Zed Series Release Notes¶
2.30.1¶
Security Issues¶
Fixed a security issue in how
s3api
handles XML parsing that allowed authenticated S3 clients to read arbitrary files from proxy servers. Refer to CVE-2022-47950 for more information.
Bug Fixes¶
Fixed a path-rewriting bug introduced in Python 3.7.14, 3.8.14, 3.9.14, and 3.10.6 that could cause some
domain_remap
requests to be routed to the wrong object.
2.30.0¶
New Features¶
Sharding improvements
The
swift-manage-shard-ranges
tool has a new mode to repair gaps in the namespace.Metrics are now emitted for whether databases used for cleaving were created or already existed, allowing a better understanding of the reason for handoffs in the cluster.
Misplaced-record stats are now also emitted to statsd. Previously, these were only available in logs.
Logging improvements
The message template for proxy logging may now include a
{domain}
field for the client-providedHost
header.Added a
log_rsync_transfers
option to the object-replicator. Set it to false to disable logging rsync “send” lines; during large rebalances, such logging can overwhelm log aggregation while providing little useful information.
The formpost digest algorithm is now configurable via the new
allowed_digests
option, and support is added for both SHA-256 and SHA-512. Supported formpost digests are exposed to clients in/info
. Additionally, formpost signatures can now be base64 encoded.
Added metrics to the formpost and tempurl middlewares to monitor digest usage in signatures.
Improved compatibility with certain FIPS-mode-enabled systems.
Added a
ring_ip
option for various object services. This may be used to find own devices in the ring in a containerized environment where thebind_ip
may not appear in the ring at all.
Account and container replicators can now be configured with a
handoff_delete
option, similar to object replicators and reconstructors. See the sample config for more information.
Developers using Swift’s memcache client may now opt in to having a
MemcacheConnectionError
be raised when no connection succeeded using a newraise_on_error
keyword argument toget
/set
.
Device names are now included in new database IDs. This provides more context when examining incoming/outgoing sync tables or sharding CleaveContexts.
Deprecation Notes¶
SHA-1 signatures are now deprecated for the formpost and tempurl middlewares. At some point in the future, SHA-1 will no longer be enabled by default; eventually, support for it will be removed entirely.
Security Issues¶
Constant-time string comparisons are now used when checking S3 API signatures.
Fixed a socket leak when clients try to delete a non-SLO as though it were a Static Large Object.
Bug Fixes¶
Sharding improvements
Misplaced tombstone records are now properly cleaved.
Fixed a bug where the sharder could fail to find a device to use for cleaving.
Databases marked deleted are now processed by the sharder.
More information is now synced to the fresh database when sharding. Previously, a database could lose the fact that it had been marked as deleted.
Shard ranges with no rows to cleave could previously be left in the CREATED state after cleaving. Now, they are advanced to CLEAVED.
S3 API improvements
Fixed cross-policy object copies. Previously, copied data would always be written using the source container’s policy. Now, the destination container’s policy will be used, avoiding availability issues and unnecessary container-reconciler work.
More headers are now copied from multi-part upload markers to their completed objects, including
Content-Encoding
.When running with
s3_acl
disabled,bucket-owner-full-control
andbucket-owner-read
canned ACLs will be translated to the same Swift ACLs asprivate
.The S3 ACL and Delete Multiple APIs are now less case-sensitive.
Improved the error message when deleting a bucket that’s ever had versioning enabled and still has versions in it.
LastModified
timestamps in listings are now rounded up to whole seconds, like they are in responses from AWS.Proxy logging for Complete Multipart Upload requests is now more consistent when requests have been retried.
Logging improvements
Signal handling is more consistently logged at notice level. Previously, signal handling would sometimes be logged at info or error levels.
The object-replicator now logs successful rsync transfers at debug instead of info.
Transaction IDs are now only included in daemon log lines in a request/response context.
The tempurl middleware has been updated to return a 503 if storing a token in memcache fails. Third party authentication middlewares are encouraged to also use the new
raise_on_error
keyword argument when storing ephemeral tokens in memcache.
Database replication connections are now closed following an error or timeout. This prevents a traceback in some cases when the replicator tries to reuse the connection.
ENOENT
andENODATA
errors are better handled in the object replicator and auditor.
Improved object update throughput by shifting some shard range filtering from Python to SQL.
Include
Vary: Origin
header when CORS responses vary by origin.
The staticweb middleware now allows empty listings at the root of a container. Previously, this would result in a 404 response.
Ring builder output tables better display weights over 1000.
Various other minor bug fixes and improvements.
Other Notes¶
Pickle support has been removed from Swift’s memcache client. Support had been deprecated since Swift 1.7.0.