sensitive_param('X-Amz-Signature')
     def s3api_filter(app):
         return S3ApiMiddleware(ListingEtagMiddleware(app), conf)

swift 2.23.3__py3-none-any.whl → 2.35.0__py3-none-any.whl

swift 2.23.3py3-none-any.whl → 2.35.0py3-none-any.whl