swift 2.23.3__py3-none-any.whl → 2.35.0__py3-none-any.whl

swift/common/request_helpers.py

@@ -20,69 +20,182 @@ Why not swift.common.utils, you ask? Because this way we can import things
 from swob in here without creating circular imports.
 """
 
-import hashlib
 import itertools
-import sys
 import time
 
-import six
 from swift.common.header_key_dict import HeaderKeyDict
 
-from swift import gettext_ as _
+from swift.common.constraints import AUTO_CREATE_ACCOUNT_PREFIX, \
+    CONTAINER_LISTING_LIMIT
 from swift.common.storage_policy import POLICIES
 from swift.common.exceptions import ListingIterError, SegmentError
-from swift.common.http import is_success
+from swift.common.http import is_success, is_server_error
 from swift.common.swob import HTTPBadRequest, \
     HTTPServiceUnavailable, Range, is_chunked, multi_range_iterator, \
     HTTPPreconditionFailed, wsgi_to_bytes, wsgi_unquote, wsgi_to_str
 from swift.common.utils import split_path, validate_device_partition, \
-    close_if_possible, maybe_multipart_byteranges_to_document_iters, \
+    close_if_possible, friendly_close, \
+    maybe_multipart_byteranges_to_document_iters, \
     multipart_byteranges_to_document_iters, parse_content_type, \
-    parse_content_range, csv_append, list_from_csv, Spliterator, quote
-
+    parse_content_range, csv_append, list_from_csv, Spliterator, quote, \
+    RESERVED, config_true_value, md5, CloseableChain, select_ip_port
 from swift.common.wsgi import make_subrequest
 
 
 OBJECT_TRANSIENT_SYSMETA_PREFIX = 'x-object-transient-sysmeta-'
 OBJECT_SYSMETA_CONTAINER_UPDATE_OVERRIDE_PREFIX = \
     'x-object-sysmeta-container-update-override-'
+USE_REPLICATION_NETWORK_HEADER = 'x-backend-use-replication-network'
+MISPLACED_OBJECTS_ACCOUNT = '.misplaced_objects'
 
 
 def get_param(req, name, default=None):
     """
-    Get parameters from an HTTP request ensuring proper handling UTF-8
+    Get a parameter from an HTTP request ensuring proper handling UTF-8
     encoding.
 
     :param req: request object
     :param name: parameter name
     :param default: result to return if the parameter is not found
-    :returns: HTTP request parameter value, as a native string
-              (in py2, as UTF-8 encoded str, not unicode object)
+    :returns: HTTP request parameter value, as a native (not WSGI) string
     :raises HTTPBadRequest: if param not valid UTF-8 byte sequence
     """
     value = req.params.get(name, default)
-    if six.PY2:
-        if value and not isinstance(value, six.text_type):
-            try:
-                value.decode('utf8')    # Ensure UTF8ness
-            except UnicodeDecodeError:
-                raise HTTPBadRequest(
-                    request=req, content_type='text/plain',
-                    body='"%s" parameter not valid UTF-8' % name)
-    else:
-        if value:
-            # req.params is a dict of WSGI strings, so encoding will succeed
-            value = value.encode('latin1')
-            try:
-                # Ensure UTF8ness since we're at it
-                value = value.decode('utf8')
-            except UnicodeDecodeError:
-                raise HTTPBadRequest(
-                    request=req, content_type='text/plain',
-                    body='"%s" parameter not valid UTF-8' % name)
+    if value:
+        # req.params is a dict of WSGI strings, so encoding will succeed
+        value = value.encode('latin1')
+        try:
+            # Ensure UTF8ness since we're at it
+            value = value.decode('utf8')
+        except UnicodeDecodeError:
+            raise HTTPBadRequest(
+                request=req, content_type='text/plain',
+                body='"%s" parameter not valid UTF-8' % name)
     return value
 
 
+def get_valid_part_num(req):
+    """
+    Any non-range GET or HEAD request for a SLO object may include a
+    part-number parameter in query string.  If the passed in request
+    includes a part-number parameter it will be parsed into a valid integer
+    and returned.  If the passed in request does not include a part-number
+    param we will return None.  If the part-number parameter is invalid for
+    the given request we will raise the appropriate HTTP exception
+
+    :param req: the request object
+
+    :returns: validated part-number value or None
+    :raises HTTPBadRequest: if request or part-number param is not valid
+    """
+    part_number_param = get_param(req, 'part-number')
+    if part_number_param is None:
+        return None
+    try:
+        part_number = int(part_number_param)
+        if part_number <= 0:
+            raise ValueError
+    except ValueError:
+        raise HTTPBadRequest('Part number must be an integer greater '
+                             'than 0')
+
+    if req.range:
+        raise HTTPBadRequest(req=req,
+                             body='Range requests are not supported '
+                                  'with part number queries')
+
+    return part_number
+
+
+def validate_params(req, names):
+    """
+    Get list of parameters from an HTTP request, validating the encoding of
+    each parameter.
+
+    :param req: request object
+    :param names: parameter names
+    :returns: a dict mapping parameter names to values for each name that
+              appears in the request parameters
+    :raises HTTPBadRequest: if any parameter value is not a valid UTF-8 byte
+            sequence
+    """
+    params = {}
+    for name in names:
+        value = get_param(req, name)
+        if value is None:
+            continue
+        params[name] = value
+    return params
+
+
+def constrain_req_limit(req, constrained_limit):
+    given_limit = get_param(req, 'limit')
+    limit = constrained_limit
+    if given_limit and given_limit.isdigit():
+        limit = int(given_limit)
+        if limit > constrained_limit:
+            raise HTTPPreconditionFailed(
+                request=req, body='Maximum limit is %d' % constrained_limit)
+    return limit
+
+
+def validate_container_params(req):
+    params = validate_params(req, ('marker', 'end_marker', 'prefix',
+                                   'delimiter', 'path', 'format', 'reverse',
+                                   'states', 'includes'))
+    params['limit'] = constrain_req_limit(req, CONTAINER_LISTING_LIMIT)
+    return params
+
+
+def _validate_internal_name(name, type_='name'):
+    if RESERVED in name and not name.startswith(RESERVED):
+        raise HTTPBadRequest(body='Invalid reserved-namespace %s' % (type_))
+
+
+def validate_internal_account(account):
+    """
+    Validate internal account name.
+
+    :raises: HTTPBadRequest
+    """
+    _validate_internal_name(account, 'account')
+
+
+def validate_internal_container(account, container):
+    """
+    Validate internal account and container names.
+
+    :raises: HTTPBadRequest
+    """
+    if not account:
+        raise ValueError('Account is required')
+    validate_internal_account(account)
+    if container:
+        _validate_internal_name(container, 'container')
+
+
+def validate_internal_obj(account, container, obj):
+    """
+    Validate internal account, container and object names.
+
+    :raises: HTTPBadRequest
+    """
+    if not account:
+        raise ValueError('Account is required')
+    if not container:
+        raise ValueError('Container is required')
+    validate_internal_container(account, container)
+    if obj and not (account.startswith(AUTO_CREATE_ACCOUNT_PREFIX) or
+                    account == MISPLACED_OBJECTS_ACCOUNT):
+        _validate_internal_name(obj, 'object')
+        if container.startswith(RESERVED) and not obj.startswith(RESERVED):
+            raise HTTPBadRequest(body='Invalid user-namespace object '
+                                 'in reserved-namespace container')
+        elif obj.startswith(RESERVED) and not container.startswith(RESERVED):
+            raise HTTPBadRequest(body='Invalid reserved-namespace object '
+                                 'in user-namespace container')
+
+
 def get_name_and_placement(request, minsegs=1, maxsegs=None,
                            rest_with_last=False):
     """
@@ -101,7 +214,7 @@ def get_name_and_placement(request, minsegs=1, maxsegs=None,
     policy = POLICIES.get_by_index(policy_index)
     if not policy:
         raise HTTPServiceUnavailable(
-            body=_("No policy with index %s") % policy_index,
+            body="No policy with index %s" % policy_index,
             request=request, content_type='text/plain')
     results = split_and_validate_path(request, minsegs=minsegs,
                                       maxsegs=maxsegs,
@@ -273,6 +386,28 @@ def get_container_update_override_key(key):
     return header.title()
 
 
+def get_reserved_name(*parts):
+    """
+    Generate a valid reserved name that joins the component parts.
+
+    :returns: a string
+    """
+    if any(RESERVED in p for p in parts):
+        raise ValueError('Invalid reserved part in components')
+    return RESERVED + RESERVED.join(parts)
+
+
+def split_reserved_name(name):
+    """
+    Separate a valid reserved name into the component parts.
+
+    :returns: a list of strings
+    """
+    if not name.startswith(RESERVED):
+        raise ValueError('Invalid reserved name')
+    return name.split(RESERVED)[1:]
+
+
 def remove_items(headers, condition):
     """
     Removes items from a dict whose keys satisfy
@@ -338,15 +473,17 @@ class SegmentedIterable(object):
     :param app: WSGI application from which segments will come
 
     :param listing_iter: iterable yielding the object segments to fetch,
-        along with the byte subranges to fetch, in the form of a 5-tuple
-        (object-path, object-etag, object-size, first-byte, last-byte).
+        along with the byte sub-ranges to fetch. Each yielded item should be a
+        dict with the following keys: ``path`` or ``raw_data``,
+        ``first-byte``, ``last-byte``, ``hash`` (optional), ``bytes``
+        (optional).
 
-        If object-etag is None, no MD5 verification will be done.
+        If ``hash`` is None, no MD5 verification will be done.
 
-        If object-size is None, no length verification will be done.
+        If ``bytes`` is None, no length verification will be done.
 
-        If first-byte and last-byte are None, then the entire object will be
-        fetched.
+        If ``first-byte`` and ``last-byte`` are None, then the entire object
+        will be fetched.
 
     :param max_get_time: maximum permitted duration of a GET request (seconds)
     :param logger: logger object
@@ -405,8 +542,8 @@ class SegmentedIterable(object):
                 path = quote(seg_path) + '?multipart-manifest=get'
                 seg_req = make_subrequest(
                     self.req.environ, path=path, method='GET',
-                    headers={'x-auth-token': self.req.headers.get(
-                        'x-auth-token')},
+                    headers={h: self.req.headers.get(h)
+                             for h in ('x-auth-token', 'x-open-expired')},
                     agent=('%(orig)s ' + self.ua_suffix),
                     swift_source=self.swift_source)
 
@@ -448,11 +585,10 @@ class SegmentedIterable(object):
                 pending_etag = seg_etag
                 pending_size = seg_size
 
-        except ListingIterError:
-            e_type, e_value, e_traceback = sys.exc_info()
+        except ListingIterError as e:
             if pending_req:
                 yield pending_req, pending_etag, pending_size
-            six.reraise(e_type, e_value, e_traceback)
+            raise e
 
         if pending_req:
             yield pending_req, pending_etag, pending_size
@@ -470,12 +606,18 @@ class SegmentedIterable(object):
             seg_req = data_or_req
             seg_resp = seg_req.get_response(self.app)
             if not is_success(seg_resp.status_int):
-                close_if_possible(seg_resp.app_iter)
-                raise SegmentError(
-                    'While processing manifest %s, '
-                    'got %d while retrieving %s' %
-                    (self.name, seg_resp.status_int, seg_req.path))
-
+                # Error body should be short
+                body = seg_resp.body.decode('utf8')
+                msg = 'While processing manifest %s, got %d (%s) ' \
+                    'while retrieving %s' % (
+                        self.name, seg_resp.status_int,
+                        body if len(body) <= 60 else body[:57] + '...',
+                        seg_req.path)
+                if is_server_error(seg_resp.status_int):
+                    self.logger.error(msg)
+                    raise HTTPServiceUnavailable(
+                        request=seg_req, content_type='text/plain')
+                raise SegmentError(msg)
             elif ((seg_etag and (seg_resp.etag != seg_etag)) or
                     (seg_size and (seg_resp.content_length != seg_size) and
                      not seg_req.range)):
@@ -498,10 +640,11 @@ class SegmentedIterable(object):
             else:
                 self.current_resp = seg_resp
 
+            resp_len = 0
             seg_hash = None
             if seg_resp.etag and not seg_req.headers.get('Range'):
                 # Only calculate the MD5 if it we can use it to validate
-                seg_hash = hashlib.md5()
+                seg_hash = md5(usedforsecurity=False)
 
             document_iters = maybe_multipart_byteranges_to_document_iters(
                 seg_resp.app_iter,
@@ -510,15 +653,26 @@ class SegmentedIterable(object):
             for chunk in itertools.chain.from_iterable(document_iters):
                 if seg_hash:
                     seg_hash.update(chunk)
+                    resp_len += len(chunk)
                 yield (seg_req.path, chunk)
             close_if_possible(seg_resp.app_iter)
 
-            if seg_hash and seg_hash.hexdigest() != seg_resp.etag:
-                raise SegmentError(
-                    "Bad MD5 checksum in %(name)s for %(seg)s: headers had"
-                    " %(etag)s, but object MD5 was actually %(actual)s" %
-                    {'seg': seg_req.path, 'etag': seg_resp.etag,
-                     'name': self.name, 'actual': seg_hash.hexdigest()})
+            if seg_hash:
+                if resp_len != seg_resp.content_length:
+                    raise SegmentError(
+                        "Bad response length for %(seg)s as part of %(name)s: "
+                        "headers had %(from_headers)s, but response length "
+                        "was actually %(actual)s" %
+                        {'seg': seg_req.path,
+                         'from_headers': seg_resp.content_length,
+                         'name': self.name, 'actual': resp_len})
+                if seg_hash.hexdigest() != seg_resp.etag:
+                    raise SegmentError(
+                        "Bad MD5 checksum for %(seg)s as part of %(name)s: "
+                        "headers had %(etag)s, but object MD5 was actually "
+                        "%(actual)s" %
+                        {'seg': seg_req.path, 'etag': seg_resp.etag,
+                         'name': self.name, 'actual': seg_hash.hexdigest()})
 
     def _byte_counting_iter(self):
         # Checks that we give the client the right number of bytes. Raises
@@ -598,7 +752,10 @@ class SegmentedIterable(object):
             for x in mri:
                 yield x
         finally:
-            self.close()
+            # Spliterator and multi_range_iterator can't possibly know we've
+            # consumed the whole of the app_iter, but we want to read/close the
+            # final segment response
+            friendly_close(self.app_iter)
 
     def validate_first_segment(self):
         """
@@ -623,7 +780,7 @@ class SegmentedIterable(object):
         if self.peeked_chunk is not None:
             pc = self.peeked_chunk
             self.peeked_chunk = None
-            return itertools.chain([pc], self.app_iter)
+            return CloseableChain([pc], self.app_iter)
         else:
             return self.app_iter
 
@@ -738,3 +895,113 @@ def resolve_etag_is_at_header(req, metadata):
                 alternate_etag = metadata[name]
                 break
     return alternate_etag
+
+
+def update_ignore_range_header(req, name):
+    """
+    Helper function to update an X-Backend-Ignore-Range-If-Metadata-Present
+    header whose value is a list of header names which, if any are present
+    on an object, mean the object server should respond with a 200 instead
+    of a 206 or 416.
+
+    :param req: a swob Request
+    :param name: name of a header which, if found, indicates the proxy will
+                 want the whole object
+    """
+    if ',' in name:
+        # HTTP header names should not have commas but we'll check anyway
+        raise ValueError('Header name must not contain commas')
+    hdr = 'X-Backend-Ignore-Range-If-Metadata-Present'
+    req.headers[hdr] = csv_append(req.headers.get(hdr), name)
+
+
+def resolve_ignore_range_header(req, metadata):
+    """
+    Helper function to remove Range header from request if metadata matching
+    the X-Backend-Ignore-Range-If-Metadata-Present header is found.
+
+    :param req: a swob Request
+    :param metadata: dictionary of object metadata
+    """
+    ignore_range_headers = set(
+        h.strip().lower()
+        for h in req.headers.get(
+            'X-Backend-Ignore-Range-If-Metadata-Present',
+            '').split(','))
+    if ignore_range_headers.intersection(
+            h.lower() for h in metadata):
+        req.headers.pop('Range', None)
+
+
+def is_use_replication_network(headers=None):
+    """
+    Determine if replication network should be used.
+
+    :param headers: a dict of headers
+    :return: the value of the ``x-backend-use-replication-network`` item from
+        ``headers``. If no ``headers`` are given or the item is not found then
+        False is returned.
+    """
+    if headers:
+        for h, v in headers.items():
+            if h.lower() == USE_REPLICATION_NETWORK_HEADER:
+                return config_true_value(v)
+    return False
+
+
+def get_ip_port(node, headers):
+    """
+    Get the ip address and port that should be used for the given ``node``.
+    The normal ip address and port are returned unless the ``node`` or
+    ``headers`` indicate that the replication ip address and port should be
+    used.
+
+    If the ``headers`` dict has an item with key
+    ``x-backend-use-replication-network`` and a truthy value then the
+    replication ip address and port are returned. Otherwise if the ``node``
+    dict has an item with key ``use_replication`` and truthy value then the
+    replication ip address and port are returned. Otherwise the normal ip
+    address and port are returned.
+
+    :param node: a dict describing a node
+    :param headers: a dict of headers
+    :return: a tuple of (ip address, port)
+    """
+    return select_ip_port(
+        node, use_replication=is_use_replication_network(headers))
+
+
+def is_open_expired(app, req):
+    """
+    Helper function to check if a request with the header 'x-open-expired'
+    can access an object that has not yet been reaped by the object-expirer
+    based on the allow_open_expired global config.
+
+    :param app: the application instance
+    :param req: request object
+    """
+    return (config_true_value(app.allow_open_expired) and
+            config_true_value(req.headers.get('x-open-expired')))
+
+
+def is_backend_open_expired(request):
+    """
+    Helper function to check if a request has either the headers
+    'x-backend-open-expired' or 'x-backend-replication' for the backend
+    to access expired objects.
+
+    :param request: request object
+    """
+    x_backend_open_expired = config_true_value(request.headers.get(
+        'x-backend-open-expired', 'false'))
+    x_backend_replication = config_true_value(request.headers.get(
+        'x-backend-replication', 'false'))
+    return x_backend_open_expired or x_backend_replication
+
+
+def append_log_info(environ, log_info):
+    environ.setdefault('swift.log_info', []).append(log_info)
+
+
+def get_log_info(environ):
+    return ','.join(environ.get('swift.log_info', []))

swift/common/ring/builder.py

@@ -22,18 +22,16 @@ import math
 import random
 import uuid
 
-import six.moves.cPickle as pickle
+import pickle  # nosec: B403
 from copy import deepcopy
 from contextlib import contextmanager
 
 from array import array
 from collections import defaultdict
-import six
-from six.moves import range
 from time import time
 
 from swift.common import exceptions
-from swift.common.ring import RingData
+from swift.common.ring.ring import RingData
 from swift.common.ring.utils import tiers_for_dev, build_tier_tree, \
     validate_and_normalize_address, validate_replicas_by_tier, pretty_dev
 
@@ -87,6 +85,9 @@ class RingBuilder(object):
         if part_power > 32:
             raise ValueError("part_power must be at most 32 (was %d)"
                              % (part_power,))
+        if part_power < 0:
+            raise ValueError("part_power must be at least 0 (was %d)"
+                             % (part_power,))
         if replicas < 1:
             raise ValueError("replicas must be at least 1 (was %.6f)"
                              % (replicas,))
@@ -178,16 +179,16 @@ class RingBuilder(object):
     @contextmanager
     def debug(self):
         """
-        Temporarily enables debug logging, useful in tests, e.g.
+        Temporarily enables debug logging, useful in tests, e.g.::
 
             with rb.debug():
                 rb.rebalance()
         """
-        self.logger.disabled = False
+        old_val, self.logger.disabled = self.logger.disabled, False
         try:
             yield
         finally:
-            self.logger.disabled = True
+            self.logger.disabled = old_val
 
     @property
     def min_part_seconds_left(self):
@@ -364,13 +365,15 @@ class RingBuilder(object):
             # shift an unsigned int >I right to obtain the partition for the
             # int).
             if not self._replica2part2dev:
-                self._ring = RingData([], devs, self.part_shift)
+                self._ring = RingData([], devs, self.part_shift,
+                                      version=self.version)
             else:
                 self._ring = \
                     RingData([array('H', p2d) for p2d in
                               self._replica2part2dev],
                              devs, self.part_shift,
-                             self.next_part_power)
+                             self.next_part_power,
+                             self.version)
         return self._ring
 
     def add_dev(self, dev):
@@ -417,11 +420,11 @@ class RingBuilder(object):
         # Add holes to self.devs to ensure self.devs[dev['id']] will be the dev
         while dev['id'] >= len(self.devs):
             self.devs.append(None)
-        required_keys = ('ip', 'port', 'weight')
-        if any(required not in dev for required in required_keys):
-            raise ValueError(
-                '%r is missing at least one the required key %r' % (
-                    dev, required_keys))
+        required_keys = ('region', 'zone', 'ip', 'port', 'device', 'weight')
+        missing = tuple(key for key in required_keys if key not in dev)
+        if missing:
+            raise ValueError('%r is missing required key(s): %s' % (
+                dev, ', '.join(missing)))
         dev['weight'] = float(dev['weight'])
         dev['parts'] = 0
         dev.setdefault('meta', '')
@@ -450,6 +453,46 @@ class RingBuilder(object):
         self.devs_changed = True
         self.version += 1
 
+    def set_dev_region(self, dev_id, region):
+        """
+        Set the region of a device. This should be called rather than just
+        altering the region key in the device dict directly, as the builder
+        will need to rebuild some internal state to reflect the change.
+
+        .. note::
+            This will not rebalance the ring immediately as you may want to
+            make multiple changes for a single rebalance.
+
+        :param dev_id: device id
+        :param region: new region for device
+        """
+        if any(dev_id == d['id'] for d in self._remove_devs):
+            raise ValueError("Can not set region of dev_id %s because it "
+                             "is marked for removal" % (dev_id,))
+        self.devs[dev_id]['region'] = region
+        self.devs_changed = True
+        self.version += 1
+
+    def set_dev_zone(self, dev_id, zone):
+        """
+        Set the zone of a device. This should be called rather than just
+        altering the zone key in the device dict directly, as the builder
+        will need to rebuild some internal state to reflect the change.
+
+        .. note::
+            This will not rebalance the ring immediately as you may want to
+            make multiple changes for a single rebalance.
+
+        :param dev_id: device id
+        :param zone: new zone for device
+        """
+        if any(dev_id == d['id'] for d in self._remove_devs):
+            raise ValueError("Can not set zone of dev_id %s because it "
+                             "is marked for removal" % (dev_id,))
+        self.devs[dev_id]['zone'] = zone
+        self.devs_changed = True
+        self.version += 1
+
     def remove_dev(self, dev_id):
         """
         Remove a device from the ring.
@@ -601,8 +644,7 @@ class RingBuilder(object):
 
         dispersion_graph = {}
         # go over all the devices holding each replica part by part
-        for part_id, dev_ids in enumerate(
-                six.moves.zip(*self._replica2part2dev)):
+        for part_id, dev_ids in enumerate(zip(*self._replica2part2dev)):
             # count the number of replicas of this part for each tier of each
             # device, some devices may have overlapping tiers!
             replicas_at_tier = defaultdict(int)
@@ -1395,17 +1437,17 @@ class RingBuilder(object):
             {(): 3.0,
             (1,): 3.0,
             (1, 1): 1.0,
-            (1, 1, '127.0.0.1:6010'): 1.0,
-            (1, 1, '127.0.0.1:6010', 0): 1.0,
+            (1, 1, '127.0.0.1:6210'): 1.0,
+            (1, 1, '127.0.0.1:6210', 0): 1.0,
             (1, 2): 1.0,
-            (1, 2, '127.0.0.1:6020'): 1.0,
-            (1, 2, '127.0.0.1:6020', 1): 1.0,
+            (1, 2, '127.0.0.1:6220'): 1.0,
+            (1, 2, '127.0.0.1:6220', 1): 1.0,
             (1, 3): 1.0,
-            (1, 3, '127.0.0.1:6030'): 1.0,
-            (1, 3, '127.0.0.1:6030', 2): 1.0,
+            (1, 3, '127.0.0.1:6230'): 1.0,
+            (1, 3, '127.0.0.1:6230', 2): 1.0,
             (1, 4): 1.0,
-            (1, 4, '127.0.0.1:6040'): 1.0,
-            (1, 4, '127.0.0.1:6040', 3): 1.0}
+            (1, 4, '127.0.0.1:6240'): 1.0,
+            (1, 4, '127.0.0.1:6240', 3): 1.0}
 
         """
         # Used by walk_tree to know what entries to create for each recursive
@@ -1696,7 +1738,7 @@ class RingBuilder(object):
         else:
             with fp:
                 try:
-                    builder = pickle.load(fp)
+                    builder = pickle.load(fp)  # nosec: B301
                 except Exception:
                     # raise error during unpickling as UnPicklingError
                     raise exceptions.UnPicklingError(