Hello community,
here is the log from the commit of package python-keystoneclient for
openSUSE:Factory checked in at 2013-09-26 15:14:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-keystoneclient (Old)
and /work/SRC/openSUSE:Factory/.python-keystoneclient.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-keystoneclient"
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-keystoneclient/python-keystoneclient.changes
2013-07-21 11:59:43.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.python-keystoneclient.new/python-keystoneclient.changes
2013-09-26 16:03:15.000000000 +0200
@@ -1,0 +2,211 @@
+Thu Sep 19 23:51:37 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.72:
+ + Allow blank to email in user-update
+ + Change Babel to a runtime requirement
+
+-------------------------------------------------------------------
+Thu Sep 19 00:37:33 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.68:
+ + Decode the non-english username str to unicode
+
+-------------------------------------------------------------------
+Tue Sep 17 23:57:12 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.66:
+ + Convert tests to HTTPretty and reorganize
+
+-------------------------------------------------------------------
+Tue Sep 17 15:07:22 UTC 2013 - [email protected]
+
+- 0001-Add-workaround-for-OSError-raised-by-Popen.communica.patch
+
+-------------------------------------------------------------------
+Tue Sep 17 00:21:17 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.64:
+ + Don't need to init testr explicitly
+
+-------------------------------------------------------------------
+Sat Sep 14 23:49:31 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.62:
+ + Deprecation warning should be 'pending'
+
+-------------------------------------------------------------------
+Sat Sep 14 00:12:03 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.60:
+ + Support client generate literal ipv6 auth_uri base on auth_host
+ + Replace HttpConnection in auth_token with Requests
+ + Set example timestamps to 2038-01-18T21:14:07Z
+
+-------------------------------------------------------------------
+Wed Sep 11 00:06:52 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.55:
+ + Allow Hacking 0.7.x or later
+
+-------------------------------------------------------------------
+Wed Sep 4 23:53:25 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.53:
+ + Deprecation warning for the CLI
+
+-------------------------------------------------------------------
+Mon Sep 2 09:59:38 UTC 2013 - [email protected]
+
+- update requires
+
+-------------------------------------------------------------------
+Sun Sep 1 00:18:02 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.52:
+ + Remove testcase test_invalid_auth_version_request
+ + Correct keyword args in test cases
+
+-------------------------------------------------------------------
+Sat Aug 31 00:19:14 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.49:
+ + Replace auth_token middleware tests with httpretty
+ + Add apiclient.exceptions hierarchy
+ + Fixing potential NameErrors
+ + Standardize base.py with novaclient
+ + Fix and enable gating on F811
+
+-------------------------------------------------------------------
+Fri Aug 30 15:05:00 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.39:
+ + Fix and enable gating on F841
+ + Use OSLO jsonutils instead of json module
+ + python3: Transition to mox3 instead of mox
+ + Update oslo.config
+ + Sync py3kcompat from oslo-incubator
+ + python3: Use from future import unicode_literals
+
+-------------------------------------------------------------------
+Thu Aug 29 23:48:54 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.27:
+ + Remove duplicate method in AccessInfo
+ + Fix License Headers and Enable Gating on H102
+ + Fix and enable gating on H302: only import modules
+
+-------------------------------------------------------------------
+Wed Aug 28 23:53:06 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.21:
+ + remove the UUID check for userids
+ + Synchronize code from oslo
+
+-------------------------------------------------------------------
+Tue Aug 27 00:08:18 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.18:
+ + clearer error when authenticate called without auth_url
+ + Support older token formats for projects in accessinfo
+ + Use hashed token for invalid PKI token cache key
+ + Add domain attributes to accessinfo
+
+-------------------------------------------------------------------
+Sun Aug 25 00:08:13 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.10:
+ + Move flake8 option from run_tests.sh to tox.ini
+
+-------------------------------------------------------------------
+Fri Aug 23 23:55:11 UTC 2013 - [email protected]
+
+- Update to version 0.3.2.8:
+ + Extract test token data from auth_token middleware
+ + Allow configure the number of http retries
+ + Add importutils and strutils from oslo
+ + Move all opens in auth_token to be in context
+ + Add unittests for exceptions.EmptyCatalog
+
+-------------------------------------------------------------------
+Thu Aug 22 23:45:16 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.77:
+ + Restore client.py for backward compatibility
+ + Initial Trusts support
+
+-------------------------------------------------------------------
+Wed Aug 21 00:15:55 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.73:
+ + Make auth_token middleware fetching respect prefix
+
+-------------------------------------------------------------------
+Sat Aug 17 00:02:38 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.72:
+ + Adds support for passing extra tenant attributes to keystone
+ + Fix and enable Gating on H404
+ + Fix a typo in fetch_revocation_list
+
+-------------------------------------------------------------------
+Fri Aug 16 00:10:26 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.67:
+ + Fixes files with wrong bitmode
+ + Don't cache tokens as invalid on network errors
+
+-------------------------------------------------------------------
+Thu Aug 15 00:01:38 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.63:
+ + python3: Add basic compatibility support
+ + Extract basic request call
+ + Add a get_data function to Service Catalog
+ + Refactor verify signing dir logic
+
+-------------------------------------------------------------------
+Tue Aug 13 23:42:21 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.55:
+ + flake8: enable H201, H202, H802
+ + Rename client.py to httpclient.py
+
+-------------------------------------------------------------------
+Mon Aug 12 23:56:26 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.52:
+ + Use flake8 in run_tests.sh and updated ignore flake8 rules with tox.ini
+
+-------------------------------------------------------------------
+Sat Aug 10 10:59:44 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.50:
+ + Updated from global requirements
+
+-------------------------------------------------------------------
+Fri Aug 9 00:01:29 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.49:
+ + Merge from Oslo-Incubator
+ + Make TestResponse properly inherit Response.
+
+-------------------------------------------------------------------
+Wed Aug 7 23:37:38 UTC 2013 - [email protected]
+
+- Update to version 0.3.1.45:
+ + Fix test_request_no_token_dummy cms dependency.
+
++++ 14 more lines (skipped)
++++ between
/work/SRC/openSUSE:Factory/python-keystoneclient/python-keystoneclient.changes
++++ and
/work/SRC/openSUSE:Factory/.python-keystoneclient.new/python-keystoneclient.changes
New:
----
0001-Add-workaround-for-OSError-raised-by-Popen.communica.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-keystoneclient.spec ++++++
--- /var/tmp/diff_new_pack.ZNwwkM/_old 2013-09-26 16:03:16.000000000 +0200
+++ /var/tmp/diff_new_pack.ZNwwkM/_new 2013-09-26 16:03:16.000000000 +0200
@@ -19,7 +19,7 @@
%define component keystoneclient
Name: python-%{component}
-Version: 0.3.1.15
+Version: 0.3.2.72
Release: 0
Summary: Openstack Identity (Keystone) API Client
License: Apache-2.0
@@ -27,12 +27,10 @@
Url: http://launchpad.net/python-keystoneclient
Source: python-keystoneclient-master.tar.gz
Source2: openstack-keystone.sh
-# PATCH-FIX-UPSTREAM [email protected] -- Backport of
https://review.openstack.org/#/c/35103/
-Patch0: 0001-Use-ServiceCatalog.factory-the-object-has-no-__init_.patch
+Patch0: 0001-Add-workaround-for-OSError-raised-by-Popen.communica.patch
BuildRequires: fdupes
BuildRequires: openstack-suse-macros
BuildRequires: python-base
-BuildRequires: python-d2to1
BuildRequires: python-distribute
BuildRequires: python-pbr
# Packages below are only needed for documentation build
@@ -43,13 +41,14 @@
BuildRequires: python-iso8601 >= 0.1.4
BuildRequires: python-requests >= 0.8.8
Requires: python >= 2.6.8
+Requires: python-Babel >= 0.9.6
Requires: python-PrettyTable >= 0.6
-Requires: python-d2to1 >= 0.2.10
Requires: python-iso8601 >= 0.1.4
-Requires: python-oslo.config >= 1.1.0
-Requires: python-pbr >= 0.5
-Requires: python-requests >= 0.8.8
-Requires: python-simplejson
+Requires: python-netaddr
+Requires: python-oslo.config >= 1.2.0a3
+Requires: python-pbr >= 0.5.21
+Requires: python-requests >= 1.1
+Requires: python-simplejson >= 2.0.9
Requires: python-six
Recommends: python-keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -80,24 +79,26 @@
Summary: Openstack Identity (Keystone) API Client - Testsuite
Group: System/Management
Requires: %{name} = %{version}
-Requires: python-WebOb >= 1.0.8
-Requires: python-coverage
-Requires: python-fixtures
+Requires: python-WebOb >= 1.2.3
+Requires: python-coverage >= 3.6
+Requires: python-discover
+Requires: python-fixtures >= 0.3.12
Requires: python-flake8 >= 2.0
-Requires: python-hacking >= 0.5.3
-Requires: python-mock
-Requires: python-mox
+Requires: python-hacking >= 0.5.6
+Requires: python-httpretty >= 0.6.3
+Requires: python-mock >= 0.8.0
+Requires: python-mox3 >= 0.7.0
Requires: python-pep8 >= 1.4.5
-Requires: python-pycrypto
+Requires: python-pycrypto >= 2.6
Requires: python-pyflakes >= 0.7.2
-Requires: python-testrepository >= 0.0.13
-Requires: python-testtools >= 0.9.22
+Requires: python-testrepository >= 0.0.17
+Requires: python-testtools >= 0.9.32
%description test
This package contains testsuite files for %{name}.
%prep
-%setup -q -n python-keystoneclient-0.3.1.15.gf74019c
+%setup -q -n python-keystoneclient-0.3.2.72.g38aa12b
%patch0 -p1
%openstack_cleanup_prep
# Fix example PKI certs location for testsuite:
@@ -110,7 +111,7 @@
%install
python setup.py install --prefix=%{_prefix} --root=%{buildroot}
--install-data=%{python_sitelib}
-rm -rf doc/build/html/{.buildinfo,.doctrees}
+rm doc/build/html/.buildinfo
%fdupes doc
### bash-completion
++++++ 0001-Add-workaround-for-OSError-raised-by-Popen.communica.patch ++++++
>From 3c260985b473ff49e118eaceda57b7b475c291a6 Mon Sep 17 00:00:00 2001
From: Dirk Mueller <[email protected]>
Date: Thu, 20 Jun 2013 18:49:26 +0200
Subject: [PATCH] Add workaround for OSError raised by Popen.communicate()
Python 2.6 can raise OSError when too much data is
written to STDIN and the process died prematurely.
In the case of keystoneclient this happens during
the first cms_verify() call of a process. The calling
logic expects a useful error message in order to
refetches CA or singing CERT, which is missing in the
case of an OSError. So just fake it instead.
Add basic unit tests to cover all of the public methods from
keystone.common.cms, raising test coverage to 77%.
Change-Id: I6e650ab9494c605b4e41c78c87a9505e09d5fc29
---
keystoneclient/common/cms.py | 43 +++++++++++++++++++++---
tests/client_fixtures.py | 14 ++++++--
tests/test_auth_token_middleware.py | 65 +++++++++++++++++++++++++++++++++++++
3 files changed, 115 insertions(+), 7 deletions(-)
diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py
index 8bc24f9..a4c231b 100644
--- a/keystoneclient/common/cms.py
+++ b/keystoneclient/common/cms.py
@@ -38,6 +38,37 @@ def _ensure_subprocess():
import subprocess # noqa
+def _fake_openssl_error(files):
+ """Check if any of the files cannot be opened."""
+ err = 'Error while writing to pipe.'
+ try:
+ for try_file in files:
+ with open(try_file, 'r'):
+ pass
+ except IOError as e:
+ err = ("Hit OSError while launching openssl. "
+ "Likely due to %s: %s") % (try_file, e.strerror)
+
+ return err
+
+
+def _process_communicate_check_oserror(process, text, files):
+ """Wrapper around process.communicate that checks for OSError."""
+
+ try:
+ output, err = process.communicate(text)
+ except OSError:
+ # this shouldn't happen, but does when Python is old
+ # http://bugs.python.org/issue10963
+ output = ""
+ err = _fake_openssl_error(files)
+ retcode = -1
+ else:
+ retcode = process.poll()
+
+ return output, err, retcode
+
+
def cms_verify(formatted, signing_cert_file_name, ca_file_name):
"""Verifies the signature of the contents IAW CMS syntax.
@@ -53,8 +84,10 @@ def cms_verify(formatted, signing_cert_file_name,
ca_file_name):
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
- output, err = process.communicate(formatted)
- retcode = process.poll()
+
+ output, err, retcode = _process_communicate_check_oserror(
+ process, formatted, (signing_cert_file_name, ca_file_name))
+
if retcode:
# Do not log errors, as some happen in the positive thread
# instead, catch them in the calling code and log them there.
@@ -150,8 +183,10 @@ def cms_sign_text(text, signing_cert_file_name,
signing_key_file_name):
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
- output, err = process.communicate(text)
- retcode = process.poll()
+
+ output, err, retcode = _process_communicate_check_oserror(
+ process, text, (signing_cert_file_name, signing_key_file_name))
+
if retcode or "Error" in err:
LOG.error('Signing error: %s' % err)
raise subprocess.CalledProcessError(retcode, "openssl")
diff --git a/tests/client_fixtures.py b/tests/client_fixtures.py
index 0abb06e..fe1441b 100644
--- a/tests/client_fixtures.py
+++ b/tests/client_fixtures.py
@@ -25,7 +25,7 @@ from keystoneclient import utils
ROOTDIR = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
CERTDIR = os.path.join(ROOTDIR, "examples/pki/certs")
CMSDIR = os.path.join(ROOTDIR, "examples/pki/cms")
-
+KEYDIR = os.path.join(ROOTDIR, "examples/pki/private")
# @TODO(mordred) This should become a testresources resource attached to the
# class
@@ -48,9 +48,17 @@ with open(os.path.join(CMSDIR, 'revocation_list.json')) as f:
REVOCATION_LIST = jsonutils.loads(f.read())
with open(os.path.join(CMSDIR, 'revocation_list.pem')) as f:
SIGNED_REVOCATION_LIST = jsonutils.dumps({'signed': f.read()})
-with open(os.path.join(CERTDIR, 'signing_cert.pem')) as f:
+
+SIGNING_CERT_FILE = os.path.join(CERTDIR, 'signing_cert.pem')
+with open(SIGNING_CERT_FILE) as f:
SIGNING_CERT = f.read()
-with open(os.path.join(CERTDIR, 'cacert.pem')) as f:
+
+SIGNING_KEY_FILE = os.path.join(KEYDIR, 'signing_key.pem')
+with open(SIGNING_KEY_FILE) as f:
+ SIGNING_KEY = f.read()
+
+SIGNING_CA_FILE = os.path.join(CERTDIR, 'cacert.pem')
+with open(SIGNING_CA_FILE) as f:
SIGNING_CA = f.read()
UUID_TOKEN_DEFAULT = "ec6c0710ec2f471498484c1b53ab4f9d"
diff --git a/tests/test_auth_token_middleware.py
b/tests/test_auth_token_middleware.py
index 17eacb6..e1fdc1b 100644
--- a/tests/test_auth_token_middleware.py
+++ b/tests/test_auth_token_middleware.py
@@ -19,6 +19,7 @@ import iso8601
import os
import shutil
import stat
+import subprocess
import sys
import tempfile
import testtools
@@ -1218,3 +1219,67 @@ class TokenEncodingTest(testtools.TestCase):
def test_quoted_token(self):
self.assertEqual('foo%20bar', auth_token.safe_quote('foo%20bar'))
+
+
+class CmsTest(testtools.TestCase):
+
+ """Unit tests for the keystoneclient.common.cms module."""
+
+ def test_token_to_cms_to_token(self):
+ with open(os.path.join(client_fixtures.CMSDIR,
+ 'auth_token_scoped.pem')) as f:
+ AUTH_TOKEN_SCOPED_CMS = f.read()
+
+ self.assertEqual(cms.token_to_cms(client_fixtures.SIGNED_TOKEN_SCOPED),
+ AUTH_TOKEN_SCOPED_CMS)
+
+ tok = cms.cms_to_token(cms.token_to_cms(
+ client_fixtures.SIGNED_TOKEN_SCOPED))
+ self.assertEqual(tok, client_fixtures.SIGNED_TOKEN_SCOPED)
+
+ def test_ans1_token(self):
+ self.assertTrue(cms.is_ans1_token(client_fixtures.SIGNED_TOKEN_SCOPED))
+ self.assertFalse(cms.is_ans1_token("FOOBAR"))
+
+ def test_cms_sign_token_no_files(self):
+ self.assertRaises(subprocess.CalledProcessError,
+ cms.cms_sign_token,
+ client_fixtures.SIGNED_TOKEN_SCOPED,
+ "/no/such/file", "/no/such/key")
+
+ def test_cms_sign_token_success(self):
+ self.assertTrue(
+ cms.cms_sign_token(client_fixtures.SIGNED_TOKEN_SCOPED,
+ client_fixtures.SIGNING_CERT_FILE,
+ client_fixtures.SIGNING_KEY_FILE))
+
+ def test_cms_verify_token_no_files(self):
+ self.assertRaises(subprocess.CalledProcessError,
+ cms.cms_verify,
+ client_fixtures.SIGNED_TOKEN_SCOPED,
+ "/no/such/file", "/no/such/key")
+
+ def test_cms_verify_token_scoped(self):
+ cms_content = cms.token_to_cms(client_fixtures.SIGNED_TOKEN_SCOPED)
+ self.assertTrue(cms.cms_verify(cms_content,
+ client_fixtures.SIGNING_CERT_FILE,
+ client_fixtures.SIGNING_CA_FILE))
+
+ def test_cms_verify_token_scoped_expired(self):
+ cms_content = cms.token_to_cms(
+ client_fixtures.SIGNED_TOKEN_SCOPED_EXPIRED)
+ self.assertTrue(cms.cms_verify(cms_content,
+ client_fixtures.SIGNING_CERT_FILE,
+ client_fixtures.SIGNING_CA_FILE))
+
+ def test_cms_verify_token_unscoped(self):
+ cms_content = cms.token_to_cms(client_fixtures.SIGNED_TOKEN_UNSCOPED)
+ self.assertTrue(cms.cms_verify(cms_content,
+ client_fixtures.SIGNING_CERT_FILE,
+ client_fixtures.SIGNING_CA_FILE))
+
+ def test_cms_verify_token_v3_scoped(self):
+ cms_content = cms.token_to_cms(client_fixtures.SIGNED_v3_TOKEN_SCOPED)
+ self.assertTrue(cms.cms_verify(cms_content,
+ client_fixtures.SIGNING_CERT_FILE,
+ client_fixtures.SIGNING_CA_FILE))
--
1.8.4
++++++ python-keystoneclient-master.tar.gz ++++++
++++ 16594 lines of diff (skipped)
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
