LGTM
On Tue, May 3, 2016 at 12:12 PM, 'Brian Foley' via ganeti-devel <
ganeti-devel@googlegroups.com> wrote:
> commit e986d58e14865c4082c634ce1c925562617611be
> Merge: 8b2ec2f 0b57a03
> Author: Brian Foley <bpfo...@google.com>
> Date: Tue May 3 11:56:08 2016 +0100
>
> Merge branch 'stable-2.17'
>
> * stable-2.15
> Use socat method string compatible with <1.73 & >=1.73
> Reduce heap when parsing & storing ConfigData 10%
> Cancel RAPI job if the client drops the connection
> Make JQScheduler queues more strict to avoid leaks
>
> * stable-2.16
> <Nothing>
>
> * stable-2.17
> <Nothing>
>
> Manually resolve merge conflicts in http_unittest.py (HTTPServerReqeust
> constructor arglist changed), and Constants.hs.
>
> Signed-off-by: Brian Foley <bpfo...@google.com>
>
> diff --cc src/Ganeti/Constants.hs
> index 09ca78d,13bff2e..1259978
> --- a/src/Ganeti/Constants.hs
> +++ b/src/Ganeti/Constants.hs
> @@@ -5577,9 -5545,11 +5577,17 @@@ maintdSuccessTagPrefix = maintdPrefix +
> maintdFailureTagPrefix :: String
> maintdFailureTagPrefix = maintdPrefix ++ "repairfailed:"
>
> +-- * RAPI PAM auth related constants
> +
> +-- | The name of ganeti rapi specific http header containing additional
> user
> +-- credentials
> +httpRapiPamCredential :: String
> +httpRapiPamCredential = "Ganeti-RAPI-Credential"
> ++
> + -- | The polling frequency to wait for a job status change
> + cliWfjcFrequency :: Int
> + cliWfjcFrequency = 20
> +
> + -- | Default 'WaitForJobChange' timeout in seconds
> + defaultWfjcTimeout :: Int
> + defaultWfjcTimeout = 60
> -
> diff --cc test/py/ganeti.http_unittest.py
> index 0f17e11,753ddf3..7e6ba38
> --- a/test/py/ganeti.http_unittest.py
> +++ b/test/py/ganeti.http_unittest.py
> @@@ -226,31 -216,27 +227,31 @@@ class TestHttpServerRequestAuthenticati
>
> def testNoRealm(self):
> headers = { http.HTTP_AUTHORIZATION: "", }
> - req = http.server._HttpServerRequest("GET", "/", headers, None)
> + req = http.server._HttpServerRequest("GET", "/", headers, None, None)
> - ra = _FakeRequestAuth(None, False, None)
> + ac = _SimpleAuthenticator("foo", "bar")
> + ra = _FakeRequestAuth(None, False, ac)
> self.assertRaises(AssertionError, ra.PreHandleRequest, req)
>
> def testNoScheme(self):
> headers = { http.HTTP_AUTHORIZATION: "", }
> - req = http.server._HttpServerRequest("GET", "/", headers, None)
> + req = http.server._HttpServerRequest("GET", "/", headers, None, None)
> - ra = _FakeRequestAuth("area1", False, None)
> + ac = _SimpleAuthenticator("foo", "bar")
> + ra = _FakeRequestAuth("area1", False, ac)
> self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
>
> def testUnknownScheme(self):
> headers = { http.HTTP_AUTHORIZATION: "NewStyleAuth abc", }
> - req = http.server._HttpServerRequest("GET", "/", headers, None)
> + req = http.server._HttpServerRequest("GET", "/", headers, None, None)
> - ra = _FakeRequestAuth("area1", False, None)
> + ac = _SimpleAuthenticator("foo", "bar")
> + ra = _FakeRequestAuth("area1", False, ac)
> self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
>
> def testInvalidBase64(self):
> headers = { http.HTTP_AUTHORIZATION: "Basic x_=_", }
> - req = http.server._HttpServerRequest("GET", "/", headers, None)
> + req = http.server._HttpServerRequest("GET", "/", headers, None, None)
> - ra = _FakeRequestAuth("area1", False, None)
> - self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
> + ac = _SimpleAuthenticator("foo", "bar")
> + ra = _FakeRequestAuth("area1", False, ac)
> + self.assertRaises(http.HttpBadRequest, ra.PreHandleRequest, req)
>
> def testAuthForPublicResource(self):
> headers = {
> @@@ -286,8 -271,8 +287,8 @@@
> for exc, headers in checks.items():
> for i in headers:
> headers = { http.HTTP_AUTHORIZATION: i, }
> - req = http.server._HttpServerRequest("GET", "/", headers, None)
> + req = http.server._HttpServerRequest("GET", "/", headers, None,
> None)
> - ra = _FakeRequestAuth("area1", False, None)
> + ra = _FakeRequestAuth("area1", False, ac)
> self.assertRaises(exc, ra.PreHandleRequest, req)
>
> def testBasicAuth(self):
>
