upstream/oracle/userland-gate: components/openstack/glance/patches/06-CVE-2014-5356.patch@e4a964ba3f11 (annotated)

3290 e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	1	Upstream patch to fix CVE-2014-5356. This fix will be included in
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	2	future 2013.2.4 and 2014.1.3 releases.
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	3
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	4	From 12f43cfed5a47cd16f08b7dad2424da0fc362e47 Mon Sep 17 00:00:00 2001
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	5	From: Tom Leaman <[email protected]>
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	6	Date: Fri, 2 May 2014 10:09:20 +0000
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	7	Subject: [PATCH] Enforce image_size_cap on v2 upload
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	8
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	9	image_size_cap should be checked and enforced on upload
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	10
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	11	Enforcement is in two places:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	12	- on image metadata save
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	13	- during image save to backend store
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	14
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	15	(cherry picked from commit 92ab00fca6926eaf3f7f92a955a5e07140063718)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	16	Conflicts:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	17	glance/location.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	18	glance/tests/functional/v2/test_images.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	19	glance/tests/unit/test_store_image.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	20
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	21	Closes-Bug: 1315321
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	22	Change-Id: I45bfb360703617bc394e9e27fe17adf43b09c0e1
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	23	Co-Author: Manuel Desbonnet <[email protected]>
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	24	---
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	25	glance/db/__init__.py \| 5 ++++
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	26	glance/store/__init__.py \| 5 +++-
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	27	glance/tests/functional/__init__.py \| 2 ++
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	28	glance/tests/functional/v2/test_images.py \| 42 +++++++++++++++++++++++++++++
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	29	glance/tests/unit/test_store_image.py \| 6 +++--
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	30	glance/tests/unit/utils.py \| 5 +++-
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	31	6 files changed, 61 insertions(+), 4 deletions(-)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	32
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	33	diff --git a/glance/db/__init__.py b/glance/db/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	34	index 56f4dac..8ac3606 100644
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	35	--- a/glance/db/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	36	+++ b/glance/db/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	37	@@ -32,6 +32,7 @@ db_opt = cfg.BoolOpt('use_tpool',
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	38	'all DB API calls')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	39
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	40	CONF = cfg.CONF
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	41	+CONF.import_opt('image_size_cap', 'glance.common.config')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	42	CONF.import_opt('metadata_encryption_key', 'glance.common.config')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	43	CONF.register_opt(db_opt)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	44
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	45	@@ -148,6 +149,8 @@ class ImageRepo(object):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	46
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	47	def add(self, image):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	48	image_values = self._format_image_to_db(image)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	49	+ if image_values['size'] > CONF.image_size_cap:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	50	+ raise exception.ImageSizeLimitExceeded
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	51	# the updated_at value is not set in the _format_image_to_db
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	52	# function since it is specific to image create
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	53	image_values['updated_at'] = image.updated_at
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	54	@@ -159,6 +162,8 @@ class ImageRepo(object):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	55
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	56	def save(self, image):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	57	image_values = self._format_image_to_db(image)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	58	+ if image_values['size'] > CONF.image_size_cap:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	59	+ raise exception.ImageSizeLimitExceeded
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	60	try:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	61	new_values = self.db_api.image_update(self.context,
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	62	image.image_id,
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	63	diff --git a/glance/store/__init__.py b/glance/store/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	64	index fa17f4b..fd25e27 100644
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	65	--- a/glance/store/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	66	+++ b/glance/store/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	67	@@ -646,7 +646,10 @@ class ImageProxy(glance.domain.proxy.Image):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	68	size = 0 # NOTE(markwash): zero -> unknown size
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	69	location, size, checksum, loc_meta = self.store_api.add_to_backend(
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	70	self.context, CONF.default_store,
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	71	- self.image.image_id, utils.CooperativeReader(data), size)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	72	+ self.image.image_id,
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	73	+ utils.LimitingReader(utils.CooperativeReader(data),
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	74	+ CONF.image_size_cap),
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	75	+ size)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	76	self.image.locations = [{'url': location, 'metadata': loc_meta}]
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	77	self.image.size = size
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	78	self.image.checksum = checksum
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	79	diff --git a/glance/tests/functional/__init__.py b/glance/tests/functional/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	80	index 1256133..18a1a7e 100644
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	81	--- a/glance/tests/functional/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	82	+++ b/glance/tests/functional/__init__.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	83	@@ -279,6 +279,7 @@ class ApiServer(Server):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	84	self.pid_file = pid_file or os.path.join(self.test_dir, "api.pid")
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	85	self.scrubber_datadir = os.path.join(self.test_dir, "scrubber")
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	86	self.log_file = os.path.join(self.test_dir, "api.log")
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	87	+ self.image_size_cap = 1099511627776
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	88	self.s3_store_host = "s3.amazonaws.com"
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	89	self.s3_store_access_key = ""
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	90	self.s3_store_secret_key = ""
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	91	@@ -332,6 +333,7 @@ metadata_encryption_key = %(metadata_encryption_key)s
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	92	registry_host = 127.0.0.1
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	93	registry_port = %(registry_port)s
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	94	log_file = %(log_file)s
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	95	+image_size_cap = %(image_size_cap)d
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	96	s3_store_host = %(s3_store_host)s
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	97	s3_store_access_key = %(s3_store_access_key)s
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	98	s3_store_secret_key = %(s3_store_secret_key)s
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	99	diff --git a/glance/tests/functional/v2/test_images.py b/glance/tests/functional/v2/test_images.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	100	index a9f9147..c25d4e2 100644
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	101	--- a/glance/tests/functional/v2/test_images.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	102	+++ b/glance/tests/functional/v2/test_images.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	103	@@ -259,6 +259,48 @@ class TestImages(functional.FunctionalTest):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	104
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	105	self.stop_servers()
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	106
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	107	+ def test_image_size_cap(self):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	108	+ self.api_server.image_size_cap = 128
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	109	+ self.start_servers(**self.__dict__.copy())
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	110	+ # create an image
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	111	+ path = self._url('/v2/images')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	112	+ headers = self._headers({'content-type': 'application/json'})
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	113	+ data = json.dumps({'name': 'image-size-cap-test-image',
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	114	+ 'type': 'kernel', 'disk_format': 'aki',
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	115	+ 'container_format': 'aki'})
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	116	+ response = requests.post(path, headers=headers, data=data)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	117	+ self.assertEqual(201, response.status_code)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	118	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	119	+ image = json.loads(response.text)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	120	+ image_id = image['id']
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	121	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	122	+ #try to populate it with oversized data
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	123	+ path = self._url('/v2/images/%s/file' % image_id)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	124	+ headers = self._headers({'Content-Type': 'application/octet-stream'})
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	125	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	126	+ class StreamSim(object):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	127	+ # Using a one-shot iterator to force chunked transfer in the PUT
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	128	+ # request
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	129	+ def __init__(self, size):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	130	+ self.size = size
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	131	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	132	+ def __iter__(self):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	133	+ yield 'Z' * self.size
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	134	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	135	+ response = requests.put(path, headers=headers, data=StreamSim(
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	136	+ self.api_server.image_size_cap + 1))
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	137	+ self.assertEqual(413, response.status_code)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	138	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	139	+ # hashlib.md5('Z'*129).hexdigest()
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	140	+ # == '76522d28cb4418f12704dfa7acd6e7ee'
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	141	+ # If the image has this checksum, it means that the whole stream was
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	142	+ # accepted and written to the store, which should not be the case.
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	143	+ path = self._url('/v2/images/{0}'.format(image_id))
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	144	+ headers = self._headers({'content-type': 'application/json'})
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	145	+ response = requests.get(path, headers=headers)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	146	+ image_checksum = json.loads(response.text).get('checksum')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	147	+ self.assertNotEqual(image_checksum, '76522d28cb4418f12704dfa7acd6e7ee')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	148	+
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	149	def test_permissions(self):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	150	# Create an image that belongs to TENANT1
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	151	path = self._url('/v2/images')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	152	diff --git a/glance/tests/unit/test_store_image.py b/glance/tests/unit/test_store_image.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	153	index f9f5d85..5bdd51e 100644
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	154	--- a/glance/tests/unit/test_store_image.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	155	+++ b/glance/tests/unit/test_store_image.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	156	@@ -126,8 +126,10 @@ class TestStoreImage(utils.BaseTestCase):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	157
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	158	self.stubs.Set(unit_test_utils.FakeStoreAPI, 'get_from_backend',
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	159	fake_get_from_backend)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	160	-
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	161	- self.assertEquals(image1.get_data().fd, 'ZZZ')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	162	+ # This time, image1.get_data() returns the data wrapped in a
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	163	+ # LimitingReader\|CooperativeReader pipeline, so peeking under
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	164	+ # the hood of those objects to get at the underlying string.
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	165	+ self.assertEquals(image1.get_data().data.fd, 'ZZZ')
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	166	image1.locations.pop(0)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	167	self.assertEquals(len(image1.locations), 1)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	168	image2.delete()
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	169	diff --git a/glance/tests/unit/utils.py b/glance/tests/unit/utils.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	170	index dff87b1..ec62828 100644
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	171	--- a/glance/tests/unit/utils.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	172	+++ b/glance/tests/unit/utils.py
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	173	@@ -149,7 +149,10 @@ class FakeStoreAPI(object):
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	174	if image_id in location:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	175	raise exception.Duplicate()
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	176	if not size:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	177	- size = len(data.fd)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	178	+ # 'data' is a string wrapped in a LimitingReader\|CooperativeReader
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	179	+ # pipeline, so peek under the hood of those objects to get at the
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	180	+ # string itself.
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	181	+ size = len(data.data.fd)
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	182	if (current_store_size + size) > store_max_size:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	183	raise exception.StorageFull()
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	184	if context.user == USER2:
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	185	--
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	186	1.7.9.5
e4a964ba3f11 19482453 problem in SERVICE/GLANCE Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	187

author	Drew Fisher <drew.fisher@oracle.com>
	Tue, 26 Aug 2014 15:05:45 -0700
branch	s11u2-sru
changeset 3290	e4a964ba3f11
permissions	-rw-r--r--