From 57495f934b7a6617ea0faf1856a53285175e4c5b Mon Sep 17 00:00:00 2001
From: Matt Riedemann <mriedem@us.ibm.com>
Date: Thu, 11 Sep 2014 08:52:04 -0700
Subject: Sync jsonutils for namedtuple_as_object fix

This is to pull in the fix for bug 1361230 which was introduced
with a prior sync of jsonutils.

strutils is pulled in as a dependency but also fixes an
unrelated bug 1345233.

Changes:

jsonutils
---------
d9060f6 Check for namedtuple_as_object support before using it

strutils
--------
66142c3 Make strutils.mask_password more secure

Change-Id: I9bd2e5f93c2684203487627f64f70d5da7b13586
Closes-Bug: #1361230
Partial-Bug: #1345233
---
 ceilometer/openstack/common/jsonutils.py |  8 +++++-
 ceilometer/openstack/common/strutils.py  | 44 ++++++++++++++++++++++----------
 2 files changed, 37 insertions(+), 15 deletions(-)

(limited to 'ceilometer')

diff --git a/ceilometer/openstack/common/jsonutils.py b/ceilometer/openstack/common/jsonutils.py
index 8f346b57..e0c68268 100644
--- a/ceilometer/openstack/common/jsonutils.py
+++ b/ceilometer/openstack/common/jsonutils.py
@@ -44,7 +44,13 @@ if sys.version_info < (2, 7):
     # simplejson module if available
     try:
         import simplejson as json
-        is_simplejson = True
+        # NOTE(mriedem): Make sure we have a new enough version of simplejson
+        # to support the namedobject_as_tuple argument. This can be removed
+        # in the Kilo release when python 2.6 support is dropped.
+        if 'namedtuple_as_object' in inspect.getargspec(json.dumps).args:
+            is_simplejson = True
+        else:
+            import json
     except ImportError:
         import json
 else:
diff --git a/ceilometer/openstack/common/strutils.py b/ceilometer/openstack/common/strutils.py
index a5888db8..9814195d 100644
--- a/ceilometer/openstack/common/strutils.py
+++ b/ceilometer/openstack/common/strutils.py
@@ -50,26 +50,37 @@ SLUGIFY_STRIP_RE = re.compile(r"[^\w\s-]")
 SLUGIFY_HYPHENATE_RE = re.compile(r"[-\s]+")
 
 
-# NOTE(flaper87): The following 3 globals are used by `mask_password`
+# NOTE(flaper87): The following globals are used by `mask_password`
 _SANITIZE_KEYS = ['adminPass', 'admin_pass', 'password', 'admin_password']
 
 # NOTE(ldbragst): Let's build a list of regex objects using the list of
 # _SANITIZE_KEYS we already have. This way, we only have to add the new key
 # to the list of _SANITIZE_KEYS and we can generate regular expressions
 # for XML and JSON automatically.
-_SANITIZE_PATTERNS = []
-_FORMAT_PATTERNS = [r'(%(key)s\s*[=]\s*[\"\']).*?([\"\'])',
-                    r'(<%(key)s>).*?(</%(key)s>)',
-                    r'([\"\']%(key)s[\"\']\s*:\s*[\"\']).*?([\"\'])',
-                    r'([\'"].*?%(key)s[\'"]\s*:\s*u?[\'"]).*?([\'"])',
-                    r'([\'"].*?%(key)s[\'"]\s*,\s*\'--?[A-z]+\'\s*,\s*u?[\'"])'
-                    '.*?([\'"])',
-                    r'(%(key)s\s*--?[A-z]+\s*)\S+(\s*)']
+_SANITIZE_PATTERNS_2 = []
+_SANITIZE_PATTERNS_1 = []
+
+# NOTE(amrith): Some regular expressions have only one parameter, some
+# have two parameters. Use different lists of patterns here.
+_FORMAT_PATTERNS_1 = [r'(%(key)s\s*[=]\s*)[^\s^\'^\"]+']
+_FORMAT_PATTERNS_2 = [r'(%(key)s\s*[=]\s*[\"\']).*?([\"\'])',
+                      r'(%(key)s\s+[\"\']).*?([\"\'])',
+                      r'([-]{2}%(key)s\s+)[^\'^\"^=^\s]+([\s]*)',
+                      r'(<%(key)s>).*?(</%(key)s>)',
+                      r'([\"\']%(key)s[\"\']\s*:\s*[\"\']).*?([\"\'])',
+                      r'([\'"].*?%(key)s[\'"]\s*:\s*u?[\'"]).*?([\'"])',
+                      r'([\'"].*?%(key)s[\'"]\s*,\s*\'--?[A-z]+\'\s*,\s*u?'
+                      '[\'"]).*?([\'"])',
+                      r'(%(key)s\s*--?[A-z]+\s*)\S+(\s*)']
 
 for key in _SANITIZE_KEYS:
-    for pattern in _FORMAT_PATTERNS:
+    for pattern in _FORMAT_PATTERNS_2:
         reg_ex = re.compile(pattern % {'key': key}, re.DOTALL)
-        _SANITIZE_PATTERNS.append(reg_ex)
+        _SANITIZE_PATTERNS_2.append(reg_ex)
+
+    for pattern in _FORMAT_PATTERNS_1:
+        reg_ex = re.compile(pattern % {'key': key}, re.DOTALL)
+        _SANITIZE_PATTERNS_1.append(reg_ex)
 
 
 def int_from_bool_as_string(subject):
@@ -289,7 +300,12 @@ def mask_password(message, secret="***"):
     if not any(key in message for key in _SANITIZE_KEYS):
         return message
 
-    secret = r'\g<1>' + secret + r'\g<2>'
-    for pattern in _SANITIZE_PATTERNS:
-        message = re.sub(pattern, secret, message)
+    substitute = r'\g<1>' + secret + r'\g<2>'
+    for pattern in _SANITIZE_PATTERNS_2:
+        message = re.sub(pattern, substitute, message)
+
+    substitute = r'\g<1>' + secret
+    for pattern in _SANITIZE_PATTERNS_1:
+        message = re.sub(pattern, substitute, message)
+
     return message
-- 
cgit v1.2.1