delta/openstack/python-swiftclient.git, branch stable/liberty opendev.org: openstack/python-swiftclient.git Do not reveal auth token in swiftclient log messages by default 2016-03-08T12:17:18+00:00 Joel Wright joel.wright@sohonet.com 2016-02-19T13:18:15+00:00 d95d14ac10996e1efb50d1c34e29f3d692cde150 Currently the swiftclient logs sensitive info in headers when logging HTTP requests. This patch hides sensitive info in headers such as 'X-Auth-Token' in a similar way to swift itself (we add a 'reveal_sensitive_prefix' configuration to the client). With this patch, tokens are truncated by removing the specified number of characters, after which '...' is appended to the logged token to indicate that it has been redacted. Also include client.parse_header_string() for safe unicode handling of header data. Backport based on commits: c3f06417049e17a8d45ee5926c5043cb6c8aa9ef 4d44dcf36086add13d3353915c014f095ab99c6d ce569f46517e10f2ce0d27e9ee0a922ad1d84e2f 46d817828082105a69d4da53fef2f2fbefc54809 aa0edd00966237163451fc44cda2c593a5215cbe Co-Authored-By: Tim Burke <tim.burke@gmail.com> Co-Authored-By: Alistair Coles <alistair.coles@hpe.com> Co-Authored-By: Li Cheng <shcli@cn.ibm.com> Co-Authored-By: Zack M. Davis <zdavis@swiftstack.com> Change-Id: I71fc5aad23bc076b06f75888c3ea507feffc7b48 Closes-bug: #1516692 
Currently the swiftclient logs sensitive info in headers when logging
HTTP requests. This patch hides sensitive info in headers such as
'X-Auth-Token' in a similar way to swift itself (we add a
'reveal_sensitive_prefix' configuration to the client).

With this patch, tokens are truncated by removing the specified number
of characters, after which '...' is appended to the logged token to
indicate that it has been redacted.

Also include client.parse_header_string() for safe unicode handling
of header data.

Backport based on commits:

  c3f06417049e17a8d45ee5926c5043cb6c8aa9ef
  4d44dcf36086add13d3353915c014f095ab99c6d
  ce569f46517e10f2ce0d27e9ee0a922ad1d84e2f
  46d817828082105a69d4da53fef2f2fbefc54809
  aa0edd00966237163451fc44cda2c593a5215cbe

Co-Authored-By: Tim Burke <tim.burke@gmail.com>
Co-Authored-By: Alistair Coles <alistair.coles@hpe.com>
Co-Authored-By: Li Cheng <shcli@cn.ibm.com>
Co-Authored-By: Zack M. Davis <zdavis@swiftstack.com>

Change-Id: I71fc5aad23bc076b06f75888c3ea507feffc7b48
Closes-bug: #1516692
Fix the http request headers being overwritten in logging 2016-02-25T11:05:45+00:00 Min Min Ren rminmin@cn.ibm.com 2015-12-02T08:27:53+00:00 ff880daccff57278129ed63b7d872c039f5e8fd2 Fix the http request headers in put_object being overwritten in logging Cherry-picked from commit 61880c6f980cb8e613bdf6cb48a9a61ce7488162 Change-Id: Id0d1e36561a61ed1ce30d93c801ec32f058a6fa4 Closes-bug: #1501292 
Fix the http request headers in put_object being overwritten in logging

Cherry-picked from commit 61880c6f980cb8e613bdf6cb48a9a61ce7488162

Change-Id: Id0d1e36561a61ed1ce30d93c801ec32f058a6fa4
Closes-bug: #1501292
Merge "Update .gitreview for stable/liberty" into stable/liberty 2015-12-01T08:38:26+00:00 Jenkins jenkins@review.openstack.org 2015-12-01T08:38:26+00:00 3e07428301f4aa872d9cf096af1ecb48a1e8781f 






Change ignore-errors to ignore_errors
2015-11-30T23:48:31+00:00

Monty Taylor
mordred@inaugust.com

2015-09-21T14:54:35+00:00

e067238f381c34cb62793211cb90c044c167dae6

Needed for coverage 4.0

Change-Id: I2789541f67d6adbdc8454183753832488fe2bbe2
(cherry picked from commit ccc3aa49ee654286c169afce558455cfb9f2d4ba)





Needed for coverage 4.0

Change-Id: I2789541f67d6adbdc8454183753832488fe2bbe2
(cherry picked from commit ccc3aa49ee654286c169afce558455cfb9f2d4ba)







Update .gitreview for stable/liberty
2015-09-21T19:55:37+00:00

Doug Hellmann
doug@doughellmann.com

2015-09-21T19:55:37+00:00

da482128b802ae880a40ad354e36123db266d35c

Change-Id: I2943b0dbcfc988bbd471b56ef7d02a515d49e16f





Change-Id: I2943b0dbcfc988bbd471b56ef7d02a515d49e16f







updated changelog for 2.6.0 release
2015-09-07T15:20:14+00:00

John Dickinson
me@not.mn

2015-09-07T15:20:14+00:00

7cd2a01cda4ac592dee465d4acf8a0b246354328

Instead of a 2.5.1 release, add in the absolute tempurl option to the release and bump it to 2.6.0

Change-Id: Ie8335a737aac3211a240c25d88501f8f5dbccbea





Instead of a 2.5.1 release, add in the absolute tempurl option to the release and bump it to 2.6.0

Change-Id: Ie8335a737aac3211a240c25d88501f8f5dbccbea







Merge "absolute expiry option for tempURL generation"
2015-09-05T20:16:38+00:00

Jenkins
jenkins@review.openstack.org

2015-09-05T20:16:38+00:00

fa7ffdd2924ad18baedf64c4e260e8e3d376d091












absolute expiry option for tempURL generation
2015-09-04T21:57:30+00:00

Zack M. Davis
zdavis@swiftstack.com

2015-09-04T21:57:30+00:00

52d39bebc11979fa1be5090ff75466710638e561

The `tempurl` subcommand's second positional argument is called
`seconds` and has heretofore interpreted as the number of seconds for
which the tempURL should be valid, counting from the moment of running
the command. This is indeed a common, if not the most common,
use-case. But some users, occasionally, might want to generate a tempURL
that expires at some particular ("absolute") time, rather than a
particular amount of time relative to the moment of happening to run the
command. (One might make an analogy to the way in which Swift's expiring
object support supports an `X-Delete-At` header in addition to
`X-Delete-After`—and it's the former that must be regarded as
ontologically prior.) Thus, this commit adds an `--absolute` optional
argument to the `tempurl` subcommand; if present, the `seconds` argument
will be interpreted as a Unix timestamp of when the tempURL should be
expire, rather than a duration for which the tempURL should be valid
starting from "now".

Change-Id: If9ded96f2799800958d5063127f3de812f50ef06





The `tempurl` subcommand's second positional argument is called
`seconds` and has heretofore interpreted as the number of seconds for
which the tempURL should be valid, counting from the moment of running
the command. This is indeed a common, if not the most common,
use-case. But some users, occasionally, might want to generate a tempURL
that expires at some particular ("absolute") time, rather than a
particular amount of time relative to the moment of happening to run the
command. (One might make an analogy to the way in which Swift's expiring
object support supports an `X-Delete-At` header in addition to
`X-Delete-After`—and it's the former that must be regarded as
ontologically prior.) Thus, this commit adds an `--absolute` optional
argument to the `tempurl` subcommand; if present, the `seconds` argument
will be interpreted as a Unix timestamp of when the tempURL should be
expire, rather than a duration for which the tempURL should be valid
starting from "now".

Change-Id: If9ded96f2799800958d5063127f3de812f50ef06







do hand-curated authors/changelog files
2015-09-04T17:29:30+00:00

John Dickinson
me@not.mn

2015-07-15T03:50:16+00:00

9ef4c97de2fef9e25292c8f346b6802129b68cec

Change-Id: I1a264c9ce1d137b18a6dc62623a282e4a2fe839c





Change-Id: I1a264c9ce1d137b18a6dc62623a282e4a2fe839c







Merge "Log and report trace on service operation fails"
2015-09-04T01:46:18+00:00

Jenkins
jenkins@review.openstack.org

2015-09-04T01:46:18+00:00

93666bb84abc1edc36fbb3ef5ec194cf774e4826