commit: 17521c754424b67a0e703bdeeedbd9bb05e79a1a Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Tue May 2 08:59:08 2017 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Tue May 2 09:47:49 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=17521c75
dev-python/oslo-middleware: Clean old versions up dev-python/oslo-middleware/Manifest | 3 - .../files/cve-2017-2592-stable-mitaka.patch | 90 ---------------------- .../files/cve-2017-2592-stable-newton.patch | 90 ---------------------- .../oslo-middleware-3.19.0-r1.ebuild | 58 -------------- .../oslo-middleware/oslo-middleware-3.19.1.ebuild | 60 --------------- .../oslo-middleware-3.8.0-r2.ebuild | 59 -------------- 6 files changed, 360 deletions(-) diff --git a/dev-python/oslo-middleware/Manifest b/dev-python/oslo-middleware/Manifest index dbca57a39e1..d98b6be4a69 100644 --- a/dev-python/oslo-middleware/Manifest +++ b/dev-python/oslo-middleware/Manifest @@ -1,4 +1 @@ -DIST oslo.middleware-3.19.0.tar.gz 41711 SHA256 f36c37b9d8f4c6eccc494172569184c3f9a4028a6401e8cf75d7656fc7b1d292 SHA512 e347f9f683b8e925286390fc84eb5aebb76b6f490d564f9273b6d53762bbd9f09dab3dc5f740ab4eb0849de00381ad71264b0d8c048629b770b8740243300e50 WHIRLPOOL aa08f79b269cc1dc2c3c54f121e2de783a9f4b13c0fc1d9be492044cd4c34f59a4b2446efab2870d1cfdaa932f41cc5075ee4bd01876edb34d94b35c2d575211 -DIST oslo.middleware-3.19.1.tar.gz 43000 SHA256 a484a27276bb4fd96a21fdaa7d0da0495aa2a2887a88dcec271ffd8b8c239096 SHA512 7d387466cc1352651d81b6f874f18bfb892af8b4187c93131597cfb1e731394654cfd65a17729b22a36bd388b3eee8692936af28786812e50bb2549a76555c96 WHIRLPOOL 6942f7003d6242a12c7cb3ef27331f749244e1fe930e4817804db63c405f9a6c6da3bf07cff2a60b24d38c3aaebf8aac835168ba704c4f3a427590e0284c36fb DIST oslo.middleware-3.23.1.tar.gz 52469 SHA256 fab9a0779ff196020875c7e47e6c36b9d6c9468063645b857e687114e70a8019 SHA512 155f88184216ef18a265b996973b616a3b7a9e52618d95235a396e099bcfb5f51a5dded8e1f039df4d648a0b779c8a6daab9d6b8ff091981c17524a8521ac72a WHIRLPOOL 683d78da63af0d68b6301aa718562cd29f8dc09511df53fb0394311bbda7727edadd975401f81e8ee5c6f35a4e9e8d636bd140b786fec4e7f9c3b0f0015f02e8 -DIST oslo.middleware-3.8.0.tar.gz 39756 SHA256 2d985b238182cf70c1adbe1a041eb96eacde3106751fe2c7f1cd81d57a4dbda2 SHA512 575708b9f19938787d4d42accfbafcd63a9cee0aeb871dc0b3dd504dc4d5f97db27abfcfd7ae56dfc7d68eb670c11f93c1f79d3fd02d30247497614b3f51d80a WHIRLPOOL 2498c2a67ca83214c8512a2a86d78155638a107971d7a98a3534c625138c89f56273ab6dda437399799a6960129f4c7dfa758d2af46ede15813d7614d5db3a6d diff --git a/dev-python/oslo-middleware/files/cve-2017-2592-stable-mitaka.patch b/dev-python/oslo-middleware/files/cve-2017-2592-stable-mitaka.patch deleted file mode 100644 index b38cd597c3d..00000000000 --- a/dev-python/oslo-middleware/files/cve-2017-2592-stable-mitaka.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 095e90929d114e4b6cece67cb405741c14747356 Mon Sep 17 00:00:00 2001 -From: Jamie Lennox <[email protected]> -Date: Wed, 28 Sep 2016 15:03:53 +1000 -Subject: [PATCH] Filter token data out of catch_errors middleware - -If an exception is caught by the catch_errors middleware the entire -request is dumped into the log including sensitive information like -tokens. Filter that information before outputting the failed request. - -Closes-Bug: #1628031 -Change-Id: I2563403993513c37751576223275350cac2e0937 ---- - oslo_middleware/catch_errors.py | 6 +++++- - oslo_middleware/tests/test_catch_errors.py | 25 +++++++++++++++++++++++++ - 2 files changed, 30 insertions(+), 1 deletion(-) - -diff --git a/oslo_middleware/catch_errors.py b/oslo_middleware/catch_errors.py -index 43d085f..0934fc5 100644 ---- a/oslo_middleware/catch_errors.py -+++ b/oslo_middleware/catch_errors.py -@@ -14,6 +14,7 @@ - # under the License. - - import logging -+import re - - import webob.dec - import webob.exc -@@ -24,6 +25,8 @@ from oslo_middleware import base - - LOG = logging.getLogger(__name__) - -+_TOKEN_RE = re.compile('^(X-\w+-Token):.*$', flags=re.MULTILINE) -+ - - class CatchErrors(base.ConfigurableMiddleware): - """Middleware that provides high-level error handling. -@@ -37,7 +40,8 @@ class CatchErrors(base.ConfigurableMiddleware): - try: - response = req.get_response(self.application) - except Exception: -+ req_str = _TOKEN_RE.sub(r'\1: <removed>', req.as_text()) - LOG.exception(_LE('An error occurred during ' -- 'processing the request: %s'), req) -+ 'processing the request: %s'), req_str) - response = webob.exc.HTTPInternalServerError() - return response -diff --git a/oslo_middleware/tests/test_catch_errors.py b/oslo_middleware/tests/test_catch_errors.py -index 920bbe2..0b675e2 100644 ---- a/oslo_middleware/tests/test_catch_errors.py -+++ b/oslo_middleware/tests/test_catch_errors.py -@@ -13,6 +13,7 @@ - # License for the specific language governing permissions and limitations - # under the License. - -+import fixtures - import mock - from oslotest import base as test_base - import webob.dec -@@ -45,3 +46,27 @@ class CatchErrorsTest(test_base.BaseTestCase): - self._test_has_request_id(application, - webob.exc.HTTPInternalServerError.code) - self.assertEqual(1, log_exc.call_count) -+ -+ def test_filter_tokens_from_log(self): -+ logger = self.useFixture(fixtures.FakeLogger(nuke_handlers=False)) -+ -+ @webob.dec.wsgify -+ def application(req): -+ raise Exception() -+ -+ app = catch_errors.CatchErrors(application) -+ req = webob.Request.blank('/test', -+ text=u'test data', -+ method='POST', -+ headers={'X-Auth-Token': 'secret1', -+ 'X-Service-Token': 'secret2', -+ 'X-Other-Token': 'secret3'}) -+ res = req.get_response(app) -+ self.assertEqual(500, res.status_int) -+ -+ output = logger.output -+ -+ self.assertIn('X-Auth-Token: <removed>', output) -+ self.assertIn('X-Service-Token: <removed>', output) -+ self.assertIn('X-Other-Token: <removed>', output) -+ self.assertIn('test data', output) --- -2.7.4 - diff --git a/dev-python/oslo-middleware/files/cve-2017-2592-stable-newton.patch b/dev-python/oslo-middleware/files/cve-2017-2592-stable-newton.patch deleted file mode 100644 index b38cd597c3d..00000000000 --- a/dev-python/oslo-middleware/files/cve-2017-2592-stable-newton.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 095e90929d114e4b6cece67cb405741c14747356 Mon Sep 17 00:00:00 2001 -From: Jamie Lennox <[email protected]> -Date: Wed, 28 Sep 2016 15:03:53 +1000 -Subject: [PATCH] Filter token data out of catch_errors middleware - -If an exception is caught by the catch_errors middleware the entire -request is dumped into the log including sensitive information like -tokens. Filter that information before outputting the failed request. - -Closes-Bug: #1628031 -Change-Id: I2563403993513c37751576223275350cac2e0937 ---- - oslo_middleware/catch_errors.py | 6 +++++- - oslo_middleware/tests/test_catch_errors.py | 25 +++++++++++++++++++++++++ - 2 files changed, 30 insertions(+), 1 deletion(-) - -diff --git a/oslo_middleware/catch_errors.py b/oslo_middleware/catch_errors.py -index 43d085f..0934fc5 100644 ---- a/oslo_middleware/catch_errors.py -+++ b/oslo_middleware/catch_errors.py -@@ -14,6 +14,7 @@ - # under the License. - - import logging -+import re - - import webob.dec - import webob.exc -@@ -24,6 +25,8 @@ from oslo_middleware import base - - LOG = logging.getLogger(__name__) - -+_TOKEN_RE = re.compile('^(X-\w+-Token):.*$', flags=re.MULTILINE) -+ - - class CatchErrors(base.ConfigurableMiddleware): - """Middleware that provides high-level error handling. -@@ -37,7 +40,8 @@ class CatchErrors(base.ConfigurableMiddleware): - try: - response = req.get_response(self.application) - except Exception: -+ req_str = _TOKEN_RE.sub(r'\1: <removed>', req.as_text()) - LOG.exception(_LE('An error occurred during ' -- 'processing the request: %s'), req) -+ 'processing the request: %s'), req_str) - response = webob.exc.HTTPInternalServerError() - return response -diff --git a/oslo_middleware/tests/test_catch_errors.py b/oslo_middleware/tests/test_catch_errors.py -index 920bbe2..0b675e2 100644 ---- a/oslo_middleware/tests/test_catch_errors.py -+++ b/oslo_middleware/tests/test_catch_errors.py -@@ -13,6 +13,7 @@ - # License for the specific language governing permissions and limitations - # under the License. - -+import fixtures - import mock - from oslotest import base as test_base - import webob.dec -@@ -45,3 +46,27 @@ class CatchErrorsTest(test_base.BaseTestCase): - self._test_has_request_id(application, - webob.exc.HTTPInternalServerError.code) - self.assertEqual(1, log_exc.call_count) -+ -+ def test_filter_tokens_from_log(self): -+ logger = self.useFixture(fixtures.FakeLogger(nuke_handlers=False)) -+ -+ @webob.dec.wsgify -+ def application(req): -+ raise Exception() -+ -+ app = catch_errors.CatchErrors(application) -+ req = webob.Request.blank('/test', -+ text=u'test data', -+ method='POST', -+ headers={'X-Auth-Token': 'secret1', -+ 'X-Service-Token': 'secret2', -+ 'X-Other-Token': 'secret3'}) -+ res = req.get_response(app) -+ self.assertEqual(500, res.status_int) -+ -+ output = logger.output -+ -+ self.assertIn('X-Auth-Token: <removed>', output) -+ self.assertIn('X-Service-Token: <removed>', output) -+ self.assertIn('X-Other-Token: <removed>', output) -+ self.assertIn('test data', output) --- -2.7.4 - diff --git a/dev-python/oslo-middleware/oslo-middleware-3.19.0-r1.ebuild b/dev-python/oslo-middleware/oslo-middleware-3.19.0-r1.ebuild deleted file mode 100644 index 6ae34cd3b49..00000000000 --- a/dev-python/oslo-middleware/oslo-middleware-3.19.0-r1.ebuild +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) - -inherit distutils-r1 - -DESCRIPTION="Components injected into wsgi pipelines to intercept request/response flows." -HOMEPAGE="https://pypi.python.org/pypi/oslo.middleware"; -SRC_URI="mirror://pypi/${PN:0:1}/oslo.middleware/oslo.middleware-${PV}.tar.gz" -S="${WORKDIR}/oslo.middleware-${PV}" - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="amd64 ~arm64 x86" -IUSE="test" - -PATCHES=( "${FILESDIR}/cve-2017-2592-stable-newton.patch" ) - -CDEPEND=" - >=dev-python/pbr-1.6[${PYTHON_USEDEP}] - <dev-python/pbr-2.0[${PYTHON_USEDEP}]" -DEPEND="dev-python/setuptools[${PYTHON_USEDEP}] - ${CDEPEND} - test? ( - >=dev-python/fixtures-3.0.0[${PYTHON_USEDEP}] - >=dev-python/mock-2.0.0[${PYTHON_USEDEP}] - >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}] - !~dev-python/oslo-sphinx-3.4.0[${PYTHON_USEDEP}] - >=dev-python/oslotest-1.10.0[${PYTHON_USEDEP}] - >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] - !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}] - <dev-python/sphinx-1.3.0[${PYTHON_USEDEP}] - >=dev-python/testtools-1.4.0[${PYTHON_USEDEP}] - >=dev-python/coverage-3.6[${PYTHON_USEDEP}] - )" -RDEPEND=" - ${CDEPEND} - >=dev-python/jinja-2.8[${PYTHON_USEDEP}] - >=dev-python/oslo-config-3.14.0[${PYTHON_USEDEP}] - >=dev-python/oslo-context-2.9.0[${PYTHON_USEDEP}] - >=dev-python/oslo-i18n-2.1.0[${PYTHON_USEDEP}] - >=dev-python/oslo-utils-3.16.0[${PYTHON_USEDEP}] - >=dev-python/six-1.9.0[${PYTHON_USEDEP}] - >=dev-python/stevedore-1.16.0[${PYTHON_USEDEP}] - >=dev-python/webob-1.2.3[${PYTHON_USEDEP}] - >=dev-python/debtcollector-1.2.0[${PYTHON_USEDEP}] -" - -python_prepare_all() { - sed -i '/^hacking/d' test-requirements.txt || die - distutils-r1_python_prepare_all -} - -python_test() { - nosetests tests/ || die "test failed under ${EPYTHON}" -} diff --git a/dev-python/oslo-middleware/oslo-middleware-3.19.1.ebuild b/dev-python/oslo-middleware/oslo-middleware-3.19.1.ebuild deleted file mode 100644 index 65ebfa842e3..00000000000 --- a/dev-python/oslo-middleware/oslo-middleware-3.19.1.ebuild +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) - -inherit distutils-r1 - -DESCRIPTION="Components injected into wsgi pipelines to intercept request/response flows." -HOMEPAGE="https://pypi.python.org/pypi/oslo.middleware"; -SRC_URI="mirror://pypi/${PN:0:1}/oslo.middleware/oslo.middleware-${PV}.tar.gz" -S="${WORKDIR}/oslo.middleware-${PV}" - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="~amd64 ~arm64 ~x86" -IUSE="test" - -PATCHES=( - -) - -CDEPEND=" - >=dev-python/pbr-1.6[${PYTHON_USEDEP}] - <dev-python/pbr-2.0[${PYTHON_USEDEP}]" -DEPEND="dev-python/setuptools[${PYTHON_USEDEP}] - ${CDEPEND} - test? ( - >=dev-python/fixtures-3.0.0[${PYTHON_USEDEP}] - >=dev-python/mock-2.0.0[${PYTHON_USEDEP}] - >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}] - !~dev-python/oslo-sphinx-3.4.0[${PYTHON_USEDEP}] - >=dev-python/oslotest-1.10.0[${PYTHON_USEDEP}] - >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] - !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}] - <dev-python/sphinx-1.3.0[${PYTHON_USEDEP}] - >=dev-python/testtools-1.4.0[${PYTHON_USEDEP}] - >=dev-python/coverage-3.6[${PYTHON_USEDEP}] - )" -RDEPEND=" - ${CDEPEND} - >=dev-python/jinja-2.8[${PYTHON_USEDEP}] - >=dev-python/oslo-config-3.14.0[${PYTHON_USEDEP}] - >=dev-python/oslo-context-2.9.0[${PYTHON_USEDEP}] - >=dev-python/oslo-i18n-2.1.0[${PYTHON_USEDEP}] - >=dev-python/oslo-utils-3.16.0[${PYTHON_USEDEP}] - >=dev-python/six-1.9.0[${PYTHON_USEDEP}] - >=dev-python/stevedore-1.16.0[${PYTHON_USEDEP}] - >=dev-python/webob-1.2.3[${PYTHON_USEDEP}] - >=dev-python/debtcollector-1.2.0[${PYTHON_USEDEP}] -" - -python_prepare_all() { - sed -i '/^hacking/d' test-requirements.txt || die - distutils-r1_python_prepare_all -} - -python_test() { - nosetests tests/ || die "test failed under ${EPYTHON}" -} diff --git a/dev-python/oslo-middleware/oslo-middleware-3.8.0-r2.ebuild b/dev-python/oslo-middleware/oslo-middleware-3.8.0-r2.ebuild deleted file mode 100644 index b005d0f5161..00000000000 --- a/dev-python/oslo-middleware/oslo-middleware-3.8.0-r2.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) - -inherit distutils-r1 - -DESCRIPTION="Components injected into wsgi pipelines to intercept request/response flows." -HOMEPAGE="https://pypi.python.org/pypi/oslo.middleware"; -SRC_URI="mirror://pypi/${PN:0:1}/oslo.middleware/oslo.middleware-${PV}.tar.gz" -S="${WORKDIR}/oslo.middleware-${PV}" - -LICENSE="Apache-2.0" -SLOT="0" -KEYWORDS="amd64 ~arm64 x86" -IUSE="test" - -FILES=( "${FILESDIR}/cve-2017-2592-stable-mitaka.patch" ) - -CDEPEND=" - >=dev-python/pbr-1.6[${PYTHON_USEDEP}] - <dev-python/pbr-2.0[${PYTHON_USEDEP}]" -DEPEND="dev-python/setuptools[${PYTHON_USEDEP}] - ${CDEPEND} - test? ( - >=dev-python/fixtures-1.3.1[${PYTHON_USEDEP}] - >=dev-python/mock-1.2[${PYTHON_USEDEP}] - >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}] - !~dev-python/oslo-sphinx-3.4.0[${PYTHON_USEDEP}] - >=dev-python/oslotest-1.10.0[${PYTHON_USEDEP}] - >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] - !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}] - <dev-python/sphinx-1.3.0[${PYTHON_USEDEP}] - >=dev-python/testtools-1.4.0[${PYTHON_USEDEP}] - >=dev-python/coverage-3.6[${PYTHON_USEDEP}] - )" -RDEPEND=" - ${CDEPEND} - >=dev-python/Babel-1.3[${PYTHON_USEDEP}] - >=dev-python/jinja-2.8[${PYTHON_USEDEP}] - >=dev-python/oslo-config-3.7.0[${PYTHON_USEDEP}] - >=dev-python/oslo-context-0.2.0[${PYTHON_USEDEP}] - >=dev-python/oslo-i18n-2.1.0[${PYTHON_USEDEP}] - >=dev-python/oslo-utils-3.5.0[${PYTHON_USEDEP}] - >=dev-python/six-1.9.0[${PYTHON_USEDEP}] - >=dev-python/stevedore-1.5.0[${PYTHON_USEDEP}] - >=dev-python/webob-1.2.3[${PYTHON_USEDEP}] - >=dev-python/debtcollector-1.2.0[${PYTHON_USEDEP}] -" - -python_prepare_all() { - sed -i '/^hacking/d' test-requirements.txt || die - distutils-r1_python_prepare_all -} - -python_test() { - nosetests tests/ || die "test failed under ${EPYTHON}" -}
