Description of problem: After the fix for CVE-2013-6396 in bug 1031653, "swift list foo" started tracebacking with EBADF. Version-Release number of selected component (if applicable): python-swiftclient-1.8.0-1.fc20 How reproducible: Appears always Steps to Reproduce: 1. Find an OpenStack cloud with Object storage, set up OS_AUTHURL etc. 2. swift post foo 3. swift list foo ---> tracebacks in the end Actual results: Traceback (see below) Expected results: Working Additional info: [zaitcev@guren python-swiftclient-fetch]$ swift (redacted) --insecure list container public testcont Traceback (most recent call last): File "/usr/bin/swift", line 1445, in <module> globals()['st_%s' % args[0]](parser, argv[1:], thread_manager) File "/usr/bin/swift", line 541, in st_list conn.get_account(marker=marker, prefix=options.prefix)[1] File "/usr/lib/python2.7/site-packages/swiftclient/client.py", line 1154, in get_account full_listing=full_listing) File "/usr/lib/python2.7/site-packages/swiftclient/client.py", line 1108, in _retry rv = func(self.url, self.token, *args, **kwargs) File "/usr/lib/python2.7/site-packages/swiftclient/client.py", line 376, in get_account conn.request(method, full_path, '', headers) File "/usr/lib/python2.7/site-packages/swiftclient/client.py", line 165, in request_escaped func(method, url, body=body, headers=headers or {}) File "/usr/lib64/python2.7/httplib.py", line 973, in request self._send_request(method, url, body, headers) File "/usr/lib64/python2.7/httplib.py", line 1007, in _send_request self.endheaders(body) File "/usr/lib64/python2.7/httplib.py", line 969, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 829, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 805, in send self.sock.sendall(data) OpenSSL.SSL.SysCallError: (9, 'Bad file descriptor') [zaitcev@guren python-swiftclient-fetch]$ I fixed it up temporarily in Rawhide's python-swiftclient-1.8.0-2.fc21, using the upstream review https://review.openstack.org/33473 . We used its itermediate iteration to fix the CVE, and I picked fixes made since our release. Note that review 33473 is abandoned in favour of review https://review.openstack.org/69187 , which is merged now. However, that one had its own issues cropped up. They are being resolved, but I'm not 100% confident. It may be better to make my fix-ups official for now. I'll leave the determination to Jakub. Strategically it's probably better to follow upstream.
I have verified that python-swiftclient 2.0.2 includes fixes for the following 3 issues encountered since the move to python-requests: - Glance failing due to object length not set correctly - Plumbing for --insecure not complete for auth v1 - Objects read into memory on upload There aren't any known issues with 2.0.2 (using Requests), except that we know that Requests blows 100-continue and thus wastes cycles transferring object bodies in case of an error on PUT.
After a discussion with Pete, we decided to update to latest upstream 2.0.2 which includes switch to python-requests which is already used by other client libraries. Changes introduced after 1.8.0 seem less significant then introduction of backward incompatible --insecure in 1.8.0 update.
I pushed rebased 2.0.2 to RDO Havana.
python-swiftclient-2.0.2-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/python-swiftclient-2.0.2-1.fc20
Package python-swiftclient-2.0.2-1.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing python-swiftclient-2.0.2-1.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-3054/python-swiftclient-2.0.2-1.fc20 then log in and leave karma (feedback).
python-swiftclient-2.0.2-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.