libcloud-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From to...@apache.org
Subject [1/4] libcloud git commit: Add AWS4 support in the S3_RGW_OUTSCALE provider
Date Fri, 13 May 2016 09:50:37 GMT
Repository: libcloud
Updated Branches:
  refs/heads/trunk 32465669c -> a39fe0e3e


Add AWS4 support in the S3_RGW_OUTSCALE provider

This patch adds AWS4 auth protocol support in the S3_RGW_OUTSCALE
provider. It is needed to use AWS4 with Ceph RGW Jewel.

Ceph Jewel ships with AWS2 and AWS4 enabled by default.

In the case of regions and signature binding, Ceph does not enforce any
signature version per region. Every region supports AWS2 and AWS4. Ceph
detects the signature version per request in order to authenticate
properly.

More information on the Ceph's AWS4 implementation:

http://docs.ceph.com/docs/master/release-notes/#v10-1-0-jewel-release-candidate
http://blogs.igalia.com/jmunhoz/blog/2016/03/01/aws-signature-version-4-goes-upstream-in-ceph.html

Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
Signed-off-by: Tomaz Muraus <tomaz@tomaz.me>


Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo
Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/eb57ca07
Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/eb57ca07
Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/eb57ca07

Branch: refs/heads/trunk
Commit: eb57ca07474b3d7aa99f769ab85b498338fecbaa
Parents: 082e089
Author: Javier M. Mellid <jmunhoz@igalia.com>
Authored: Mon Apr 4 11:44:32 2016 +0000
Committer: Tomaz Muraus <tomaz@tomaz.me>
Committed: Fri May 13 10:31:45 2016 +0200

----------------------------------------------------------------------
 libcloud/storage/drivers/s3.py | 51 ++++++++++++++++++++++++++++++++-----
 1 file changed, 45 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/libcloud/blob/eb57ca07/libcloud/storage/drivers/s3.py
----------------------------------------------------------------------
diff --git a/libcloud/storage/drivers/s3.py b/libcloud/storage/drivers/s3.py
index c4c249c..df5eda7 100644
--- a/libcloud/storage/drivers/s3.py
+++ b/libcloud/storage/drivers/s3.py
@@ -36,7 +36,7 @@ from libcloud.utils.files import read_in_chunks
 from libcloud.common.types import InvalidCredsError, LibcloudError
 from libcloud.common.base import ConnectionUserAndKey, RawResponse
 from libcloud.common.aws import AWSBaseResponse, AWSDriver, \
-    AWSTokenConnection, SignedAWSConnection
+    AWSTokenConnection, SignedAWSConnection, DEFAULT_SIGNATURE_VERSION
 
 from libcloud.storage.base import Object, Container, StorageDriver
 from libcloud.storage.types import ContainerError
@@ -834,7 +834,7 @@ class BaseS3StorageDriver(StorageDriver):
         bytes_transferred = result_dict['bytes_transferred']
         headers = response.headers
         response = response.response
-        server_hash = headers['etag'].replace('"', '')
+        server_hash = headers.get('etag', '').replace('"', '')
 
         if (verify_hash and result_dict['data_hash'] != server_hash):
             raise ObjectHashMismatchError(
@@ -1015,8 +1015,37 @@ class S3SAEastStorageDriver(S3StorageDriver):
     ex_location_name = 'sa-east-1'
 
 
-class S3RGWOutscaleConnection(S3Connection):
-    pass
+class S3RGWOutscaleConnectionAWS4(SignedAWSConnection, BaseS3Connection):
+    service_name = 's3'
+    version = API_VERSION
+
+    def __init__(self, user_id, key, secure=True, host=None, port=None,
+                 url=None, timeout=None, proxy_url=None, token=None,
+                 retry_delay=None, backoff=None, **kwargs):
+
+        super(S3RGWOutscaleConnectionAWS4, self).__init__(user_id, key,
+                                                          secure, host,
+                                                          port, url,
+                                                          timeout,
+                                                          proxy_url, token,
+                                                          retry_delay,
+                                                          backoff,
+                                                          4)  # force aws4
+
+
+class S3RGWOutscaleConnectionAWS2(S3Connection):
+
+    def __init__(self, user_id, key, secure=True, host=None, port=None,
+                 url=None, timeout=None, proxy_url=None, token=None,
+                 retry_delay=None, backoff=None, **kwargs):
+
+        super(S3RGWOutscaleConnectionAWS2, self).__init__(user_id, key,
+                                                          secure, host,
+                                                          port, url,
+                                                          timeout,
+                                                          proxy_url, token,
+                                                          retry_delay,
+                                                          backoff)
 
 
 class S3RGWOutscaleStorageDriver(S3StorageDriver):
@@ -1029,9 +1058,19 @@ class S3RGWOutscaleStorageDriver(S3StorageDriver):
         self.name = 'OUTSCALE Ceph RGW S3 (%s)' % (region)
         self.ex_location_name = region
         self.region_name = region
-        self.connectionCls = S3RGWOutscaleConnection
-        self.connectionCls.host = S3_RGW_OUTSCALE_HOSTS_BY_REGION[region]
+        self.signature_version =\
+            kwargs.pop('signature_version', DEFAULT_SIGNATURE_VERSION)
+        self.connectionCls = S3RGWOutscaleConnectionAWS2
+        if self.signature_version == '4':
+            self.connectionCls = S3RGWOutscaleConnectionAWS4
+        host = S3_RGW_OUTSCALE_HOSTS_BY_REGION[region]
+        self.connectionCls.host = host
         super(S3RGWOutscaleStorageDriver, self).__init__(key, secret,
                                                          secure, host, port,
                                                          api_version, region,
                                                          **kwargs)
+
+    def _ex_connection_class_kwargs(self):
+        kwargs = {}
+        kwargs['signature_version'] = self.signature_version
+        return kwargs


Mime
View raw message