author | Danek Duvall <danek.duvall@oracle.com> |
Mon, 19 Oct 2015 11:45:11 -0700 | |
changeset 4988 | 4b69c7c7e09b |
child 5405 | 66fd59fecd68 |
permissions | -rw-r--r-- |
4988
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
1 |
From 0694e1911d10a18075ff99462c96781372422b2c Mon Sep 17 00:00:00 2001 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
2 |
From: Clay Gerrard <[email protected]> |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
3 |
Date: Thu, 23 Jul 2015 22:36:21 -0700 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
4 |
Subject: Disallow unsafe tempurl operations to point to unauthorized data |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
5 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
6 |
Do not allow PUT tempurls to create pointers to other data. Specifically |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
7 |
disallow the creation of DLO object manifests by returning an error if a |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
8 |
non-safe tempurl request includes an X-Object-Manifest header regardless of |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
9 |
the value of the header. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
10 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
11 |
This prevents discoverability attacks which can use any PUT tempurl to probe |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
12 |
for private data by creating a DLO object manifest and then using the PUT |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
13 |
tempurl to head the object which would 404 if the prefix does not match any |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
14 |
object data or form a valid DLO HEAD response if it does. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
15 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
16 |
This also prevents a tricky and potentially unexpected consequence of PUT |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
17 |
tempurls which would make it unsafe to allow a user to download objects |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
18 |
created by tempurl (even if they just created them) because the result of |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
19 |
reading the object created via tempurl may not be the data which was uploaded. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
20 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
21 |
[CVE-2015-5223] |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
22 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
23 |
Co-Authored-By: Kota Tsuyuzaki <[email protected]> |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
24 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
25 |
Closes-Bug: 1453948 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
26 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
27 |
Change-Id: I91161dfb0f089c3990aca1b4255b520299ef73c8 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
28 |
--- |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
29 |
swift/common/middleware/tempurl.py | 31 ++++++++++++++++++++++++- |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
30 |
test/functional/tests.py | 36 +++++++++++++++++++++++++++++ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
31 |
test/unit/common/middleware/test_tempurl.py | 19 +++++++++++++++ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
32 |
3 files changed, 85 insertions(+), 1 deletion(-) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
33 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
34 |
diff --git a/swift/common/middleware/tempurl.py b/swift/common/middleware/tempurl.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
35 |
index c2381b3..1f94e8d 100644 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
36 |
--- a/swift/common/middleware/tempurl.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
37 |
+++ b/swift/common/middleware/tempurl.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
38 |
@@ -119,11 +119,13 @@ from urllib import urlencode |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
39 |
from urlparse import parse_qs |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
40 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
41 |
from swift.proxy.controllers.base import get_account_info |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
42 |
-from swift.common.swob import HeaderKeyDict, HTTPUnauthorized |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
43 |
+from swift.common.swob import HeaderKeyDict, HTTPUnauthorized, HTTPBadRequest |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
44 |
from swift.common.utils import split_path, get_valid_utf8_str, \ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
45 |
register_swift_info, get_hmac, streq_const_time, quote |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
46 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
47 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
48 |
+DISALLOWED_INCOMING_HEADERS = 'x-object-manifest' |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
49 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
50 |
#: Default headers to remove from incoming requests. Simply a whitespace |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
51 |
#: delimited list of header names and names can optionally end with '*' to |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
52 |
#: indicate a prefix match. DEFAULT_INCOMING_ALLOW_HEADERS is a list of |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
53 |
@@ -227,6 +229,10 @@ class TempURL(object): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
54 |
#: The methods allowed with Temp URLs. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
55 |
self.methods = methods |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
56 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
57 |
+ self.disallowed_headers = set( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
58 |
+ 'HTTP_' + h.upper().replace('-', '_') |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
59 |
+ for h in DISALLOWED_INCOMING_HEADERS.split()) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
60 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
61 |
headers = DEFAULT_INCOMING_REMOVE_HEADERS |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
62 |
if 'incoming_remove_headers' in conf: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
63 |
headers = conf['incoming_remove_headers'] |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
64 |
@@ -320,6 +326,13 @@ class TempURL(object): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
65 |
for hmac in hmac_vals) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
66 |
if not is_valid_hmac: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
67 |
return self._invalid(env, start_response) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
68 |
+ # disallowed headers prevent accidently allowing upload of a pointer |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
69 |
+ # to data that the PUT tempurl would not otherwise allow access for. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
70 |
+ # It should be safe to provide a GET tempurl for data that an |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
71 |
+ # untrusted client just uploaded with a PUT tempurl. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
72 |
+ resp = self._clean_disallowed_headers(env, start_response) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
73 |
+ if resp: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
74 |
+ return resp |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
75 |
self._clean_incoming_headers(env) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
76 |
env['swift.authorize'] = lambda req: None |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
77 |
env['swift.authorize_override'] = True |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
78 |
@@ -456,6 +469,22 @@ class TempURL(object): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
79 |
body = '401 Unauthorized: Temp URL invalid\n' |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
80 |
return HTTPUnauthorized(body=body)(env, start_response) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
81 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
82 |
+ def _clean_disallowed_headers(self, env, start_response): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
83 |
+ """ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
84 |
+ Validate the absense of disallowed headers for "unsafe" operations. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
85 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
86 |
+ :returns: None for safe operations or swob.HTTPBadResponse if the |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
87 |
+ request includes disallowed headers. |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
88 |
+ """ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
89 |
+ if env['REQUEST_METHOD'] in ('GET', 'HEAD', 'OPTIONS'): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
90 |
+ return |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
91 |
+ for h in env: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
92 |
+ if h in self.disallowed_headers: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
93 |
+ return HTTPBadRequest( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
94 |
+ body='The header %r is not allowed in this tempurl' % |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
95 |
+ h[len('HTTP_'):].title().replace('_', '-'))( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
96 |
+ env, start_response) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
97 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
98 |
def _clean_incoming_headers(self, env): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
99 |
""" |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
100 |
Removes any headers from the WSGI environment as per the |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
101 |
diff --git a/test/functional/tests.py b/test/functional/tests.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
102 |
index e57f22b..654949f 100644 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
103 |
--- a/test/functional/tests.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
104 |
+++ b/test/functional/tests.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
105 |
@@ -2687,6 +2687,42 @@ class TestTempurl(Base): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
106 |
self.assert_(new_obj.info(parms=put_parms, |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
107 |
cfg={'no_auth_token': True})) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
108 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
109 |
+ def test_PUT_manifest_access(self): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
110 |
+ new_obj = self.env.container.file(Utils.create_name()) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
111 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
112 |
+ # give out a signature which allows a PUT to new_obj |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
113 |
+ expires = int(time.time()) + 86400 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
114 |
+ sig = self.tempurl_sig( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
115 |
+ 'PUT', expires, self.env.conn.make_path(new_obj.path), |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
116 |
+ self.env.tempurl_key) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
117 |
+ put_parms = {'temp_url_sig': sig, |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
118 |
+ 'temp_url_expires': str(expires)} |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
119 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
120 |
+ # try to create manifest pointing to some random container |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
121 |
+ try: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
122 |
+ new_obj.write('', { |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
123 |
+ 'x-object-manifest': '%s/foo' % 'some_random_container' |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
124 |
+ }, parms=put_parms, cfg={'no_auth_token': True}) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
125 |
+ except ResponseError as e: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
126 |
+ self.assertEqual(e.status, 400) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
127 |
+ else: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
128 |
+ self.fail('request did not error') |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
129 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
130 |
+ # create some other container |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
131 |
+ other_container = self.env.account.container(Utils.create_name()) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
132 |
+ if not other_container.create(): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
133 |
+ raise ResponseError(self.conn.response) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
134 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
135 |
+ # try to create manifest pointing to new container |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
136 |
+ try: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
137 |
+ new_obj.write('', { |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
138 |
+ 'x-object-manifest': '%s/foo' % other_container |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
139 |
+ }, parms=put_parms, cfg={'no_auth_token': True}) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
140 |
+ except ResponseError as e: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
141 |
+ self.assertEqual(e.status, 400) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
142 |
+ else: |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
143 |
+ self.fail('request did not error') |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
144 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
145 |
def test_HEAD(self): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
146 |
expires = int(time.time()) + 86400 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
147 |
sig = self.tempurl_sig( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
148 |
diff --git a/test/unit/common/middleware/test_tempurl.py b/test/unit/common/middleware/test_tempurl.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
149 |
index 0581077..ffb3b98 100644 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
150 |
--- a/test/unit/common/middleware/test_tempurl.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
151 |
+++ b/test/unit/common/middleware/test_tempurl.py |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
152 |
@@ -623,6 +623,25 @@ class TestTempURL(unittest.TestCase): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
153 |
self.assertTrue('Temp URL invalid' in resp.body) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
154 |
self.assertTrue('Www-Authenticate' in resp.headers) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
155 |
|
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
156 |
+ def test_disallowed_header_object_manifest(self): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
157 |
+ self.tempurl = tempurl.filter_factory({})(self.auth) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
158 |
+ method = 'PUT' |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
159 |
+ expires = int(time() + 86400) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
160 |
+ path = '/v1/a/c/o' |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
161 |
+ key = 'abc' |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
162 |
+ hmac_body = '%s\n%s\n%s' % (method, expires, path) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
163 |
+ sig = hmac.new(key, hmac_body, sha1).hexdigest() |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
164 |
+ req = self._make_request( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
165 |
+ path, method='PUT', keys=[key], |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
166 |
+ headers={'x-object-manifest': 'private/secret'}, |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
167 |
+ environ={'QUERY_STRING': 'temp_url_sig=%s&temp_url_expires=%s' % ( |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
168 |
+ sig, expires)}) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
169 |
+ resp = req.get_response(self.tempurl) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
170 |
+ self.assertEquals(resp.status_int, 400) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
171 |
+ self.assertTrue('header' in resp.body) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
172 |
+ self.assertTrue('not allowed' in resp.body) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
173 |
+ self.assertTrue('X-Object-Manifest' in resp.body) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
174 |
+ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
175 |
def test_removed_incoming_header(self): |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
176 |
self.tempurl = tempurl.filter_factory({ |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
177 |
'incoming_remove_headers': 'x-remove-this'})(self.auth) |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
178 |
-- |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
179 |
cgit v0.11.2 |
4b69c7c7e09b
21756542 problem in SERVICE/SWIFT
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
180 |