summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Thode <prometheanfire@gentoo.org>2014-10-11 22:25:23 +0000
committerMatthew Thode <prometheanfire@gentoo.org>2014-10-11 22:25:23 +0000
commit7796db1e158e4aa6db79ada18869da54c8d221ac (patch)
treed012885c3ffb8ce030b619e47d97d6049f7db924 /app-admin
parentadd ebuild for doublex—dependence for fig (diff)
downloadgentoo-2-7796db1e158e4aa6db79ada18869da54c8d221ac.tar.gz
gentoo-2-7796db1e158e4aa6db79ada18869da54c8d221ac.tar.bz2
gentoo-2-7796db1e158e4aa6db79ada18869da54c8d221ac.zip
bup
(Portage version: 2.2.8-r2/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3)
Diffstat (limited to 'app-admin')
-rw-r--r--app-admin/glance/ChangeLog9
-rw-r--r--app-admin/glance/files/2014.1.2-CVE-2014-5356.patch175
-rw-r--r--app-admin/glance/glance-2014.1.3.ebuild141
-rw-r--r--app-admin/glance/glance-2014.1.9999.ebuild8
4 files changed, 154 insertions, 179 deletions
diff --git a/app-admin/glance/ChangeLog b/app-admin/glance/ChangeLog
index b71c0864c065..2a69f914835c 100644
--- a/app-admin/glance/ChangeLog
+++ b/app-admin/glance/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for app-admin/glance
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/ChangeLog,v 1.48 2014/08/21 20:40:15 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/ChangeLog,v 1.49 2014/10/11 22:25:23 prometheanfire Exp $
+
+*glance-2014.1.3 (11 Oct 2014)
+
+ 11 Oct 2014; Matthew Thode <prometheanfire@gentoo.org>
+ +glance-2014.1.3.ebuild, -files/2014.1.2-CVE-2014-5356.patch,
+ glance-2014.1.9999.ebuild:
+ bup
*glance-2014.1.2 (21 Aug 2014)
diff --git a/app-admin/glance/files/2014.1.2-CVE-2014-5356.patch b/app-admin/glance/files/2014.1.2-CVE-2014-5356.patch
deleted file mode 100644
index 1d64ad882381..000000000000
--- a/app-admin/glance/files/2014.1.2-CVE-2014-5356.patch
+++ /dev/null
@@ -1,175 +0,0 @@
-From 31a4d1852a0c27bac5757c192f300f051229a312 Mon Sep 17 00:00:00 2001
-From: Tom Leaman <thomas.leaman@hp.com>
-Date: Fri, 2 May 2014 10:09:20 +0000
-Subject: Enforce image_size_cap on v2 upload
-
-image_size_cap should be checked and enforced on upload
-
-Enforcement is in two places:
-- on image metadata save
-- during image save to backend store
-
-(cherry picked from commit 92ab00fca6926eaf3f7f92a955a5e07140063718)
-Conflicts:
- glance/location.py
- glance/tests/functional/v2/test_images.py
-
-Closes-Bug: 1315321
-Change-Id: I45bfb360703617bc394e9e27fe17adf43b09c0e1
-Co-Author: Manuel Desbonnet <manuel.desbonnet@hp.com>
-
-diff --git a/glance/db/__init__.py b/glance/db/__init__.py
-index a6e804c..a59447d 100644
---- a/glance/db/__init__.py
-+++ b/glance/db/__init__.py
-@@ -27,6 +27,7 @@ from glance.openstack.common import importutils
-
-
- CONF = cfg.CONF
-+CONF.import_opt('image_size_cap', 'glance.common.config')
- CONF.import_opt('metadata_encryption_key', 'glance.common.config')
-
-
-@@ -150,6 +151,8 @@ class ImageRepo(object):
-
- def add(self, image):
- image_values = self._format_image_to_db(image)
-+ if image_values['size'] > CONF.image_size_cap:
-+ raise exception.ImageSizeLimitExceeded
- # the updated_at value is not set in the _format_image_to_db
- # function since it is specific to image create
- image_values['updated_at'] = image.updated_at
-@@ -161,6 +164,8 @@ class ImageRepo(object):
-
- def save(self, image):
- image_values = self._format_image_to_db(image)
-+ if image_values['size'] > CONF.image_size_cap:
-+ raise exception.ImageSizeLimitExceeded
- try:
- new_values = self.db_api.image_update(self.context,
- image.image_id,
-diff --git a/glance/store/__init__.py b/glance/store/__init__.py
-index 33a67d6..273b7c7 100644
---- a/glance/store/__init__.py
-+++ b/glance/store/__init__.py
-@@ -721,7 +721,10 @@ class ImageProxy(glance.domain.proxy.Image):
- size = 0 # NOTE(markwash): zero -> unknown size
- location, size, checksum, loc_meta = self.store_api.add_to_backend(
- self.context, CONF.default_store,
-- self.image.image_id, utils.CooperativeReader(data), size)
-+ self.image.image_id,
-+ utils.LimitingReader(utils.CooperativeReader(data),
-+ CONF.image_size_cap),
-+ size)
- self.image.locations = [{'url': location, 'metadata': loc_meta}]
- self.image.size = size
- self.image.checksum = checksum
-diff --git a/glance/tests/functional/__init__.py b/glance/tests/functional/__init__.py
-index 537a42f..2f116f0 100644
---- a/glance/tests/functional/__init__.py
-+++ b/glance/tests/functional/__init__.py
-@@ -280,6 +280,7 @@ class ApiServer(Server):
- self.pid_file = pid_file or os.path.join(self.test_dir, "api.pid")
- self.scrubber_datadir = os.path.join(self.test_dir, "scrubber")
- self.log_file = os.path.join(self.test_dir, "api.log")
-+ self.image_size_cap = 1099511627776
- self.s3_store_host = "s3.amazonaws.com"
- self.s3_store_access_key = ""
- self.s3_store_secret_key = ""
-@@ -341,6 +342,7 @@ metadata_encryption_key = %(metadata_encryption_key)s
- registry_host = 127.0.0.1
- registry_port = %(registry_port)s
- log_file = %(log_file)s
-+image_size_cap = %(image_size_cap)d
- s3_store_host = %(s3_store_host)s
- s3_store_access_key = %(s3_store_access_key)s
- s3_store_secret_key = %(s3_store_secret_key)s
-diff --git a/glance/tests/functional/v2/test_images.py b/glance/tests/functional/v2/test_images.py
-index a309e64..4247434 100644
---- a/glance/tests/functional/v2/test_images.py
-+++ b/glance/tests/functional/v2/test_images.py
-@@ -451,6 +451,48 @@ class TestImages(functional.FunctionalTest):
-
- self.stop_servers()
-
-+ def test_image_size_cap(self):
-+ self.api_server.image_size_cap = 128
-+ self.start_servers(**self.__dict__.copy())
-+ # create an image
-+ path = self._url('/v2/images')
-+ headers = self._headers({'content-type': 'application/json'})
-+ data = jsonutils.dumps({'name': 'image-size-cap-test-image',
-+ 'type': 'kernel', 'disk_format': 'aki',
-+ 'container_format': 'aki'})
-+ response = requests.post(path, headers=headers, data=data)
-+ self.assertEqual(201, response.status_code)
-+
-+ image = jsonutils.loads(response.text)
-+ image_id = image['id']
-+
-+ #try to populate it with oversized data
-+ path = self._url('/v2/images/%s/file' % image_id)
-+ headers = self._headers({'Content-Type': 'application/octet-stream'})
-+
-+ class StreamSim(object):
-+ # Using a one-shot iterator to force chunked transfer in the PUT
-+ # request
-+ def __init__(self, size):
-+ self.size = size
-+
-+ def __iter__(self):
-+ yield 'Z' * self.size
-+
-+ response = requests.put(path, headers=headers, data=StreamSim(
-+ self.api_server.image_size_cap + 1))
-+ self.assertEqual(413, response.status_code)
-+
-+ # hashlib.md5('Z'*129).hexdigest()
-+ # == '76522d28cb4418f12704dfa7acd6e7ee'
-+ # If the image has this checksum, it means that the whole stream was
-+ # accepted and written to the store, which should not be the case.
-+ path = self._url('/v2/images/{0}'.format(image_id))
-+ headers = self._headers({'content-type': 'application/json'})
-+ response = requests.get(path, headers=headers)
-+ image_checksum = jsonutils.loads(response.text).get('checksum')
-+ self.assertNotEqual(image_checksum, '76522d28cb4418f12704dfa7acd6e7ee')
-+
- def test_permissions(self):
- # Create an image that belongs to TENANT1
- path = self._url('/v2/images')
-diff --git a/glance/tests/unit/test_store_image.py b/glance/tests/unit/test_store_image.py
-index eb8d333..424915b 100644
---- a/glance/tests/unit/test_store_image.py
-+++ b/glance/tests/unit/test_store_image.py
-@@ -119,8 +119,10 @@ class TestStoreImage(utils.BaseTestCase):
-
- self.stubs.Set(unit_test_utils.FakeStoreAPI, 'get_from_backend',
- fake_get_from_backend)
--
-- self.assertEqual(image1.get_data().fd, 'ZZZ')
-+ # This time, image1.get_data() returns the data wrapped in a
-+ # LimitingReader|CooperativeReader pipeline, so peeking under
-+ # the hood of those objects to get at the underlying string.
-+ self.assertEqual(image1.get_data().data.fd, 'ZZZ')
- image1.locations.pop(0)
- self.assertEqual(len(image1.locations), 1)
- image2.delete()
-diff --git a/glance/tests/unit/utils.py b/glance/tests/unit/utils.py
-index a43dea3..4186787 100644
---- a/glance/tests/unit/utils.py
-+++ b/glance/tests/unit/utils.py
-@@ -148,7 +148,10 @@ class FakeStoreAPI(object):
- if image_id in location:
- raise exception.Duplicate()
- if not size:
-- size = len(data.fd)
-+ # 'data' is a string wrapped in a LimitingReader|CooperativeReader
-+ # pipeline, so peek under the hood of those objects to get at the
-+ # string itself.
-+ size = len(data.data.fd)
- if (current_store_size + size) > store_max_size:
- raise exception.StorageFull()
- if context.user == USER2:
---
-cgit v0.10.1
-
diff --git a/app-admin/glance/glance-2014.1.3.ebuild b/app-admin/glance/glance-2014.1.3.ebuild
new file mode 100644
index 000000000000..77c5d695d119
--- /dev/null
+++ b/app-admin/glance/glance-2014.1.3.ebuild
@@ -0,0 +1,141 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/glance-2014.1.3.ebuild,v 1.1 2014/10/11 22:25:23 prometheanfire Exp $
+
+EAPI=5
+PYTHON_COMPAT=( python2_7 )
+
+inherit distutils-r1 user
+
+DESCRIPTION="Provides services for discovering, registering, and retrieving
+virtual machine images with Openstack"
+HOMEPAGE="https://launchpad.net/glance"
+SRC_URI="http://launchpad.net/${PN}/icehouse/${PV}/+download/${P}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc mysql postgres +sqlite +swift test"
+REQUIRED_USE="|| ( mysql postgres sqlite )"
+
+DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]
+ >=dev-python/pbr-0.6.0[${PYTHON_USEDEP}]
+ <dev-python/pbr-1.0[${PYTHON_USEDEP}]
+ test? ( >=dev-python/hacking-0.8.0[${PYTHON_USEDEP}]
+ <dev-python/hacking-0.9[${PYTHON_USEDEP}]
+ >=dev-python/Babel-1.3[${PYTHON_USEDEP}]
+ >=dev-python/coverage-3.6[${PYTHON_USEDEP}]
+ >=dev-python/fixtures-0.3.14[${PYTHON_USEDEP}]
+ >=dev-python/mock-1.0[${PYTHON_USEDEP}]
+ >=dev-python/mox-0.5.3[${PYTHON_USEDEP}]
+ >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}]
+ <dev-python/sphinx-1.1.9999[${PYTHON_USEDEP}]
+ >=dev-python/requests-1.1[${PYTHON_USEDEP}]
+ >=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}]
+ >=dev-python/testtools-0.9.34[${PYTHON_USEDEP}]
+ >=dev-python/psutil-1.1.1[${PYTHON_USEDEP}]
+ dev-python/mysql-python[${PYTHON_USEDEP}]
+ dev-python/psycopg[${PYTHON_USEDEP}]
+ ~dev-python/pysendfile-2.0.0[${PYTHON_USEDEP}]
+ dev-python/qpid-python[${PYTHON_USEDEP}]
+ >=dev-python/pyxattr-0.5.0[${PYTHON_USEDEP}]
+ dev-python/oslo-sphinx[${PYTHON_USEDEP}] )"
+
+#note to self, wsgiref is a python builtin, no need to package it
+#>=dev-python/wsgiref-0.1.2[${PYTHON_USEDEP}]
+
+RDEPEND=">=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}]
+ sqlite? (
+ >=dev-python/sqlalchemy-0.8.0[sqlite,${PYTHON_USEDEP}]
+ !~dev-python/sqlalchemy-0.9.5[sqlite,${PYTHON_USEDEP}]
+ <=dev-python/sqlalchemy-0.9.99[sqlite,${PYTHON_USEDEP}]
+ )
+ mysql? (
+ dev-python/mysql-python
+ >=dev-python/sqlalchemy-0.8.0[${PYTHON_USEDEP}]
+ !~dev-python/sqlalchemy-0.9.5[${PYTHON_USEDEP}]
+ <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}]
+ )
+ postgres? (
+ dev-python/psycopg:2
+ >=dev-python/sqlalchemy-0.8.0[${PYTHON_USEDEP}]
+ !~dev-python/sqlalchemy-0.9.5[${PYTHON_USEDEP}]
+ <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}]
+ )
+ >=dev-python/anyjson-0.3.3[${PYTHON_USEDEP}]
+ >=dev-python/eventlet-0.13.0[${PYTHON_USEDEP}]
+ >=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}]
+ >=dev-python/routes-1.12.3[${PYTHON_USEDEP}]
+ !~dev-python/routes-2.0[${PYTHON_USEDEP}]
+ >=dev-python/webob-1.2.3[${PYTHON_USEDEP}]
+ >=dev-python/boto-2.12.0[${PYTHON_USEDEP}]
+ !~dev-python/boto-2.13.0[${PYTHON_USEDEP}]
+ >=dev-python/sqlalchemy-migrate-0.9[${PYTHON_USEDEP}]
+ !~dev-python/sqlalchemy-migrate-0.9.2[${PYTHON_USEDEP}]
+ >=dev-python/httplib2-0.7.5[${PYTHON_USEDEP}]
+ >=dev-python/kombu-2.4.8[${PYTHON_USEDEP}]
+ >=dev-python/pycrypto-2.6[${PYTHON_USEDEP}]
+ >=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}]
+ >=dev-python/oslo-config-1.2.1[${PYTHON_USEDEP}]
+ >=dev-python/stevedore-0.14[${PYTHON_USEDEP}]
+ swift? (
+ >=dev-python/python-swiftclient-1.6[${PYTHON_USEDEP}]
+ )
+ dev-python/paste[${PYTHON_USEDEP}]
+ >=dev-python/jsonschema-2.0.0[${PYTHON_USEDEP}]
+ <dev-python/jsonschema-3.0.0[${PYTHON_USEDEP}]
+ >=dev-python/python-cinderclient-1.0.6[${PYTHON_USEDEP}]
+ >=dev-python/python-keystoneclient-0.7.0[${PYTHON_USEDEP}]
+ >=dev-python/pyopenssl-0.11[${PYTHON_USEDEP}]
+ >=dev-python/six-1.6.0[${PYTHON_USEDEP}]
+ >=dev-python/oslo-messaging-1.3.0[${PYTHON_USEDEP}]
+ >=dev-python/oslo-vmware-0.2[${PYTHON_USEDEP}]"
+
+PATCHES=( "${FILESDIR}/${PN}-2013.2-sphinx_mapping.patch" )
+
+pkg_setup() {
+ enewgroup glance
+ enewuser glance -1 -1 /var/lib/glance glance
+}
+
+python_compile_all() {
+ use doc && "${PYTHON}" setup.py build_sphinx
+}
+
+python_test() {
+ # https://bugs.launchpad.net/glance/+bug/1251105
+ # https://bugs.launchpad.net/glance/+bug/1242501
+ nosetests glance/ || die "tests failed under python2.7"
+}
+
+python_install() {
+ distutils-r1_python_install
+
+ for svc in api registry scrubber; do
+ newinitd "${FILESDIR}/glance.initd" glance-${svc}
+ done
+
+ diropts -m 0750 -o glance -g glance
+ dodir /var/log/glance /var/lib/glance/images /var/lib/glance/scrubber
+ keepdir /etc/glance
+ keepdir /var/log/glance
+ keepdir /var/lib/glance/images
+ keepdir /var/lib/glance/scrubber
+
+ insinto /etc/glance
+ insopts -m 0640 -o glance -g glance
+ doins "etc/glance-api-paste.ini"
+ doins "etc/glance-api.conf"
+ doins "etc/glance-cache.conf"
+ doins "etc/glance-registry-paste.ini"
+ doins "etc/glance-registry.conf"
+ doins "etc/glance-scrubber.conf"
+ doins "etc/logging.cnf.sample"
+ doins "etc/policy.json"
+ doins "etc/schema-image.json"
+}
+
+python_install_all() {
+ use doc && local HTML_DOCS=( doc/build/html/. )
+ distutils-r1_python_install_all
+}
diff --git a/app-admin/glance/glance-2014.1.9999.ebuild b/app-admin/glance/glance-2014.1.9999.ebuild
index acfa5225cc29..801970a61487 100644
--- a/app-admin/glance/glance-2014.1.9999.ebuild
+++ b/app-admin/glance/glance-2014.1.9999.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/glance-2014.1.9999.ebuild,v 1.4 2014/07/26 23:15:35 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/glance-2014.1.9999.ebuild,v 1.5 2014/10/11 22:25:23 prometheanfire Exp $
EAPI=5
PYTHON_COMPAT=( python2_7 )
@@ -30,7 +30,7 @@ DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]
>=dev-python/mock-1.0[${PYTHON_USEDEP}]
>=dev-python/mox-0.5.3[${PYTHON_USEDEP}]
>=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}]
- <dev-python/sphinx-1.2[${PYTHON_USEDEP}]
+ <dev-python/sphinx-1.1.9999[${PYTHON_USEDEP}]
>=dev-python/requests-1.1[${PYTHON_USEDEP}]
>=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}]
>=dev-python/testtools-0.9.34[${PYTHON_USEDEP}]
@@ -67,10 +67,12 @@ RDEPEND=">=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}]
>=dev-python/eventlet-0.13.0[${PYTHON_USEDEP}]
>=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}]
>=dev-python/routes-1.12.3[${PYTHON_USEDEP}]
+ !~dev-python/routes-2.0[${PYTHON_USEDEP}]
>=dev-python/webob-1.2.3[${PYTHON_USEDEP}]
>=dev-python/boto-2.12.0[${PYTHON_USEDEP}]
!~dev-python/boto-2.13.0[${PYTHON_USEDEP}]
>=dev-python/sqlalchemy-migrate-0.9[${PYTHON_USEDEP}]
+ !~dev-python/sqlalchemy-migrate-0.9.2[${PYTHON_USEDEP}]
>=dev-python/httplib2-0.7.5[${PYTHON_USEDEP}]
>=dev-python/kombu-2.4.8[${PYTHON_USEDEP}]
>=dev-python/pycrypto-2.6[${PYTHON_USEDEP}]
@@ -90,7 +92,7 @@ RDEPEND=">=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}]
>=dev-python/oslo-messaging-1.3.0[${PYTHON_USEDEP}]
>=dev-python/oslo-vmware-0.2[${PYTHON_USEDEP}]"
-PATCHES=( "${FILESDIR}"/${PN}-2013.2-sphinx_mapping.patch )
+PATCHES=( "${FILESDIR}/${PN}-2013.2-sphinx_mapping.patch" )
pkg_setup() {
enewgroup glance