bup

Package-Manager: portage-2.2.8-r1/cvs/Linux x86_64 Manifest-Sign-Key: 0x2471EB3E40AC5AC3
author: Matt Thode <prometheanfire@gentoo.org> 2014-08-21 20:53:45 +0000
committer: Matt Thode <prometheanfire@gentoo.org> 2014-08-21 20:53:45 +0000
commit: d86de9c951d9ce481955795276526d4274e7263f (patch)
tree: 09e0e912d70cedb0c858e6fc0a7ae312683fb2f8 /sys-cluster/nova
parent: bup (diff)
download: historical-d86de9c951d9ce481955795276526d4274e7263f.tar.gz
historical-d86de9c951d9ce481955795276526d4274e7263f.tar.bz2
historical-d86de9c951d9ce481955795276526d4274e7263f.zip
4 files changed, 26 insertions, 111 deletions
diff --git a/sys-cluster/nova/ChangeLog b/sys-cluster/nova/ChangeLog
index 898db66e08c6..db1d5c64aedb 100644
--- a/sys-cluster/nova/ChangeLog
+++ b/sys-cluster/nova/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-cluster/nova
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.72 2014/08/10 20:21:07 slyfox Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.73 2014/08/21 20:53:36 prometheanfire Exp $
+
+*nova-2014.1.2 (21 Aug 2014)
+
+  21 Aug 2014; Matthew Thode <prometheanfire@gentoo.org> +nova-2014.1.2.ebuild,
+  -files/nova-2014.1.1-CVE-2014-3517.patch, -nova-2014.1.1-r1.ebuild:
+  bup
 
   10 Aug 2014; Sergei Trofimovich <slyfox@gentoo.org> nova-2014.1.1-r1.ebuild,
   nova-2014.1.9999.ebuild, nova-9999.ebuild:
diff --git a/sys-cluster/nova/Manifest b/sys-cluster/nova/Manifest
index 3d700679dc24..8ddfe0a4f3f3 100644
--- a/sys-cluster/nova/Manifest
+++ b/sys-cluster/nova/Manifest
@@ -1,22 +1,31 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 
-AUX nova-2014.1.1-CVE-2014-3517.patch 3619 SHA256 3bbe89c956ab785e1a87e1d56ad909d6df5ffc573056ccda35b457eaab6f57b4 SHA512 222fd90bc93d19fa9c1d86b731bef7edc39528e6e79907bcbaa26b1559adc238cb24984ed03521775b9b4a7b0d1170d0cafaca299824b4b3c875d18d5d87972e WHIRLPOOL da772642d361fca3bb811486b4da4aad2a3d2cc155f06141de1534cda73129305e14227c3ae88da478119c844e0e97e738bf9605e084505924504c2391bfc383
 AUX nova-confd 101 SHA256 d9013141618d1e8b8ba85297155747d9c8fc362238de7bba3108b9a2539c8c73 SHA512 4c7ec1d123f2cdaf394d1f4824df861bbe309b0b329db44080160d81746cd0fc9d4cc1b35da0f66ab075f1d4e835ababfb7bccaf4a2e931e60f2c0ac572a552e WHIRLPOOL 6a237357a3905d29a96b32c37f6d189e4f5cefc0986bb091e24a79295191332143741c604c2a9fd44484c75b3be89742a5570862cf0cd4ba225425f7f32b5348
 AUX nova-initd 1496 SHA256 5b5f928335ac345103492555c3bc57407f547915b099762d0087aef172e5edf8 SHA512 cca06baba484d505f3a96643d836204a08e9dde50197531cdab2d95188b992a95a375a386b9c54fcc8e0a4f6167babba975db7510db1087f044afa39effe4eec WHIRLPOOL 4c667a5cc469826063a65879c1beddc98371edf295a273c9b8f679627cabfe2260d8b3bbdf9550d3894fc1525d63b9f98d6e939406f90ac5f2f745daa59311c2
 AUX nova-sudoers 78 SHA256 9e88c2843fb74cc46802c0b103067ad12915ec50335d05e546a5dba76acb4a76 SHA512 22c0606c6335b2d1a03bd18a319a54f16f76f091b2e8416dbba05ce7c15890beff7f32f0322eb5ba3f2a5c750436cacbe0cee189b390b878e3f0c0df219ef984 WHIRLPOOL bc42ae1d12e9f900b263fd5c3d0f59062f46fbec1ff97c0bceb234082bea5943eb64795b4f5e102b8e2749c6868163e5924467088cad42df09345e3406e5f83c
 AUX nova.initd 627 SHA256 74417e422e6c503ae338bb981934b54a5da57e783bdfed778de6ce9fec3617b8 SHA512 163d5d94f6ce7c67413b9e90161590651329c96e1c8df480d1c983294f43bd596ef75ebe818cd1a8f1557babfd6bbd02a7deaf597d936acfe882dc3c9c5a1f42 WHIRLPOOL b51a0316513d06083f2cfa572427926c14663ab984bcd26a9521bf88699bfefd745e7ff91e9330bae86bd769d809837e010caa948cd133fbd010e820b7ab8448
 AUX nova.sudoersd 78 SHA256 9e88c2843fb74cc46802c0b103067ad12915ec50335d05e546a5dba76acb4a76 SHA512 22c0606c6335b2d1a03bd18a319a54f16f76f091b2e8416dbba05ce7c15890beff7f32f0322eb5ba3f2a5c750436cacbe0cee189b390b878e3f0c0df219ef984 WHIRLPOOL bc42ae1d12e9f900b263fd5c3d0f59062f46fbec1ff97c0bceb234082bea5943eb64795b4f5e102b8e2749c6868163e5924467088cad42df09345e3406e5f83c
-DIST nova-2014.1.1.tar.gz 7979809 SHA256 3cb3b48c72c39e7637d6016039d353ad33de69bcd6ed04dbfdb0db9313eb9a5b SHA512 6f7b449e09e796c483d93399af24c2cd77042776e1c4d36c3bcd34814b42a252151542b684785ba6c1b28bc0b302cc15f5057da7f90884c73ff6b11ec748323e WHIRLPOOL 0d959b4655d6010825b0ef73b6ce983cd6a0679f5aa5d41ebfbddce26e74d402d9d571c65d26f71e60bb627fc9d4d924d1e4622c1d96d73e3b484f1c68502df7
-EBUILD nova-2014.1.1-r1.ebuild 5012 SHA256 a9b91b38140c84aa5d03bb5414091e44153ae912dffc45cfb2d7eb80bbe9fd5e SHA512 2a3f7f57e7b2c640c7379c1d6f8790ef6cf8bcb6ffdfe5a47e0c056f43a5073212ae97a85b6b7c1a53bae3234db58aa73b74e3d4fdf88f61972bd4ad2abab07e WHIRLPOOL 201de96cbf759fb35dcb2edb56e43e3bb79bf4fe385cac12841446b78616ed44b1a14a490e926947b0cb531c90cda0191c5578f3abf3c9c191eedccf054bb976
+DIST nova-2014.1.2.tar.gz 7993877 SHA256 6cd7e9a823895b29df0864d65ee55a1915151ef15a19090cd570d80d3b31b27d SHA512 9cd34e3cd84a55e923555113fecc70d5ed34605909a5162604ebfce4c307d2f4e0dcebcdb902f0cf806597f231870e24799b0b8d8a89cbbbef41feb61ba2548d WHIRLPOOL ec1fa64d95f2e6a5c1e6836074c4093deaf7c7bcb88f7d439ab4ac56e48da131b2a14e8d9ba04f7b2d98b84c6d57e42c2d4552c623d36959f12189bafab9c70c
+EBUILD nova-2014.1.2.ebuild 5012 SHA256 fd9346141b1a8d4abeaa6a2cccc17e5c08697128f1139177946b17c29e90a345 SHA512 b631a4e0ccb25fd8558f74aa37bc8e0f648e5fd723b6c7b9aa7266c48d0139bc9ae4edb64a0b9ace4ed1c7cd47bb9e4544ce46162cad6e2ceac1b7f040316651 WHIRLPOOL 1d0ca255166ddcc7344f096ec7f94b5ad68216979560cc184499113b22602972e4c6c4d52044cf1503e87c6096b9df1c23055a0b67405fcde9b135f235267633
 EBUILD nova-2014.1.9999.ebuild 4962 SHA256 e84df60355aca1ff5f33c81353a8fbe7a3c79b819fbea77e88df6fcbd4df0f08 SHA512 2b7eecf55a4b373d687b35b0d56582493508fcdf044a3879ab7fad54d4c57fceb0c0356975f0961d40118a52724197a2e63530c96062275ac18f191b5845594d WHIRLPOOL 83143bca243ca0b4a83f2cd79c198e34f7f005c563008ef15bb84a1f4290d70513999e9d72b8b9ca9be5be0b1358d21d2e7fd846c8b0ef617ff3cccbbdc5b2ec
 EBUILD nova-9999.ebuild 4926 SHA256 361e8736a4e565ea413350967e0c10a105fd19f5d7dbcf8029f0b1bdb75bbc24 SHA512 2e5e123d423b2eb2531a2260d9ab3bf45d63f278437fea6e78ed760f99ca99fe16bdeb5a5377643f5a0321fadb8ab876021d91fa4981bce96b5b8dbf762c17cc WHIRLPOOL 830b1342351738b676dba00ebefbacfe576f411fe9eeb1eee742a31bb4ffea181cb1e2ab5b046b7104b8fab7f6e4d84919d57178ac830dec9ad91053182ad127
-MISC ChangeLog 16389 SHA256 1649739e6272c17172383cafbb0145c13eeff8d83b1b02fdba4d57c9b1f37eb1 SHA512 690d8f4abc1592fec501d2f50c7ed97f4fd90ea4e426ec7aed5d4d39e68a121b9b2978330555e6e02d5cf0e52af82065fd732029e773307a673ee4d7c10f7d21 WHIRLPOOL 983a1cb19c526b616221447851c7a05333b1678294085e4ff9a0d35ba91d667865a5140666d8605fcc1c1a21ce4f3735bdd7b0560e92476f7d125ede4005cad8
+MISC ChangeLog 16584 SHA256 258cd11d5f422aec4a62c0b15efc6d5979dbdb1c13d3efbda82640e409cacac9 SHA512 7d7b6167b8f595a26b4757e57431bb9d85b5a5523559eea65f18689c7ae32fb686c122d5f913dc299af8c34df8fc1824d2be7f570f01fcec7560c611c582a957 WHIRLPOOL daa906360971651df1dcabac6094f5286261f01eb8ee162a86fef26d5e58eb4f7b09ab4c1321344784c844df84bfe721893c45e6320507663872bccf4ce1c488
 MISC metadata.xml 818 SHA256 2db18087f26467d27436c57cc533ab1dc0e31e643ed2b212a78eaf1e9e4d702b SHA512 cd64b2b5fff76252104a60670edab8a732ea0c6ab5e72b083f988bbc18dcf38e455cadd589e89597fa049009b60a99631306ea61bb02e14f1658a52b22d4c5aa WHIRLPOOL 05cca8681c60b074f53e6874f1e8a5b17a3ebcdd06e552e4ac6a2672f91077ce71e0d343f0db27ba0722a33bc5b1e97d38ad34dbe418e2961ca067d8b863c6db
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
-iEYEAREIAAYFAlPn1DQACgkQcaHudmEf86oCQwCfVBxVkQXQiW2YicS93rhVC3dp
-hogAnAtify5A2gcAEZlPwXWqSsVlg9eo
-=ynvY
+iQIcBAEBCAAGBQJT9lxbAAoJECRx6z5ArFrDNtwQAN9pmK2/4A8VghpGWKgJWyUw
+saARuvjJ6hJEdPDoWmra9MTTe3NTmNk/+0gx9nbcLMeaqyisNlhws7akS1nEBEkD
+BT1/mMJJGqvEjBy/MVsMnhW0GHVxHcZZHmn7FgRchvbLMysNUGTHQRAK5JIT488h
+9JbIq5zT3ys9TICp4siPxcvfIJRvl7GlD6wm6m2mKLaQ0ErPLLMpc3HTCJybqK6/
+BA5X4ox3VDf493I9zi2zrDz468vIWwpyf4p3ivvCYmnt/MZ4SkRcCiW75HR0hj69
+vu1VVFeOcETorEV9a/YYg/Bumo8ywU+E8HMWSXcMWzzzujsODCKbnr++Ss+8tGlR
+p/zmSUFG3Qdh98DBVhGibQUKvp9/Y8YPP/8zt0e56D4WUrRsBvwETH4bdrk+Ae3X
+3g3B1zaUJ0qsQHDXIQ9lUUuB2K+PqcPheGyi8uAm5BvSvhLfsMpjrvx+gYMrd1k9
+i51feYLhNgdK27AlvoVVH0IIdgjAyVrT3lMewKOySy7MN0XECbQqqLQXS5akKLHN
+7LZsWZybMybcVBn2FSme/F6rnF75auZ2ME43LXIAnAWQiuZOvYOPq4p56YqGErZw
+4FQlqSdnWogVcDy6aA8oAolX6nIuKfouABlgSsqsdYUsmpBKaqbHjnZS3M5V526l
+gpoSLhvXzw/RzAlI7wax
+=oUZm
 -----END PGP SIGNATURE-----
diff --git a/sys-cluster/nova/files/nova-2014.1.1-CVE-2014-3517.patch b/sys-cluster/nova/files/nova-2014.1.1-CVE-2014-3517.patch
deleted file mode 100644
index cc4f2911c2d2..000000000000
--- a/sys-cluster/nova/files/nova-2014.1.1-CVE-2014-3517.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From 3dd2cb0452b63d5de04606d79bbbf41a4e50a42a Mon Sep 17 00:00:00 2001
-From: Grant Murphy <gmurphy@redhat.com>
-Date: Tue, 8 Jul 2014 03:35:40 +0000
-Subject: [PATCH 1/1] Avoid possible timing attack in metadata api
-
-Introduce a constant time comparison function to
-nova utils for comparing authentication tokens.
-Original code taken from:
-
-https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/middleware/memcache_crypt.py#L86
-
-Change-Id: I7374f2edc6f03c7da59cf73ae91a87147e53d0de
-Closes-bug: #1325128
----
- nova/api/metadata/handler.py |  3 ++-
- nova/tests/test_utils.py     |  7 +++++++
- nova/utils.py                | 27 +++++++++++++++++++++++++++
- 3 files changed, 36 insertions(+), 1 deletion(-)
-
-diff --git a/nova/api/metadata/handler.py b/nova/api/metadata/handler.py
-index a14db67..be866ef 100644
---- a/nova/api/metadata/handler.py
-+++ b/nova/api/metadata/handler.py
-@@ -30,6 +30,7 @@ from nova import exception
- from nova.openstack.common.gettextutils import _
- from nova.openstack.common import log as logging
- from nova.openstack.common import memorycache
-+from nova import utils
- from nova import wsgi
- 
- CACHE_EXPIRATION = 15  # in seconds
-@@ -169,7 +170,7 @@ class MetadataRequestHandler(wsgi.Application):
-             instance_id,
-             hashlib.sha256).hexdigest()
- 
--        if expected_signature != signature:
-+        if not utils.constant_time_compare(expected_signature, signature):
-             if instance_id:
-                 LOG.warn(_('X-Instance-ID-Signature: %(signature)s does not '
-                            'match the expected value: %(expected_signature)s '
-diff --git a/nova/tests/test_utils.py b/nova/tests/test_utils.py
-index 59d08fd..c2969a6 100644
---- a/nova/tests/test_utils.py
-+++ b/nova/tests/test_utils.py
-@@ -979,3 +979,10 @@ class VersionTestCase(test.NoDBTestCase):
- 
-     def test_convert_version_to_tuple(self):
-         self.assertEqual(utils.convert_version_to_tuple('6.7.0'), (6, 7, 0))
-+
-+
-+class ConstantTimeCompareTestCase(test.NoDBTestCase):
-+    def test_constant_time_compare(self):
-+        self.assertTrue(utils.constant_time_compare("abcd1234", "abcd1234"))
-+        self.assertFalse(utils.constant_time_compare("abcd1234", "a"))
-+        self.assertFalse(utils.constant_time_compare("abcd1234", "ABCD234"))
-diff --git a/nova/utils.py b/nova/utils.py
-index 0c3ee94..7dfa0cc 100644
---- a/nova/utils.py
-+++ b/nova/utils.py
-@@ -21,6 +21,7 @@ import contextlib
- import datetime
- import functools
- import hashlib
-+import hmac
- import inspect
- import multiprocessing
- import os
-@@ -1170,3 +1171,29 @@ def cpu_count():
-         return multiprocessing.cpu_count()
-     except NotImplementedError:
-         return 1
-+
-+
-+# NOTE(gm) Constant time comparison taken from keystone. This is a
-+# candidate for inclusion in oslo.
-+#
-+# Original code: master/keystoneclient/middleware/memcache_crypt.py#L86
-+if sys.version_info >= (3, 3):
-+    constant_time_compare = hmac.compare_digest
-+else:
-+    def constant_time_compare(first, second):
-+        """Returns True if both string inputs are equal, otherwise False.
-+
-+        This function should take a constant amount of time regardless of
-+        how many characters in the strings match.
-+
-+        """
-+        if len(first) != len(second):
-+            return False
-+        result = 0
-+        if six.PY3 and isinstance(first, bytes) and isinstance(second, bytes):
-+            for x, y in zip(first, second):
-+                result |= x ^ y
-+        else:
-+            for x, y in zip(first, second):
-+                result |= ord(x) ^ ord(y)
-+        return result == 0
--- 
-1.9.3
-
diff --git a/sys-cluster/nova/nova-2014.1.1-r1.ebuild b/sys-cluster/nova/nova-2014.1.2.ebuild
index 1c1c916552a1..0edac73401de 100644
--- a/sys-cluster/nova/nova-2014.1.1-r1.ebuild
+++ b/sys-cluster/nova/nova-2014.1.2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2014.1.1-r1.ebuild,v 1.3 2014/08/10 20:21:07 slyfox Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2014.1.2.ebuild,v 1.1 2014/08/21 20:53:36 prometheanfire Exp $
 
 EAPI=5
 PYTHON_COMPAT=( python2_7 )
@@ -49,6 +49,7 @@ RDEPEND="sqlite? (
 		>=dev-python/kombu-2.4.8[${PYTHON_USEDEP}]
 		>=dev-python/lxml-2.3[${PYTHON_USEDEP}]
 		>=dev-python/routes-1.12.3-r1[${PYTHON_USEDEP}]
+		!~dev-python/routes-2.0[${PYTHON_USEDEP}]
 		>=dev-python/webob-1.2.3[${PYTHON_USEDEP}]
 		>=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}]
 		>=dev-python/pastedeploy-1.5.0-r1[${PYTHON_USEDEP}]
@@ -66,7 +67,7 @@ RDEPEND="sqlite? (
 		<=dev-python/python-neutronclient-3.0.0[${PYTHON_USEDEP}]
 		>=dev-python/python-glanceclient-0.9.0[${PYTHON_USEDEP}]
 		>=dev-python/python-keystoneclient-0.7.0[${PYTHON_USEDEP}]
-		>=dev-python/six-1.5.2[${PYTHON_USEDEP}]
+		>=dev-python/six-1.6.0[${PYTHON_USEDEP}]
 		>=dev-python/stevedore-0.14[${PYTHON_USEDEP}]
 		>=dev-python/websockify-0.5.1[${PYTHON_USEDEP}]
 		<dev-python/websockify-0.6[${PYTHON_USEDEP}]
@@ -86,7 +87,6 @@ RDEPEND="sqlite? (
 			   app-emulation/xen-tools )"
 
 PATCHES=(
-	"${FILESDIR}/nova-2014.1.1-CVE-2014-3517.patch"
 )
 
 pkg_setup() {
author	Matt Thode <prometheanfire@gentoo.org>	2014-08-21 20:53:45 +0000
committer	Matt Thode <prometheanfire@gentoo.org>	2014-08-21 20:53:45 +0000
commit	d86de9c951d9ce481955795276526d4274e7263f (patch)
tree	09e0e912d70cedb0c858e6fc0a7ae312683fb2f8 /sys-cluster/nova
parent	bup (diff)
download	historical-d86de9c951d9ce481955795276526d4274e7263f.tar.gz historical-d86de9c951d9ce481955795276526d4274e7263f.tar.bz2 historical-d86de9c951d9ce481955795276526d4274e7263f.zip