alistairncoles/patch.diff Secret

## patch.diff
diff --git a/swift/common/middleware/decrypter.py b/swift/common/middleware/decrypter.py
index c0cb6f0..39bdd94 100644
--- a/swift/common/middleware/decrypter.py
+++ b/swift/common/middleware/decrypter.py
@@ -272,7 +272,7 @@ class DecrypterObjContext(BaseDecrypterContext):
             for chunk in resp:
                 yield decrypt_ctxt.update(chunk)

-    def GET(self, req, start_response):
+    def handle_get(self, req, start_response):
         app_resp = self._app_call(req.environ)

         keys = self.process_resp(req)
@@ -326,7 +326,7 @@ class DecrypterObjContext(BaseDecrypterContext):

         return resp_iter

-    def HEAD(self, req, start_response):
+    def handle_head(self, req, start_response):
         app_resp = self._app_call(req.environ)

         keys = self.process_resp(req)
@@ -349,7 +349,7 @@ class DecrypterContContext(BaseDecrypterContext):
         super(DecrypterContContext, self).__init__(
             decrypter, 'container', logger)

-    def GET(self, req, start_response):
+    def handle_get(self, req, start_response):
         app_resp = self._app_call(req.environ)

         if is_success(self._get_status_int()):
@@ -433,21 +433,20 @@ class Decrypter(object):
         except ValueError:
             return self.app(env, start_response)

-        if parts[3] and hasattr(DecrypterObjContext, req.method):
-            dec_context = DecrypterObjContext(self, self.logger)
-        elif parts[2] and hasattr(DecrypterContContext, req.method):
-            dec_context = DecrypterContContext(self, self.logger)
+        if parts[3] and req.method == 'GET':
+            handler = DecrypterObjContext(self, self.logger).handle_get
+        elif parts[3] and req.method == 'HEAD':
+            handler = DecrypterObjContext(self, self.logger).handle_head
+        elif parts[2] and req.method == 'GET':
+            handler = DecrypterContContext(self, self.logger).handle_get
         else:
             # url and/or request verb is not handled by decrypter
-            dec_context = None
-
-        if dec_context:
-            try:
-                return getattr(dec_context, req.method)(req, start_response)
-            except HTTPException as err_resp:
-                return err_resp(env, start_response)
+            return self.app(env, start_response)

-        return self.app(env, start_response)
+        try:
+            return handler(req, start_response)
+        except HTTPException as err_resp:
+            return err_resp(env, start_response)


 def filter_factory(global_conf, **local_conf):
diff --git a/swift/common/middleware/encrypter.py b/swift/common/middleware/encrypter.py
index e486205..59e7fc1 100644
--- a/swift/common/middleware/encrypter.py
+++ b/swift/common/middleware/encrypter.py
@@ -211,7 +211,7 @@ class EncrypterObjContext(CryptoWSGIContext):
                 short_name = strip_user_meta_prefix(self.server_type, name)
                 req.headers[prefix + short_name] = dump_crypto_meta(meta)

-    def PUT(self, req, start_response):
+    def handle_put(self, req, start_response):
         self._check_headers(req)
         keys = self.get_keys(req.environ, required=['object', 'container'])
         self.encrypt_user_metadata(req, keys)
@@ -234,7 +234,7 @@ class EncrypterObjContext(CryptoWSGIContext):
                        self._response_exc_info)
         return resp

-    def POST(self, req, start_response):
+    def handle_post(self, req, start_response):
         """
         Encrypt the new object headers with a new iv and the current crypto.
         Note that an object may have encrypted headers while the body may
@@ -282,12 +282,6 @@ class EncrypterObjContext(CryptoWSGIContext):
                                self._response_exc_info)
         return resp

-    def HEAD(self, req, start_response):
-        return self.handle_get_or_head(req, start_response)
-
-    def GET(self, req, start_response):
-        return self.handle_get_or_head(req, start_response)
-

 class Encrypter(object):

@@ -313,16 +307,20 @@ class Encrypter(object):
         except ValueError:
             return self.app(env, start_response)

-        if hasattr(EncrypterObjContext, req.method):
-            # handle only those request methods that may require keys
-            enc_context = EncrypterObjContext(self, self.logger)
-            try:
-                return getattr(enc_context, req.method)(req, start_response)
-            except HTTPException as err_resp:
-                return err_resp(env, start_response)
+        if req.method in ('GET', 'HEAD'):
+            handler = EncrypterObjContext(self, self.logger).handle_get_or_head
+        elif req.method == 'PUT':
+            handler = EncrypterObjContext(self, self.logger).handle_put
+        elif req.method == 'POST':
+            handler = EncrypterObjContext(self, self.logger).handle_post
+        else:
+            # anything else
+            return self.app(env, start_response)

-        # anything else
-        return self.app(env, start_response)
+        try:
+            return handler(req, start_response)
+        except HTTPException as err_resp:
+            return err_resp(env, start_response)


 def filter_factory(global_conf, **local_conf):
diff --git a/swift/common/middleware/keymaster.py b/swift/common/middleware/keymaster.py
index eec2dce..91f041f 100644
--- a/swift/common/middleware/keymaster.py
+++ b/swift/common/middleware/keymaster.py
@@ -88,25 +88,13 @@ class KeyMasterContext(WSGIContext):

         return self._keys

-    def _handle_request(self, req, start_response):
+    def handle_request(self, req, start_response):
         req.environ[CRYPTO_KEY_CALLBACK] = self.fetch_crypto_keys
         resp = self._app_call(req.environ)
         start_response(self._response_status, self._response_headers,
                        self._response_exc_info)
         return resp

-    def PUT(self, req, start_response):
-        return self._handle_request(req, start_response)
-
-    def POST(self, req, start_response):
-        return self._handle_request(req, start_response)
-
-    def GET(self, req, start_response):
-        return self._handle_request(req, start_response)
-
-    def HEAD(self, req, start_response):
-        return self._handle_request(req, start_response)
-

 class KeyMaster(object):

@@ -130,11 +118,11 @@ class KeyMaster(object):
         except ValueError:
             return self.app(env, start_response)

-        if hasattr(KeyMasterContext, req.method):
+        if req.method in ('PUT', 'POST', 'GET', 'HEAD'):
             # handle only those request methods that may require keys
             km_context = KeyMasterContext(self, *parts[1:])
             try:
-                return getattr(km_context, req.method)(req, start_response)
+                return km_context.handle_request(req, start_response)
             except HTTPException as err_resp:
                 return err_resp(env, start_response)
	diff --git a/swift/common/middleware/decrypter.py b/swift/common/middleware/decrypter.py
	index c0cb6f0..39bdd94 100644
	--- a/swift/common/middleware/decrypter.py
	+++ b/swift/common/middleware/decrypter.py
	@@ -272,7 +272,7 @@ class DecrypterObjContext(BaseDecrypterContext):
	for chunk in resp:
	yield decrypt_ctxt.update(chunk)

	- def GET(self, req, start_response):
	+ def handle_get(self, req, start_response):
	app_resp = self._app_call(req.environ)

	keys = self.process_resp(req)
	@@ -326,7 +326,7 @@ class DecrypterObjContext(BaseDecrypterContext):

	return resp_iter

	- def HEAD(self, req, start_response):
	+ def handle_head(self, req, start_response):
	app_resp = self._app_call(req.environ)

	keys = self.process_resp(req)
	@@ -349,7 +349,7 @@ class DecrypterContContext(BaseDecrypterContext):
	super(DecrypterContContext, self).__init__(
	decrypter, 'container', logger)

	- def GET(self, req, start_response):
	+ def handle_get(self, req, start_response):
	app_resp = self._app_call(req.environ)

	if is_success(self._get_status_int()):
	@@ -433,21 +433,20 @@ class Decrypter(object):
	except ValueError:
	return self.app(env, start_response)

	- if parts[3] and hasattr(DecrypterObjContext, req.method):
	- dec_context = DecrypterObjContext(self, self.logger)
	- elif parts[2] and hasattr(DecrypterContContext, req.method):
	- dec_context = DecrypterContContext(self, self.logger)
	+ if parts[3] and req.method == 'GET':
	+ handler = DecrypterObjContext(self, self.logger).handle_get
	+ elif parts[3] and req.method == 'HEAD':
	+ handler = DecrypterObjContext(self, self.logger).handle_head
	+ elif parts[2] and req.method == 'GET':
	+ handler = DecrypterContContext(self, self.logger).handle_get
	else:
	# url and/or request verb is not handled by decrypter
	- dec_context = None
	-
	- if dec_context:
	- try:
	- return getattr(dec_context, req.method)(req, start_response)
	- except HTTPException as err_resp:
	- return err_resp(env, start_response)
	+ return self.app(env, start_response)

	- return self.app(env, start_response)
	+ try:
	+ return handler(req, start_response)
	+ except HTTPException as err_resp:
	+ return err_resp(env, start_response)


	def filter_factory(global_conf, **local_conf):
	diff --git a/swift/common/middleware/encrypter.py b/swift/common/middleware/encrypter.py
	index e486205..59e7fc1 100644
	--- a/swift/common/middleware/encrypter.py
	+++ b/swift/common/middleware/encrypter.py
	@@ -211,7 +211,7 @@ class EncrypterObjContext(CryptoWSGIContext):
	short_name = strip_user_meta_prefix(self.server_type, name)
	req.headers[prefix + short_name] = dump_crypto_meta(meta)

	- def PUT(self, req, start_response):
	+ def handle_put(self, req, start_response):
	self._check_headers(req)
	keys = self.get_keys(req.environ, required=['object', 'container'])
	self.encrypt_user_metadata(req, keys)
	@@ -234,7 +234,7 @@ class EncrypterObjContext(CryptoWSGIContext):
	self._response_exc_info)
	return resp

	- def POST(self, req, start_response):
	+ def handle_post(self, req, start_response):
	"""
	Encrypt the new object headers with a new iv and the current crypto.
	Note that an object may have encrypted headers while the body may
	@@ -282,12 +282,6 @@ class EncrypterObjContext(CryptoWSGIContext):
	self._response_exc_info)
	return resp

	- def HEAD(self, req, start_response):
	- return self.handle_get_or_head(req, start_response)
	-
	- def GET(self, req, start_response):
	- return self.handle_get_or_head(req, start_response)
	-

	class Encrypter(object):

	@@ -313,16 +307,20 @@ class Encrypter(object):
	except ValueError:
	return self.app(env, start_response)

	- if hasattr(EncrypterObjContext, req.method):
	- # handle only those request methods that may require keys
	- enc_context = EncrypterObjContext(self, self.logger)
	- try:
	- return getattr(enc_context, req.method)(req, start_response)
	- except HTTPException as err_resp:
	- return err_resp(env, start_response)
	+ if req.method in ('GET', 'HEAD'):
	+ handler = EncrypterObjContext(self, self.logger).handle_get_or_head
	+ elif req.method == 'PUT':
	+ handler = EncrypterObjContext(self, self.logger).handle_put
	+ elif req.method == 'POST':
	+ handler = EncrypterObjContext(self, self.logger).handle_post
	+ else:
	+ # anything else
	+ return self.app(env, start_response)

	- # anything else
	- return self.app(env, start_response)
	+ try:
	+ return handler(req, start_response)
	+ except HTTPException as err_resp:
	+ return err_resp(env, start_response)


	def filter_factory(global_conf, **local_conf):
	diff --git a/swift/common/middleware/keymaster.py b/swift/common/middleware/keymaster.py
	index eec2dce..91f041f 100644
	--- a/swift/common/middleware/keymaster.py
	+++ b/swift/common/middleware/keymaster.py
	@@ -88,25 +88,13 @@ class KeyMasterContext(WSGIContext):

	return self._keys

	- def _handle_request(self, req, start_response):
	+ def handle_request(self, req, start_response):
	req.environ[CRYPTO_KEY_CALLBACK] = self.fetch_crypto_keys
	resp = self._app_call(req.environ)
	start_response(self._response_status, self._response_headers,
	self._response_exc_info)
	return resp

	- def PUT(self, req, start_response):
	- return self._handle_request(req, start_response)
	-
	- def POST(self, req, start_response):
	- return self._handle_request(req, start_response)
	-
	- def GET(self, req, start_response):
	- return self._handle_request(req, start_response)
	-
	- def HEAD(self, req, start_response):
	- return self._handle_request(req, start_response)
	-

	class KeyMaster(object):

	@@ -130,11 +118,11 @@ class KeyMaster(object):
	except ValueError:
	return self.app(env, start_response)

	- if hasattr(KeyMasterContext, req.method):
	+ if req.method in ('PUT', 'POST', 'GET', 'HEAD'):
	# handle only those request methods that may require keys
	km_context = KeyMasterContext(self, *parts[1:])
	try:
	- return getattr(km_context, req.method)(req, start_response)
	+ return km_context.handle_request(req, start_response)
	except HTTPException as err_resp:
	return err_resp(env, start_response)