| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes does two things:
* Adds Sha512 as a supported auth_type.
* Fixes breakage when auth_type is changed in existing deployments.
If an existing gswauth deployment changes `auth_type` in conf file to a
different one (for example: sha1 to sha512), all attempts to authorize
existing/old users will fail because of change in encoder type.
With this change, the credentials match is done using an encoder with
which the password was initially encoded. This allows gswauth deployments
to change auth_type and old users will still be able to authorize.
A note on auth_type_salt:
There's still a distinction between how salt is managed in gswauth and
swauth: swauth will use a random salt if a salt is not set in conf file
where as gswauth will default to 'gswauthsalt' if a salt is not set in
conf file. This distinction is to ensure backward compatibility.
This change is derived from following upstream changes in swauth repo:
e14a7b3df86969d478090b314d9660b6d835afa7
https://review.openstack.org/#/c/285195/
https://review.openstack.org/#/c/285292/
Change-Id: I9a43adc4964d8e9f9f1faf73063a6dc1cd8ff354
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13654
Reviewed-by: Thiago da Silva <thiago@redhat.com>
Tested-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This issue can be hit when swift3 middleware is in the pipeline.
This change is a backport of the following swauth change:
https://review.openstack.org/#/c/282191/
Change-Id: I323d3eeaf39e2019f8f8910bc53904ac94208ed2
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13641
Reviewed-by: Thiago da Silva <thiago@redhat.com>
Tested-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to https://github.com/gholt/swauth/issues/73 nobody
knows why is this here. Let's try to remove it :).
This is ported from following commit in swauth repo:
79c153f7b198ffaf0c3fd781587a0133bab43d7f
Change-Id: I8e64b53ed59dab1f554b7c08f1342c2b5dd4675a
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13522
Reviewed-by: Thiago da Silva <thiago@redhat.com>
Tested-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, in cases where swauth returns a JSON document as its body,
it does not specify a content type, and swob defaults it to text/html.
This change uses a standard content type of 'application/json' in each
of these instances, and adjusts the tests accordingly.
This is ported from following commit in swauth repo:
556aa156979741292bde78425f413f9dee639b4f
Change-Id: Ib61370ba10b5e0364c2aed6321388715a6710355
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13521
Reviewed-by: Thiago da Silva <thiago@redhat.com>
Tested-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This is ported from following commit in swauth repo:
17faf4e54f9faa031755aa583b67ef68e5ec2b08
Change-Id: I816b04328d02f4b8641571c337ba993a94145615
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13520
Reviewed-by: Thiago da Silva <thiago@redhat.com>
Tested-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Functests used to fail with higher version of python-eventlet (from EPEL
repo) package on rhel6. This change addresses that and also some pep8 issues.
BUG: 1302546
Change-Id: I5a1a1deb94ee712a387af3d6f65afbcb8557ab6f
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13636
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change ports most of swiftonfile object server fixes and changes
into gluster-swift. Storage policy as a feature is not usable here
(it doesn't make sense).
The hacky way of creating zero byte tracker objects for object
expiration has not been ported to this release due to scalability
issues and the need to have a separate volume.
Change-Id: I17ba27dacea9ac000bdb8934700996e4d17f4251
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13269
Reviewed-by: Thiago da Silva <thiago@redhat.com>
Tested-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a squashed commit imported from this repo:
https://github.com/openstack/swiftonfile/tree/icehouse
Contains the follwing commits from above mentioned repo:
eb50236 Merge "Backport: Fix metadata overall limits bug" into icehouse
79ea52a Backport: Fix metadata overall limits bug
bc43f0b Fix inconsistent data being returned on GET
ad0bb79 Import HTTPBadRequest from swift's module
74d02e6 Exclude .trashcan dir from container listing
b2dbc15 Catch ESTALE in addition to ENOENT
8d60b48 Properly handle read_metadata() exceptions
6762fc6 Fix object server leaking file descriptors
2842e82 Fix API incompatibility in update_metadata()
2beeef6 Merge "Remove swiftkerbauth code" into icehouse
93dbcb5 Update object-expirer.conf with explanations
c9d2f09 Merge "Check if /etc/swift exists in ring builder" into icehouse
d66c14c Remove swiftkerbauth code
3142ed2 Add object expiration functests
97153d1 Merge "Cleanup functest and undo old patch" into icehouse
bc234d0 Remove old travis config file and fix typo
260c8ef Check if /etc/swift exists in ring builder
637dac9 Cleanup functest and undo old patch
051e068 Merge pull request #35 from prashanthpai/backport-1
be104a3 Merge pull request #36 from prashanthpai/backport-2
ff76f42 fix issue with GET on large object (icehouse-backport)
04d0a99 Fix unlink call after successful rename
4c6ca1d updating README file with project name change
10b2680 Merge pull request #18 from thiagol11/icehouse
5bcab8f Updating version on __init__ file
5c2cba2 Merge pull request #15 from thiagol11/update_spec
52b00a8 updating spec file to add dependency on swift icehouse
ae7c93b Merge pull request #6 from prashanthpai/rebase
191e55b Revert: allow non-root user to run functests
cb7e968 Modify unit tests and func tests
d23fd1b Sync with OpenStack Swift v1.13.1
b6d1671 Merge pull request #12 from pushpesh/functionalnosetestremove
962622b Merge pull request #8 from thiagol11/update_readme
4560857 Merge pull request #9 from prashanthpai/spec-expirer
be0ae7e Minor update
65000f1 Removing functionalnosetests
8ab1069 Fix object-expirer.conf-gluster RPM build error
afee30f added new support filesystem section
527b01f updated README.md to Swift-On-File
9a240c7 Merge pull request #3 from thiagol11/add_jenkins_to_travis
34b5a8b removing blank lines
3568b64 fixing missing fi
d8f5b0f adding support to run jenkins triggered by travis
6f4a88c Removing functionalnosetests
8041944 Update README.md
c015148 Merge pull request #2 from thiagol11/master
3ddd952 fixing travis file to run correct unit test
c582669 adding travis status badge to README
8093096 adding py26 unit testing to travis
37835fd trigger travis build
cb6332a adding travis ci testing
All tests have been run sucessfully against this.
tox -e p2p8,py27,functest
Change-Id: I096b611da852d3eb3913844034b443b8272c2ac4
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/13188
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug: https://bugs.launchpad.net/gluster-swift/+bug/1269444
Recommended way is to flush the cached tokens from memcached after
gswauth-clean-up-token. As currently there is no way to flush only those
tokens from memcached. So a debug message recommending restart of the
memcached. A quick fix. Bigger fix would come in later.
Older cached tokens should be flushed/invalidated to let access path work
correctly with valid and new tokens.
Change-Id: Ic7a820eb3c60bac4829d5c5230cb3a5241b77957
Signed-off-by: Chetan Risbud <crisbud@redhat.com>
Reviewed-on: http://review.gluster.org/7168
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Tested-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
added input validation for a couple of options and
error handling in case a non-existing account name
is provided
Change-Id: I6d703d584552fc7b7574f34e79ed25a2982b6d5e
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6767
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Tested-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Chetan Risbud <crisbud@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Few changes have been merged to upstream swiftkerbauth repo.
This commit brings it down to gluster-swift repo.
Bringing below changes to gluster-swift repo in one go.
http://review.gluster.org/#/c/6296/
http://review.gluster.org/#/c/6370/
http://review.gluster.org/#/c/6595/
http://review.gluster.org/#/c/6713/
http://review.gluster.org/#/c/6732/
Change-Id: I10dc12d75ec63fca313339fbc71e4f18071af552
Signed-off-by: Chetan Risbud <crisbud@redhat.com>
Reviewed-on: http://review.gluster.org/6764
Reviewed-by: Prashanth Pai <ppai@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Imported code till commit f64a3354185f32928e2568d9ece4a52fa4746c05
Changed a code bit to import correct definitions.
kerbauth unit tests do run along with gluster-swift.
Install script does install swiftkerbauth.
import swiftkerbauth from http://review.gluster.org/swiftkrbauth.git
Change-Id: Ia89f2b77cc68df10dee2f41ce074f3381ac3c408
Signed-off-by: Chetan Risbud <crisbud@redhat.com>
Reviewed-on: http://review.gluster.org/6597
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The swauth tools did not handle an invalid admin_url, so it just failed
printing the stacktrace, which is not useful to end users.
This fix catches the exception and prints an error message that can
help user solve the issue.
Change-Id: I806c1cf191b5921e904b155f65cdbde5f2aac695
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6431
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changed the code to only allow the super_admin to delete a reseller_admin.
This follows the same logic of user creation, where only the super_admin
can create a reseller_admin.
Also, took the opportunity to refactor some code and implemented
get_user_detail method to remove duplicated code
Bug 1260239: https://bugs.launchpad.net/gluster-swift/+bug/1260239
Change-Id: I9e4866cd7ad08698f427846be566ab2364ad4850
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6516
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All tools were changed to display the usage help text
in case the admin key is not provided as an argument
Bug 1261677: https://bugs.launchpad.net/gluster-swift/+bug/1261677
Change-Id: I37fa8518be970364b81955644931f6e416bcdc42
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6553
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Tested-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Users were not able to update their own password/key
with the update operation resulting in 403 (HTTPForbidden).
EXAMPLES:
Command to update password/key of regular user:
gswauth-add-user -U account1:user1 -K old_pass account1 user1 new_pass
Command to update password/key of account admin:
gswauth-add-user -U account1:admin -K old_pass -a account1 admin new_pass
Command to update password/key of reseller_admin:
gswauth-add-user -U account1:radmin -K old_pass -r account1 radmin new_pass
BUG: https://bugs.launchpad.net/gluster-swift/+bug/1262227
Change-Id: I604da5aee67099b29541eb7e51a040a041f1961b
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6650
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the --suffix option is not currently supported in this version
of gswauth, so we are removing to not confuse users.
Bug 1262230: https://bugs.launchpad.net/gluster-swift/+bug/1262230
Change-Id: I12da2aad5929f619f838c217330bef503b7e0ba2
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6542
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Tested-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: Chetan Risbud <crisbud@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- 401(Unauthorized) is to be returned when user credentials are
wrong where as 403(Forbidden) is to be returned when user
credentials are correct but the user doesn't have the priveleges
to carry out the operation.
- Also error messages displayed when using swauth-* command line
utilities have been updated.
Change-Id: I485786896ad14d3263f4325d1857cacc93adab96
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6336
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6447
Reviewed-by: Thiago Da Silva <thiago@redhat.com>
Tested-by: Thiago Da Silva <thiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cli tools for account and user mgmt have been renamed
from swauth-* to gswauth-*
Updated other configuration and test files accordingly
Change-Id: Iced3bb27fbd09da45754ddb264f8fb4528ab423c
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6417
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Shilpa MJ <smanjara@redhat.com>
Tested-by: Shilpa MJ <smanjara@redhat.com>
Reviewed-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The issue was due to missing a necessary change that was made when changing
the auth account name from .auth to metadata volume.
the auth account has a group of the same name, so the .auth account
also had a .auth group, so we needed to change that too to the
metadata volume (e.g., gsmetadata)
Change-Id: Iaa3b7a1b2628f5b863807932e863593be0011a82
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6416
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
swauth-list now shows lists of accounts, users and groups
in a tabular format (default). JSON and plain-text options
are still available
Change-Id: I897009f5f6c05aa4c14e306bb6ad35234e993fcd
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6347
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During a post request, the object-server is ovewriting
the existing object metadata. This fix prevents the overwrite
of the system metadata while it allows for the user to
add/remove user metadata
Change-Id: Ic62cd064589b625ee425a9934be8766650622c13
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6254
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6315
|
|
|
|
|
|
|
|
|
|
|
|
| |
Error is caused by left-over code from swauth. It had hard-coded
the auth account to .auth. Changed code to use volume specified
in the config file
Change-Id: Id00eb3964b6b26a84511e4753ab80b2dea5654da
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6280
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
changed code where appropriate to gswauth
instead of swauth
Change-Id: Iadcec4f379fae3f063379b4899797b375290cc7b
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6226
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
changed code to look at configuration file for
the metadata gluster volume name. The default is still
gsmetadata
Change-Id: I9bf74b9566ea1c9716c42f7ced0f999e02824868
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6225
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
These tests cover account registration and de-registration
user creation/delete, and listing of both account and user
Change-Id: Ie622daccfc8e2d2fb45565952a99d7d832ce1189
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6212
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commiting first gswauth functional tests.
Currently there are two tests, to create account
and to create an user. Each test is self contained
in that it goes through the process of creating and deleting
accounts and users as needed.
More tests will be added shortly.
Change-Id: I26d577790aed8c79c9de11f224516423e9769962
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6188
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current changes support only one account per volume
The next changes will be made to add support for multiple accounts
Also modified unit tests that were failing after code changes.
Original changes were made here: https://github.com/lpabon/swauth/tree/gluster-swift
Change-Id: I5577d7dc042fc22de8625c8bdf30329cc3338cb9
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6107
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
moving existing swauth unit tests
to gluster-swift unit tests location
Change-Id: I3445b7ef1a1abe584854f2b04ffc9949b3346814
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6106
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Formatted original swauth code to pass pep8 tests.
Change-Id: I7c63a102ece44e8331137d1d5576a58588fe53e2
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6087
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are planning on creating a GlusterFS aware authentication
system for gluster-swift based on SWauth.
We forked from SWauth commit
41d36ebe160aa3346f6f45197fff0c80f38fde58
Change-Id: Ia28730d21e04fc8d9ce0cb317fc04d0d97583fca
Signed-off-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6069
|
|
|
|
|
|
|
|
| |
Change-Id: Ic0e9e78acc06e180f7acfec3e2a5901b7f80598b
Signed-off-by: Peter Portante <peter.portante@redhat.com>
Reviewed-on: http://review.gluster.org/5079
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
| |
Change-Id: Ia3d5813659d49d743f91816c4c7cab57e36ed9fa
Signed-off-by: Peter Portante <peter.portante@redhat.com>
Reviewed-on: http://review.gluster.org/5076
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
Additionally, we drop the "ufo" references from setup.py, spec file
and README, and add the HISTORY file describing how the repo was
initially created. We also update the RPM spec file to use the name
"gluster-for-swift" to avoid colliding with existing RPM names from
RHS 2.0 (the spec file's description was also updated, along with
the version number).
Change-Id: If804224a94208d57896e4189c63736ffc9e01d5e
Signed-off-by: Peter Portante <peter.portante@redhat.com>
Reviewed-on: http://review.gluster.org/4966
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Reviewed-by: Mohammed Junaid <junaid@redhat.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Peter Portante <pportant@redhat.com>
Tested-by: Peter Portante <pportant@redhat.com>
|