Bug #1733634 “SHA1 signatures are weak, use SHA256 in docs” : Bugs : OpenStack Object Storage (swift)

Revision history for this message

Samuel Merritt (torgomatic) wrote on 2017-11-22:

#1

I don't see SHA256 support in TempURL. As far as I see, it's SHA-1 only.

Revision history for this message

Brian King (inflatador) wrote on 2017-11-27:

#2

Interesting. I confirmed that TempURL SHA256 signatures do in fact work with Rackspace Cloud Files , which is based on Swift.

Does anyone have access to a vanilla Swift install with TempURL enabled so they can confirm or deny whether or not it works?

Revision history for this message

Tim Burke (1-tim-z) wrote on 2017-11-29:

#3

Yeah, sha256 definitely isn't supported -- the only place we even mention it in code is in the encryption-of-object-data-at-rest feature. Got any docs for the cloud files work? https://developer.rackspace.com/docs/cloud-files/v1/use-cases/public-access-to-your-cloud-files-account/#tempurl only seems to mention sha1. I'd be interested in adding support for other, stronger digests (with an eye toward deprecating and eventually getting rid of sha1-based signatures), but I'd hate to come up with an incompatible API "just because".

Really, we probably should have started this work a while ago -- the writing's been on the wall for years: https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html

Revision history for this message

Brian King (inflatador) wrote on 2017-12-04:

#4

@Tim I'll try and get the Cloud Files docs updatesd I wrote a script to test the use of sha256 in Rackspace Cloud Files and it seemed to work ( https://github.com/inflatador/ptemper ).

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-12-05: Related fix proposed to swift (master)

#5

Related fix proposed to branch: master
Review: https://review.openstack.org/525770

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-01: Related fix merged to swift (master)

#6

Reviewed: https://review.openstack.org/525770
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=5a4d3bdfc49d61ee6e333c8eb1dad4383ae9308b
Submitter: Zuul
Branch: master

commit 5a4d3bdfc49d61ee6e333c8eb1dad4383ae9308b
Author: Tim Burke <email address hidden>
Date: Tue Dec 5 20:19:37 2017 +0000

tempurl: Make the digest algorithm configurable

    ... and add support for SHA-256 and SHA-512 by default. This allows us
    to start moving toward replacing SHA-1-based signatures. We've known
    this would eventually be necessary for a while [1], and earlier this
    year we've seen SHA-1 collisions [2].

    Additionally, allow signatures to be base64-encoded, provided they start
    with a digest name followed by a colon. Trailing padding is optional for
    base64-encoded signatures, and both normal and "url-safe" modes are
    supported. For example, all of the following SHA-1 signatures are
    equivalent:

       da39a3ee5e6b4b0d3255bfef95601890afd80709
       sha1:2jmj7l5rSw0yVb/vlWAYkK/YBwk=
       sha1:2jmj7l5rSw0yVb/vlWAYkK/YBwk
       sha1:2jmj7l5rSw0yVb_vlWAYkK_YBwk=
       sha1:2jmj7l5rSw0yVb_vlWAYkK_YBwk

(Note that "normal" base64 encodings will require that you url encode
all "+" characters as "%2B" so they aren't misinterpretted as spaces.)

This was done for two reasons:

       1. A hex-encoded SHA-512 is rather lengthy at 128 characters -- 88
          isn't *that* much better, but it's something.
       2. This will allow us to more-easily add support for different
          digests with the same bit length in the future.

    Base64-encoding is required for SHA-512 signatures; hex-encoding is
    supported for SHA-256 signatures so we aren't needlessly breaking from
    what Rackspace is doing.

[1] https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
[2] https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html

Change-Id: Ia9dd1a91cc3c9c946f5f029cdefc9e66bcf01046
Related-Bug: #1733634

Reviewed:  https://review.openstack.org/525770
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=5a4d3bdfc49d61ee6e333c8eb1dad4383ae9308b
Submitter: Zuul
Branch:    master

commit 5a4d3bdfc49d61ee6e333c8eb1dad4383ae9308b
Author: Tim Burke <tim.burke@gmail.com>
Date:   Tue Dec 5 20:19:37 2017 +0000

tempurl: Make the digest algorithm configurable
    
    ... and add support for SHA-256 and SHA-512 by default. This allows us
    to start moving toward replacing SHA-1-based signatures. We've known
    this would eventually be necessary for a while [1], and earlier this
    year we've seen SHA-1 collisions [2].
    
    Additionally, allow signatures to be base64-encoded, provided they start
    with a digest name followed by a colon. Trailing padding is optional for
    base64-encoded signatures, and both normal and "url-safe" modes are
    supported. For example, all of the following SHA-1 signatures are
    equivalent:
    
       da39a3ee5e6b4b0d3255bfef95601890afd80709
       sha1:2jmj7l5rSw0yVb/vlWAYkK/YBwk=
       sha1:2jmj7l5rSw0yVb/vlWAYkK/YBwk
       sha1:2jmj7l5rSw0yVb_vlWAYkK_YBwk=
       sha1:2jmj7l5rSw0yVb_vlWAYkK_YBwk
    
    (Note that "normal" base64 encodings will require that you url encode
    all "+" characters as "%2B" so they aren't misinterpretted as spaces.)
    
    This was done for two reasons:
    
       1. A hex-encoded SHA-512 is rather lengthy at 128 characters -- 88
          isn't *that* much better, but it's something.
       2. This will allow us to more-easily add support for different
          digests with the same bit length in the future.
    
    Base64-encoding is required for SHA-512 signatures; hex-encoding is
    supported for SHA-256 signatures so we aren't needlessly breaking from
    what Rackspace is doing.
    
    [1] https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
    [2] https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
    
    Change-Id: Ia9dd1a91cc3c9c946f5f029cdefc9e66bcf01046
    Related-Bug: #1733634

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-06: Related fix proposed to swift (feature/deep)

#7

Related fix proposed to branch: feature/deep
Review: https://review.openstack.org/541233

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-07: Related fix merged to swift (feature/deep)

#8

Download full text (12.3 KiB)

Reviewed: https://review.openstack.org/541233
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=e473955900dde31dc170bf485e718fdf65955650
Submitter: Zuul
Branch: feature/deep

commit d9eec63a588e1e1e574b71d67b5d7456c3ad468d
Author: James E. Blair <email address hidden>
Date: Wed Jan 24 17:05:13 2018 -0800

Zuul: Remove project name

Zuul no longer requires the project-name for in-repo configuration.
Omitting it makes forking or renaming projects easier.

Change-Id: I2226881d18e69bf25ad93ee8b8db67248e14f697

commit f4cfe81e593b52e11e67916073a050cd2dde2e00
Author: John Dickinson <email address hidden>
Date: Tue Jan 16 14:51:29 2018 -0800

authors/changelog updates for 2.17.0 release

Change-Id: I577d169022916676a20a9ac24c7cc7b63ae46778

commit 8140b7e7ad8eaef0ca110c0f5e185a046b69fd6f
Author: Kazuhiro MIYAHARA <email address hidden>
Date: Thu Feb 1 09:43:46 2018 +0000

Fix inconsistency of account info in expirer's unit tests

    In expirer's unit tests, FakeInternalClient instances simulates
    expirer's task queue behavior. But get_account_info method of
    the FakeInternalClient returns container count = 1 and object
    count = 2, even if it simulate different count of containers or
    objects.

This patch fixes the behavior. The return values of get_account_info
will be equal to simulated container and object counts.

This patch will make review for expirer's task queue upgrade patch [1]
more easy.

[1]: https://review.openstack.org/#/c/517389

Change-Id: Id5339ea7e10e4577ff22daeb91ec90f08704c98d

commit 924a043c70ba38c5d81758b5e0c29fa73674404a
Author: Samuel Merritt <email address hidden>
Date: Wed Jan 31 16:40:21 2018 -0800

Remove some cruft from ratelimit tests

    The tests were carefully setting up a mock for the 'http_connect'
    function in the ratelimit module, but there is no such function
    imported by the ratelimit module.

As far as I can tell, this has been the case since the ratelimit
middleware first appeared in 72d40bd (Mon Oct 4 14:11:48 2010 -0700).

Change-Id: If047184c6435aa1647050f50b499dc9feff4318d

commit 5cac37284e1d3f3019309ca86f73e3dbb176df59
Author: Kazuhiro MIYAHARA <email address hidden>
Date: Thu Jan 25 10:49:00 2018 +0000

Refactor expirer unit tests

In expirer's unit tests, fake InternalClient classes are defined
and its instance simulates expirer's task queue behaviors.

    To make review for expirer's task queue update patch [1] easy,
    this patch refactors the implementation of the fake InternalClient
    classes. In this patch, unit tests are refactored by the following
    two approaches:
        #1: Summarizing duplicated fake InternalClient implementation
        #2: Make task account name variable
    The #2 approach is for multiple task accounts in [1].

The patch [1] will be rebased after this patch merged.

[1]: https://review.openstack.org/#/c/517389

Change-Id: I10a7151cfdd43460ad38c47f672d3c31b77e7990

commit 1c306660a53447bb0a696873bd3f88e66e3781eb
Author: OpenStack Proposal Bot <openstack-...

Reviewed:  https://review.openstack.org/541233
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=e473955900dde31dc170bf485e718fdf65955650
Submitter: Zuul
Branch:    feature/deep

commit d9eec63a588e1e1e574b71d67b5d7456c3ad468d
Author: James E. Blair <jeblair@redhat.com>
Date:   Wed Jan 24 17:05:13 2018 -0800

Zuul: Remove project name
    
    Zuul no longer requires the project-name for in-repo configuration.
    Omitting it makes forking or renaming projects easier.
    
    Change-Id: I2226881d18e69bf25ad93ee8b8db67248e14f697

commit f4cfe81e593b52e11e67916073a050cd2dde2e00
Author: John Dickinson <me@not.mn>
Date:   Tue Jan 16 14:51:29 2018 -0800

authors/changelog updates for 2.17.0 release
    
    Change-Id: I577d169022916676a20a9ac24c7cc7b63ae46778

commit 8140b7e7ad8eaef0ca110c0f5e185a046b69fd6f
Author: Kazuhiro MIYAHARA <miyahara.kazuhiro@lab.ntt.co.jp>
Date:   Thu Feb 1 09:43:46 2018 +0000

Fix inconsistency of account info in expirer's unit tests
    
    In expirer's unit tests, FakeInternalClient instances simulates
    expirer's task queue behavior. But get_account_info method of
    the FakeInternalClient returns container count = 1 and object
    count = 2, even if it simulate different count of containers or
    objects.
    
    This patch fixes the behavior. The return values of get_account_info
    will be equal to simulated container and object counts.
    
    This patch will make review for expirer's task queue upgrade patch [1]
    more easy.
    
    [1]: https://review.openstack.org/#/c/517389
    
    Change-Id: Id5339ea7e10e4577ff22daeb91ec90f08704c98d

commit 924a043c70ba38c5d81758b5e0c29fa73674404a
Author: Samuel Merritt <sam@swiftstack.com>
Date:   Wed Jan 31 16:40:21 2018 -0800

Remove some cruft from ratelimit tests
    
    The tests were carefully setting up a mock for the 'http_connect'
    function in the ratelimit module, but there is no such function
    imported by the ratelimit module.
    
    As far as I can tell, this has been the case since the ratelimit
    middleware first appeared in 72d40bd (Mon Oct 4 14:11:48 2010 -0700).
    
    Change-Id: If047184c6435aa1647050f50b499dc9feff4318d

commit 5cac37284e1d3f3019309ca86f73e3dbb176df59
Author: Kazuhiro MIYAHARA <miyahara.kazuhiro@lab.ntt.co.jp>
Date:   Thu Jan 25 10:49:00 2018 +0000

Refactor expirer unit tests
    
    In expirer's unit tests, fake InternalClient classes are defined
    and its instance simulates expirer's task queue behaviors.
    
    To make review for expirer's task queue update patch [1] easy,
    this patch refactors the implementation of the fake InternalClient
    classes. In this patch, unit tests are refactored by the following
    two approaches:
        #1: Summarizing duplicated fake InternalClient implementation
        #2: Make task account name variable
    The #2 approach is for multiple task accounts in [1].
    
    The patch [1] will be rebased after this patch merged.
    
    [1]: https://review.openstack.org/#/c/517389
    
    Change-Id: I10a7151cfdd43460ad38c47f672d3c31b77e7990

commit 1c306660a53447bb0a696873bd3f88e66e3781eb
Author: OpenStack Proposal Bot <openstack-infra@lists.openstack.org>
Date:   Wed Jan 31 08:18:59 2018 +0000

Imported Translations from Zanata
    
    For more information about this automatic import see:
    https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
    
    Change-Id: I6e420ea5241838192571dd9d857cca4056699314

commit 5a4d3bdfc49d61ee6e333c8eb1dad4383ae9308b
Author: Tim Burke <tim.burke@gmail.com>
Date:   Tue Dec 5 20:19:37 2017 +0000

tempurl: Make the digest algorithm configurable
    
    ... and add support for SHA-256 and SHA-512 by default. This allows us
    to start moving toward replacing SHA-1-based signatures. We've known
    this would eventually be necessary for a while [1], and earlier this
    year we've seen SHA-1 collisions [2].
    
    Additionally, allow signatures to be base64-encoded, provided they start
    with a digest name followed by a colon. Trailing padding is optional for
    base64-encoded signatures, and both normal and "url-safe" modes are
    supported. For example, all of the following SHA-1 signatures are
    equivalent:
    
       da39a3ee5e6b4b0d3255bfef95601890afd80709
       sha1:2jmj7l5rSw0yVb/vlWAYkK/YBwk=
       sha1:2jmj7l5rSw0yVb/vlWAYkK/YBwk
       sha1:2jmj7l5rSw0yVb_vlWAYkK_YBwk=
       sha1:2jmj7l5rSw0yVb_vlWAYkK_YBwk
    
    (Note that "normal" base64 encodings will require that you url encode
    all "+" characters as "%2B" so they aren't misinterpretted as spaces.)
    
    This was done for two reasons:
    
       1. A hex-encoded SHA-512 is rather lengthy at 128 characters -- 88
          isn't *that* much better, but it's something.
       2. This will allow us to more-easily add support for different
          digests with the same bit length in the future.
    
    Base64-encoding is required for SHA-512 signatures; hex-encoding is
    supported for SHA-256 signatures so we aren't needlessly breaking from
    what Rackspace is doing.
    
    [1] https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
    [2] https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
    
    Change-Id: Ia9dd1a91cc3c9c946f5f029cdefc9e66bcf01046
    Related-Bug: #1733634

commit 11bf9e45884aa5122e76a97cf62062d7b0bdfe54
Author: Joel Wright <joel.wright@sohonet.com>
Date:   Sun Sep 4 23:51:53 2016 +0100

Add support for data segments to SLO and SegmentedIterable
    
    This patch updates the SLO middleware and SegmentedIterable to add
    support for user-specified inlined-data segments. Such segments will
    contain base64-encoded data to be added before/after an object-backed
    segment within an SLO. To accommodate the potential extra data we
    increase the default SLO maximum manifest size from 2MiB to 8MiB.
    The default maximum number of segments remains 1000, but this will
    only be enforced for object-backed segments.
    
    This patch is a prerequisite for a future patch enabling the
    download of large objects as tarballs. The TLO patch will be added
    as a dependent patch later.
    
    UpgradeImpact
    =============
    During a rolling upgrade, an updated proxy may write a manifest that
    out-of-date proxies will not be able to read. This will resolve itself
    once the upgrade completes on all nodes.
    
    Change-Id: Ib8dc216a84d370e6da7d6b819af79582b671d699

commit 89a5c9d56fda8282292253d2d056121694ef7654
Author: Tim Burke <tim.burke@gmail.com>
Date:   Tue Sep 12 22:46:14 2017 +0000

Disallow fractional replicas in EC policies
    
    Change-Id: I873d7bf7de54e4b1dccdafc8a61f03c09a65dfbc
    Closes-Bug: 1554391
    Closes-Bug: 1677547

commit 10542d00ea131250a184803a03ce2928fadf274e
Author: gaofei <gao.fei@inspur.com>
Date:   Tue Jan 23 16:57:55 2018 +0800

Replace Chinese punctuation with English punctuation
    
    Curly quotes(Chinese punctuation) usually input from Chinese input method.
    When read from english context, it makes some confusion.
    
    Change-Id: Ibd50299ee287c56ec4759ea8ff53d47d006144f8

commit fdf817b3188459bed60bf8668fac7ee147de2a9e
Author: Tim Burke <tim.burke@gmail.com>
Date:   Tue Jan 23 18:42:40 2018 +0000

Include policy in ran-out-of-handoffs log message
    
    Related-Change: I2f5bb12f3704880df1750229425f64f419ff9aef
    Change-Id: I14b70e949a57d2c31b71d3efa6ee1200d0717db6

commit 05b2a14fe04d097bfc2155a325fa240983311e97
Author: gaofei <gao.fei@inspur.com>
Date:   Tue Jan 23 14:57:18 2018 +0800

Update broken link
    
    Change-Id: I8d13696970593d47d0f07cf97aa1284eed5f7a15

commit cbcbc774681ad1a90f8fd260787c29943bedb675
Author: Clay Gerrard <clay.gerrard@gmail.com>
Date:   Thu Jan 18 18:33:08 2018 -0800

Internal Client should only retry server errors
    
    Change-Id: I0a3f4a01d50b6a5d5528f527faa34573c7dde619

commit f4cff9fbba76932a4b67f1130d630098497bb4bc
Author: Tim Burke <tim.burke@gmail.com>
Date:   Wed Jan 17 22:07:26 2018 +0000

object-server can 409 in response to x-if-delete-at
    
    Previously, if the expirer had a stale work item (because the object
    was overwritten or deleted, or some other process handled the delete),
    then it would keep retrying for reclaim_age, but every time it'd get
    back a 412.
    
    Now, have the object-server be smart enough to say, "I have more recent
    information than you" and let the expirer accept that as success.
    
    Change-Id: I0a94482ed16cb30ce79074e053e6177fe97bcaa9

commit 0c27fd2311d512629825eba39868ffc107d2971d
Author: Clay Gerrard <clay.gerrard@gmail.com>
Date:   Wed Jan 17 13:56:13 2018 -0800

Reset state every iteration to avoid stale reference
    
    If you get a valid but unexpected response status you have to continue
    the loop.  If you don't reset resp = None some kinds of exceptions might
    get re-raised as with the wrong error.
    
    Change-Id: I5751dfbc176155bea63103a64fd8d4db62323e60

commit 5347c3069dcd28b9e39b9444731836ae29d481ad
Author: Tim Burke <tim.burke@gmail.com>
Date:   Wed Jan 17 20:39:22 2018 +0000

Add container-reconciler to source doc tree
    
    Change-Id: I98e7e55839e5697d975af0a4756fd09933af1c5f

commit 39efb51d0764cccdbf6a8d2029e96584b97fe636
Author: zhang.lei <zhang.lei@99cloud.net>
Date:   Mon Jan 15 03:20:07 2018 +0000

Remove the deprecated "giturl" option
    
    From openstackdocstheme 1.18.0, valid Git URLs can be retrieved by
    openstackdocstheme[1], we do not need giturl option anymore.
    
    [1] https://review.openstack.org/532163
    
    Change-Id: I579cebae6486d250915f936f0c1c61008471c089

commit b451ceed4bc9cdbfa591e36cde6c43579839c5ec
Author: Tim Burke <tim.burke@gmail.com>
Date:   Tue Jan 9 23:53:56 2018 +0000

Add pipeline modification test for previously-recommended pipelines
    
    This includes every pipeline from etc/proxy-server.conf-sample since we
    switched from swauth to tempauth in 1.4.1. As much as anything, I view
    this as a canary for auto-insertion changes, so we can (somewhat easily)
    see where new middlewares will be placed when upgrading from old swifts.
    
    Change-Id: I117937ab6ce28f3bc219e809f07b563c45fc486f
    Related-Change: I88678fddc7a25b0f065b33eb26047321d0db4d38

commit cd11289ba18a916b05dba30956631d9631fb130f
Author: Tim Burke <tim.burke@gmail.com>
Date:   Mon Dec 18 17:14:36 2017 -0800

Add a small sleep when trying to predict X-Timestamp
    
    The existing test works fine if you're running the tests on an
    all-in-one, but is pretty brittle if you aren't running them on the
    one and only proxy-server they're hitting.
    
    Add 0.1s sleep to allow *some* clock slippage between client and server.
    
    Change-Id: Iacd08e9f703d08d0092b5e8eb53fe287ba1d1596

commit fba3fb70894246124fcb5233f15f1d9cae807756
Author: Tim Burke <tim.burke@gmail.com>
Date:   Mon Dec 18 19:08:58 2017 +0000

Stop logging tracebacks when the replicator runs out of handoffs
    
    Otherwise, swift-in-the-small can fill up logs with
    
        object-replicator: Error syncing partition:
        Traceback (most recent call last):
          File ".../swift/obj/replicator.py", line 419, in update
            node = next(nodes)
        StopIteration
    
    ...which simultaneously sounds worse than it is and isn't helpful in
    diagnosing/debugging the issue.
    
    Change-Id: I2f5bb12f3704880df1750229425f64f419ff9aef

commit 5b26516ab23288295aeff3764ae0584777547f4d
Author: Tim Burke <tim.burke@gmail.com>
Date:   Wed May 17 18:26:25 2017 -0700

Increase name-length limits for internal accounts
    
    Double account and container name-length limits for accounts starting with
    auto_create_account_prefix (default: '.') -- these are used internally by
    Swift, and may need to have some prefix followed by a user-settable value.
    
    Related-Change: Ice703dc6d98108ad251c43f824426d026e1f1d97
    Change-Id: Ie1ce5ea49b06ab3002c0bd0fad7cea16cea2598e

commit 88c9ba4396a4e66eb854509a91e94935459444cf
Author: Tim Burke <tim.burke@gmail.com>
Date:   Tue Oct 10 00:27:13 2017 +0000

Fix bulk heartbeating when emitting XML
    
    Previously, we would set eventlet.minimum_write_chunk_size *after* we
    emit the XML declaration. As a result, eventlet thinks it should buffer
    the entire response, rendering our attempts at heartbeating useless.
    
    Change-Id: Idb58c6cc982cc221fed5fc837afd06aa958d9ad4

tags:

added: in-feature-deep

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-26: Related fix proposed to swift (feature/s3api)

#9

Related fix proposed to branch: feature/s3api
Review: https://review.openstack.org/548052

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-27:

#10

Related fix proposed to branch: feature/s3api
Review: https://review.openstack.org/548193

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-27: Change abandoned on swift (feature/s3api)

#11

Change abandoned by Kota Tsuyuzaki (<email address hidden>) on branch: feature/s3api
Review: https://review.openstack.org/548052
Reason: This is affected by the new s3api functests added in recent. Use https://review.openstack.org/#/c/548193/ instead.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-02-27: Related fix merged to swift (feature/s3api)

#12

Download full text (30.7 KiB)

Reviewed: https://review.openstack.org/548193
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=9d43f4e190802cb0cad507a65245e4dd70fda7db
Submitter: Zuul
Branch: feature/s3api

commit b3f1558acd2f5a4df3f039070ca5bbc33935e822
Author: Kazuhiro MIYAHARA <email address hidden>
Date: Tue Feb 13 05:16:27 2018 +0000

Fix expirer's invalid task object names in unit tests

    Object-expirer's task name should be in format of
    "<timestamp>-<account>/<container>/<obj>". In object-expirer
    implementation, ValueError is catched and handled when expirer's task
    objects have invalid name. But in actual swift cluster, invalid task
    object name is not created because task object is created by
    object-server.
    However, without the ValueError catching, some unit tests fail,
    because the unit tests create invalid task object names.

    This patch fixes invalid task object names in unit tests. The
    ValueError catch is remained for unexpected errors, but in the case
    the task will be skipped.

This patch will help to refactor expirer's task object parsing.

Change-Id: I8fab8fd180481ce9e97c945904c5c89eec037110

commit 4b19ac772364778a4b96d7e18834db9a7645f482
Author: Tim Burke <email address hidden>
Date: Thu Feb 1 14:30:19 2018 -0800

py3: port common/storage_policy.py

Change-Id: I7030280a8495628df9ed8edcc8abc31f901da72e

commit 25540a415e7e36bb08a01a14ca41e2d7591e62cb
Author: Tim Burke <email address hidden>
Date: Thu Feb 22 11:08:49 2018 -0800

Tighten up assertions around expirer's concurrency

In particular, test that each work item is only done *once*.

Change-Id: I9cc610bffb2aa9a2f2b05f4c49e574ab56d05201
Related-Change: Ic0075a3718face8c509ed0524b63d9171f5b7d7a

commit 5017864133b5af289f205afaf76ffe4518688b3f
Author: melissaml <ma.lei@99cloud.net>
Date: Mon Feb 26 15:48:31 2018 +0800

Fix the incorrect reference links

    TrivialFix
    [1] is the installation guide for OpenStack components, obviously,
    we need [1] in the docs.

[1] https://docs.openstack.org/latest/install/

Change-Id: I3c6fe7327f5552cc2b8f0f0e42b41f8e989a0a7e

commit 58f5d89066adbd54403ad315ffe1f9b2f05aa583
Author: Kazuhiro MIYAHARA <email address hidden>
Date: Tue Feb 13 03:36:04 2018 +0000

Remove confusing assertion from expirer's unit test

    In test_expirer.TestObjectExpirer.test_process_based_concurrency,
    an assertion checks that expirer execute tasks in round-robin order
    for target containers. But the assertion depends on task object path,
    because task assignation for each process depends on md5 of task
    object path. The dependency makes the assetion confusing.

Now, we have test_expirer.TestObjectExpirer.test_round_robin_order which
is added in [1]. So this patch remove the confusing assertion.

This patch will help to refactor expirer's task object parsing.
I will push patch for the refactoring after this patch.

[1]: https://review.openstack.org/#/c/538171

Change-Id: Ic0075a3718face8c509ed0524b63d9171f5b7d7a

commit 6060af8db96e23d32f3ecc3d02f7f...

Reviewed:  https://review.openstack.org/548193
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=9d43f4e190802cb0cad507a65245e4dd70fda7db
Submitter: Zuul
Branch:    feature/s3api

commit b3f1558acd2f5a4df3f039070ca5bbc33935e822
Author: Kazuhiro MIYAHARA <miyahara.kazuhiro@lab.ntt.co.jp>
Date:   Tue Feb 13 05:16:27 2018 +0000

Fix expirer's invalid task object names in unit tests
    
    Object-expirer's task name should be in format of
    "<timestamp>-<account>/<container>/<obj>". In object-expirer
    implementation, ValueError is catched and handled when expirer's task
    objects have invalid name. But in actual swift cluster, invalid task
    object name is not created because task object is created by
    object-server.
    However, without the ValueError catching, some unit tests fail,
    because the unit tests create invalid task object names.
    
    This patch fixes invalid task object names in unit tests. The
    ValueError catch is remained for unexpected errors, but in the case
    the task will be skipped.
    
    This patch will help to refactor expirer's task object parsing.
    
    Change-Id: I8fab8fd180481ce9e97c945904c5c89eec037110

commit 4b19ac772364778a4b96d7e18834db9a7645f482
Author: Tim Burke <tim.burke@gmail.com>
Date:   Thu Feb 1 14:30:19 2018 -0800

py3: port common/storage_policy.py
    
    Change-Id: I7030280a8495628df9ed8edcc8abc31f901da72e

commit 25540a415e7e36bb08a01a14ca41e2d7591e62cb
Author: Tim Burke <tim.burke@gmail.com>
Date:   Thu Feb 22 11:08:49 2018 -0800

Tighten up assertions around expirer's concurrency
    
    In particular, test that each work item is only done *once*.
    
    Change-Id: I9cc610bffb2aa9a2f2b05f4c49e574ab56d05201
    Related-Change: Ic0075a3718face8c509ed0524b63d9171f5b7d7a

commit 5017864133b5af289f205afaf76ffe4518688b3f
Author: melissaml <ma.lei@99cloud.net>
Date:   Mon Feb 26 15:48:31 2018 +0800

Fix the incorrect reference links
    
    TrivialFix
    [1] is the installation guide for OpenStack components, obviously,
    we need [1] in the docs.
    
    [1] https://docs.openstack.org/latest/install/
    
    Change-Id: I3c6fe7327f5552cc2b8f0f0e42b41f8e989a0a7e

commit 58f5d89066adbd54403ad315ffe1f9b2f05aa583
Author: Kazuhiro MIYAHARA <miyahara.kazuhiro@lab.ntt.co.jp>
Date:   Tue Feb 13 03:36:04 2018 +0000

Remove confusing assertion from expirer's unit test
    
    In test_expirer.TestObjectExpirer.test_process_based_concurrency,
    an assertion checks that expirer execute tasks in round-robin order
    for target containers. But the assertion depends on task object path,
    because task assignation for each process depends on md5 of task
    object path. The dependency makes the assetion confusing.
    
    Now, we have test_expirer.TestObjectExpirer.test_round_robin_order which
    is added in [1]. So this patch remove the confusing assertion.
    
    This patch will help to refactor expirer's task object parsing.
    I will push patch for the refactoring after this patch.
    
    [1]: https://review.openstack.org/#/c/538171
    
    Change-Id: Ic0075a3718face8c509ed0524b63d9171f5b7d7a

commit 6060af8db96e23d32f3ecc3d02f7f0dd27a57eba
Author: Tim Burke <tim.burke@gmail.com>
Date:   Thu Feb 22 10:26:00 2018 -0800

Add more tests around ObjectExpirer.round_robin_order
    
    Change-Id: I43b5e8d9513fd0566a61ff585dfdc1dde5b28343
    Related-Change: Ibf61eb1f767a48cb457dd494e1f7c12acfd205de

commit 303635348b6cd30b13522d5c483934882178982b
Author: Kazuhiro MIYAHARA <miyahara.kazuhiro@lab.ntt.co.jp>
Date:   Fri Jan 26 07:54:31 2018 +0000

Refactor expirer's task round robin implementation
    
    Object-expirer changes order of expiration tasks to avoid deleting
    objects in a certain container continuously.
    
    To make review for expirer's task queue update patch [1] easy,
    this patch refactors the implementation of the order change. In this
    patch, the order change is divided as a function.
    
    In [1], there will be two implementations for legacy task queue
    and for general task queue. The two implementations have similar
    codes. This patch helps to avoid copying codes in the two implementations.
    
    Other than dividing function, this patch tries to resolve:
    - Separate container iteration and object iteration to avoid the generator
      termination with (container, None) tuple.
    - Using Timestamp class for delete_timestamp to be consist with other modules
    - Change yielded delete task object info from tuple to dict because that
      includes several complex info (e.g. task_container, task_object,
      and target_path)
    - Fix minor docs and tests depends on the changes above
    
    [1]: https://review.openstack.org/#/c/517389
    
    Co-Authored-By: Kota Tsuyuzaki <tsuyuzaki.kota@lab.ntt.co.jp>
    
    Change-Id: Ibf61eb1f767a48cb457dd494e1f7c12acfd205de

commit c6169cd7146cd80a3a5562eb729cde97f801cb84
Author: Kazuhiro MIYAHARA <miyahara.kazuhiro@lab.ntt.co.jp>
Date:   Wed Feb 21 04:58:59 2018 +0000

Fix a typo in swift/common/swob.py
    
    This patch just fixing a typo.
    
    Change-Id: I8a3c5e86b39e442157874a426d664fce33c9d36a

commit 8539b9388793fa5588c9f184d52f7834f1e77128
Author: Samuel Merritt <sam@swiftstack.com>
Date:   Thu Feb 15 16:03:06 2018 -0800

Small cleanup in DB replicator's error handling
    
    Generally, we shouldn't compare integers with "is". It happens to work
    because (a) CPython has only one instance of each integer betwen -5
    and 256, and (b) errno.ENOTEMPTY == 66 on Linux, but it's better not
    to rely on those details.
    
    Change-Id: I494a4adbb2bb35adcf83b2d23e790c1b220e75c7

commit 57306181f1ffde3da1849c6d27e0b001d3bf5ea3
Author: Gerard Gine <ggine@swiftstack.com>
Date:   Tue Feb 13 17:00:22 2018 -0800

Improved usage of args in .functests
    
    If we're calling the script with any arguments, --pretty will not
    be passed to ostestr.
    Also redirected cd commands' output to /dev/null in .functests.
    
    Change-Id: I6e7e391c7e1659b86ab12eae4362b565218917b2

commit 8dc40125ce8da616c713a778029b1b29903a1537
Author: John Dickinson <me@not.mn>
Date:   Tue Feb 13 14:38:22 2018 -0800

add keystonemiddleware to extras area
    
    Change-Id: I805cf220aee4af69bf4984cc148d69520e958073

commit 642f79965a5e77b20660d2f0144d1624b0fa451c
Author: Tim Burke <tim.burke@gmail.com>
Date:   Wed Nov 23 10:14:21 2016 -0800

py3: port common/ring/ and common/utils.py
    
    I can't imagine us *not* having a py3 proxy server at some point, and
    that proxy server is going to need a ring.
    
    While we're at it (and since they were so close anyway), port
    
    * cli/ringbuilder.py and
    * common/linkat.py
    * common/daemon.py
    
    Change-Id: Iec8d97e0ce925614a86b516c4c6ed82809d0ba9b

commit 1dddcb533e16602cca5a057dbda12ca4049ea64e
Author: Tim Burke <tim.burke@gmail.com>
Date:   Thu Feb 8 13:45:21 2018 -0800

probetests: Close our handle to subprocess' stdouts
    
    Otherwise, you could start running out of file handles when running all
    tests. Previously, I'd regularly exceed 1k fds and then all subsequent
    tests would fail; now, it maxes out around 90.
    
    Change-Id: Ib53f15b5d2be95c70cce8903ea0ef5c334479837

commit f0f3de34626269052b1d7022d2e3cd3f9f0a377e
Author: malei <malei@maleideMacBook-Pro.local>
Date:   Fri Feb 9 22:43:21 2018 +0800

fix typos in swift
    
    Change-Id: I14dd433ed7c7fe789d5d04defbf9eec5bffc301a

commit 54918ad1db574bbc2c0b429836609a7ddb1efb13
Author: baiwenteng <baiwenteng@inspur.com>
Date:   Fri Feb 9 16:39:32 2018 +0800

Fix grammar error
    
    Change-Id: Ic375b6c6ebf3f66860b065785e75b8d47552be28

commit 753715499c96c1602bfec5ed241b81b82dd1f1db
Author: OpenStack Proposal Bot <openstack-infra@lists.openstack.org>
Date:   Fri Feb 9 07:09:42 2018 +0000

Imported Translations from Zanata
    
    For more information about this automatic import see:
    https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
    
    Change-Id: I1409c8eaca4fbe1170d2e998b35e7fdacf4b86b4

commit a3d2aaba6470645345b19d52f0dbbfd51a4d5cf4
Author: baiwenteng <baiwenteng@inspur.com>
Date:   Fri Feb 9 12:20:59 2018 +0800

Fix typos in swift
    
    Change-Id: I0982b0046a16fda0a39d9b31402b2e4b3160a5c4

commit 1f4ebbc9900c113fa4447dd51079cc2cb9aa3ceb
Author: Alistair Coles <alistairncoles@gmail.com>
Date:   Thu Feb 8 12:59:36 2018 +0000

kill orphans during probe test setup
    
    orphans processes sometimes cause probe test failures so
    get rid of them before each test.
    
    Change-Id: I4ba6748d30fbb28371f13aa95387c49bc8223402

commit c9410c7dd482cc1faefdfd9d9c83d225e7d28e8f
Author: Thiago da Silva <thiago@redhat.com>
Date:   Thu Feb 8 18:18:15 2018 -0500

Move eventlet patch before call to loadapp
    
    Ran into an eventlet bug[0] while integration Swift/Barbican
    in TripleO. It is very similar to a previous bug related
    to keystonemiddleware[1]. Suggestion from urllib3[2] is to
    patch eventlet "as early as possible". Traceback[3] shows that
    urllib3 is being imported before the eventlet patch, so moved
    the patch to before the loadapp call.
    
    [0] - http://paste.openstack.org/show/658046/
    [1] - https://bugs.launchpad.net/swift/+bug/1662473
    [2] - https://github.com/shazow/urllib3/issues/1104
    [3] - https://gist.github.com/thiagodasilva/12dad7dc4f940b046dd0863b6f82a78b
    
    Change-Id: I74e580f31349bdefd187cc5d6770a7041a936bef

commit 0a993437d1dd837be80a036b1525a3195c86a10d
Author: Tim Burke <tim.burke@gmail.com>
Date:   Thu Feb 8 10:56:28 2018 -0800

Update install-guide URLs to point to stable/queens
    
    Change-Id: I7b2dd19f18cbfac3bc3ea763cd3333e3fb68f1cd

commit 6b9098eead2e0de36dd5b9a5d6a136eedf58ed47
Author: OpenStack Proposal Bot <openstack-infra@lists.openstack.org>
Date:   Thu Feb 8 07:06:31 2018 +0000

Imported Translations from Zanata
    
    For more information about this automatic import see:
    https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
    
    Change-Id: Ib339f89f634a22ea874dcf858c43a14d1145ed77

commit bfe52a2e3562243b1b488e339a965642d846a30e
Author: Ondřej Nový <ondrej.novy@firma.seznam.cz>
Date:   Tue Feb 6 13:08:42 2018 +0100

Quarantine DB without *_stat row
    
    Closes-Bug: #1747689
    Change-Id: Ief6bd0ba6cf675edd8ba939a36fb9d90d3f4447f

commit 5b30c1f8115f2a85407b836be47d8376832b4f7b
Author: Tim Burke <tim.burke@gmail.com>
Date:   Wed Feb 7 05:50:12 2018 +0000

Fix flakey test_check_delete_headers_sets_delete_at
    
    It was rare (saw it once in 10k runs running locally), but it's
    ocassionally blown up in the gate [1]. With this, no fails locally even
    after 100k runs.
    
    [1] http://logs.openstack.org/11/538011/3/gate/swift-tox-py27/06c06f0/job-output.txt.gz#_2018-02-07_03_29_09_578389
    
    Change-Id: I7701d2db2ec82b48559c5b74a2e08c4403fd5dec
    Related-Change: Ia126ad6988f387bbd2d1f5ddff0a56d457a1fc9b