← Back to branch summary

~ubuntu-branches/ubuntu/saucy/nova/saucy-proposed

« back to all changes in this revision

Viewing changes to nova/image/s3.py

  • Committer: Package Import Robot
  • Author(s): Chuck Short
  • Date: 2012-05-24 13:12:53 UTC
  • mfrom: (1.1.55)
  • Revision ID: package-import@ubuntu.com-20120524131253-ommql08fg1en06ut
Tags: 2012.2~f1-0ubuntu1
https://launchpad.net/bugs/907197
* New upstream release.
* Prepare for quantal:
  - Dropped debian/patches/upstream/0006-Use-project_id-in-ec2.cloud._format_image.patch
  - Dropped debian/patches/upstream/0005-Populate-image-properties-with-project_id-again.patch
  - Dropped debian/patches/upstream/0004-Fixed-bug-962840-added-a-test-case.patch
  - Dropped debian/patches/upstream/0003-Allow-unprivileged-RADOS-users-to-access-rbd-volumes.patch
  - Dropped debian/patches/upstream/0002-Stop-libvirt-test-from-deleting-instances-dir.patch
  - Dropped debian/patches/upstream/0001-fix-bug-where-nova-ignores-glance-host-in-imageref.patch 
  - Dropped debian/patches/0001-fix-useexisting-deprecation-warnings.patch
* debian/control: Add python-keystone as a dependency. (LP: #907197)
* debian/patches/kombu_tests_timeout.patch: Refreshed.
* debian/nova.conf, debian/nova-common.postinst: Convert to new ini
  file configuration
* debian/patches/nova-manage_flagfile_location.patch: Refreshed

Show diffs side-by-side

added added

removed removed

Lines of Context:
nova/image/s3.py
24
24
import shutil
25
25
import tarfile
26
26
import tempfile
27
 
from xml.etree import ElementTree
28
27
 
29
28
import boto.s3.connection
30
29
import eventlet
 
30
from lxml import etree
31
31
 
32
 
from nova import rpc
 
32
from nova.api.ec2 import ec2utils
 
33
import nova.cert.rpcapi
33
34
from nova import exception
34
35
from nova import flags
35
36
from nova import image
36
37
from nova import log as logging
37
38
from nova.openstack.common import cfg
 
39
from nova import rpc
38
40
from nova import utils
39
 
from nova.api.ec2 import ec2utils
40
41
 
41
42
 
42
43
LOG = logging.getLogger(__name__)
68
69
    """Wraps an existing image service to support s3 based register."""
69
70
 
70
71
    def __init__(self, service=None, *args, **kwargs):
 
72
        self.cert_rpcapi = nova.cert.rpcapi.CertAPI()
71
73
        self.service = service or image.get_default_image_service()
72
74
        self.service.__init__(*args, **kwargs)
73
75
 
180
182
        return local_filename
181
183
 
182
184
    def _s3_parse_manifest(self, context, metadata, manifest):
183
 
        manifest = ElementTree.fromstring(manifest)
 
185
        manifest = etree.fromstring(manifest)
184
186
        image_format = 'ami'
185
187
        image_type = 'machine'
186
188
 
232
234
        properties = metadata['properties']
233
235
        properties['architecture'] = arch
234
236
 
235
 
        if FLAGS.auth_strategy == 'deprecated':
236
 
            properties['project_id'] = context.project_id
237
 
 
238
237
        def _translate_dependent_image_id(image_key, image_id):
239
238
            image_uuid = ec2utils.ec2_id_to_glance_id(context, image_id)
240
239
            properties[image_key] = image_uuid
369
368
 
370
369
        return image
371
370
 
372
 
    @staticmethod
373
 
    def _decrypt_image(context, encrypted_filename, encrypted_key,
 
371
    def _decrypt_image(self, context, encrypted_filename, encrypted_key,
374
372
                       encrypted_iv, decrypted_filename):
375
373
        elevated = context.elevated()
376
374
        try:
377
 
            key = rpc.call(elevated, FLAGS.cert_topic,
378
 
                           {"method": "decrypt_text",
379
 
                            "args": {"project_id": context.project_id,
380
 
                                     "text": base64.b64encode(encrypted_key)}})
 
375
            key = self.cert_rpcapi.decrypt_text(elevated,
 
376
                    project_id=context.project_id,
 
377
                    text=base64.b64encode(encrypted_key))
381
378
        except Exception, exc:
382
 
            raise exception.Error(_('Failed to decrypt private key: %s')
383
 
                                  % exc)
 
379
            msg = _('Failed to decrypt private key: %s') % exc
 
380
            raise exception.NovaException(msg)
384
381
        try:
385
 
            iv = rpc.call(elevated, FLAGS.cert_topic,
386
 
                          {"method": "decrypt_text",
387
 
                           "args": {"project_id": context.project_id,
388
 
                                    "text": base64.b64encode(encrypted_iv)}})
 
382
            iv = self.cert_rpcapi.decrypt_text(elevated,
 
383
                    project_id=context.project_id,
 
384
                    text=base64.b64encode(encrypted_iv))
389
385
        except Exception, exc:
390
 
            raise exception.Error(_('Failed to decrypt initialization '
 
386
            raise exception.NovaException(_('Failed to decrypt initialization '
391
387
                                    'vector: %s') % exc)
392
388
 
393
389
        try:
398
394
                          '-iv', '%s' % (iv,),
399
395
                          '-out', '%s' % (decrypted_filename,))
400
396
        except exception.ProcessExecutionError, exc:
401
 
            raise exception.Error(_('Failed to decrypt image file '
 
397
            raise exception.NovaException(_('Failed to decrypt image file '
402
398
                                    '%(image_file)s: %(err)s') %
403
399
                                    {'image_file': encrypted_filename,
404
400
                                     'err': exc.stdout})
410
406
        for n in tar_file.getnames():
411
407
            if not os.path.abspath(os.path.join(path, n)).startswith(path):
412
408
                tar_file.close()
413
 
                raise exception.Error(_('Unsafe filenames in image'))
 
409
                raise exception.NovaException(_('Unsafe filenames in image'))
414
410
        tar_file.close()
415
411
 
416
412
    @staticmethod