Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.1
openstack-keystone
openstack-keystone.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openstack-keystone.changes of Package openstack-keystone
------------------------------------------------------------------- Thu Oct 17 14:38:37 UTC 2013 - dmueller@suse.com - Update to 2013.2 ------------------------------------------------------------------- Tue Oct 15 08:50:23 UTC 2013 - speilicke@suse.com - Update to version 2013.2.rc2: + No changes ------------------------------------------------------------------ Tue Oct 8 12:15:24 UTC 2013 - dmueller@suse.com - run db_sync before starting keystone server ------------------------------------------------------------------- Wed Oct 2 19:09:27 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.rc1: + Update tox config + Add tests dir to the coverage omit list + Imports oslo policy to fix test issues ------------------------------------------------------------------- Wed Oct 2 00:09:23 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a100.g1d91334: + Sync with global requirements + Enclose command args in with_venv.sh + Imported Translations from Transifex + Fixes errors logging in as a user with no password ------------------------------------------------------------------- Tue Oct 1 00:19:02 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a92.gec4680a: + sync oslo policy + Validate token calls return 404 on invalid tokens + Eliminate type error on search_s + Fix live LDAP tests + Sync gettextutils from oslo ------------------------------------------------------------------- Mon Sep 30 16:49:43 UTC 2013 - dmueller@suse.com - add missing endpoints to catalog ------------------------------------------------------------------- Sun Sep 29 00:56:54 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a82.ge979323: + Fix error when create user with LDAP backend + Protect oauth controller calls and update policy.json ------------------------------------------------------------------- Fri Sep 27 16:23:19 UTC 2013 - dmueller@suse.com - switch to crudini ------------------------------------------------------------------- Thu Sep 26 10:00:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a79.g2f75699: + upgrade to oslo.config 1.2 final + Modify oauth1 tests to use generated keystone token in a call + Optional dependency injection + oauth using optional dependencies + only run flake8 once (bug 1223023) + Update man pages + Fix updating attributes with ldap backend + Test for backend case sensitivity + Update man page version ------------------------------------------------------------------- Tue Sep 24 23:59:15 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a61.g3130076: + Check token_format for default token providers only. + Sync gettextutils from oslo + Ensure any relevant tokens are revoked when a role is deleted + Add user to project if project ID is changed ------------------------------------------------------------------- Mon Sep 23 23:36:37 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a54.g66d7c2c: + Cleanup of tenantId, tenant_id, and default_project_id + Remove ldap identity domain attribute options ------------------------------------------------------------------- Sat Sep 21 00:15:46 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a50.gbdac547: + Rewrite README.rst + Ensure v2 tokens are correctly invalidated when using BelongsTo + Monkey patch select in environment + check for domain existence before doing any ID work + Add extra test coverage for unscoped token invalidation ------------------------------------------------------------------- Wed Sep 18 23:36:42 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a41.g5a5023b: + Include new notification options in sample config ------------------------------------------------------------------- Wed Sep 18 10:16:32 UTC 2013 - dmueller@suse.com - add 0001-Make-ROOTDIR-determination-more-robust.patch ------------------------------------------------------------------- Tue Sep 17 23:59:24 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a39.gd3460c3: + Rationalize list_user_projects and get_projects_for_user + Fix misused assertTrue in unit tests ------------------------------------------------------------------- Tue Sep 17 00:05:45 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a36.g54b8ec5: + Ignore H803 from Hacking. + fix rst syntax in database schema migrations docs ------------------------------------------------------------------- Sun Sep 15 00:05:37 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a32.gd7eff43: + Move gettextutils installation in tests to core ------------------------------------------------------------------- Fri Sep 13 23:55:11 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a30.g3651879: + Test upgrade migration 16->17 + gate on H304: no relative imports ------------------------------------------------------------------- Thu Sep 12 23:35:16 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a26.g607b115: + test token revocation list API (bug 1202952) + Remove CA key password from cert setup + Cleanup tests imports so not relative + Fixes for user response with LDAP user_enabled_mask ------------------------------------------------------------------- Wed Sep 11 23:58:00 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a18.g1b97529: + Reduce churn of cache on revocation_list + Imported Translations from Transifex ------------------------------------------------------------------- Wed Sep 11 00:15:03 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a15.g33c8025: + Import core.* in keystone.tests + Tests use "from keystone import tests" ------------------------------------------------------------------- Tue Sep 10 00:12:35 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a12.g8dc7ed2: + Close each LDAP connection after it is used, + domain-specific drivers experimental in havana + Fix incorrect test for list_users ------------------------------------------------------------------- Mon Sep 9 12:22:00 UTC 2013 - dmueller@suse.com - update openstack-keystone.init: Set HOME dir correctly for openssl random state preservation ------------------------------------------------------------------- Sat Sep 7 07:46:43 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a7.gdac281a: + Changed header from LLC to Foundation based on trademark policies ------------------------------------------------------------------- Fri Sep 6 00:02:39 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a490.g8d2f53c: + Move _generate_paste_config to tests.core + OAuth authorizing user should propose roles to delegate + Imported Translations from Transifex + Support timezone in memcached token backend + Changes template header for translation catalogs ------------------------------------------------------------------- Thu Sep 5 15:07:05 UTC 2013 - speilicke@suse.com - Fix RUNDIR in init-script ------------------------------------------------------------------- Thu Sep 5 00:21:16 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a481.gd286187: + Modify default file/directory permissions + Utilities to create directores, set ownership & permissions + Update keystone-all man page + Add a oauth1-configuration.rst and extension section to docs + Update keystone wsgi httpd script for oslo logging + Fix the code miss to show the correct error messages ------------------------------------------------------------------- Tue Sep 3 23:39:02 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a469.g36b5df5: + Cleanup cache layer tests + Implement basic caching around assignment CRUD + add 'project' notifications to docs ------------------------------------------------------------------- Mon Sep 2 08:21:36 UTC 2013 - dmueller@suse.com - Update to version 2013.2.a464.g372a062: + Fixes a link in the documentation + Create associations between projects and endpoints + Keystone Caching Layer for Manager Calls + Add defense in ldap:get_roles_for_user_and_project + filter in ldap list_groups_for_user + Implement API protection on target entities + Fix error where consumer is not deleted from sql + Implement Caching for Token Revocation List + Refactor Token Provider to be aware of expired tokens. + Add notifications module + Remove enumerate calls + Drop support for diablo to essex migrations + Use correct filename for index & serial file when setting permissions + Removes KVS references from the documentation + Implement decorator-based notifications for users + Add Memory Isolating Cache Proxy + Add project CRUD to assignment_api Manager + Enable SQL tests for oauth + Add 'cn' to attribute_list for enabled_users/tenants query + Fix role lookup for Active Directory + Bump hacking to 0.7 + Remove kvs backend from oauth1 extension + Add common code from Oslo for work with database + Use common db model class from Oslo + Imported Translations from Transifex + Implement caching for Tokens and Token Validation + Document usage notifications + Use joins instead of multiple lookups in groups sql + Use testtools as base test class. ------------------------------------------------------------------- Mon Aug 26 23:56:06 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a410.g7eed453: + Remove a useless arg in range() + Fix translate static messages in response + Use system locale when Accept-Language header is not provided ------------------------------------------------------------------- Mon Aug 26 08:56:18 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a404.g15a3bde: + Clean up keystone-manage man page ------------------------------------------------------------------- Sun Aug 25 23:59:23 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a402.g361185c: + remove flake8 option from run_tests.sh ------------------------------------------------------------------- Sun Aug 25 00:00:44 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a401.gda26317: + Delete file TODO + change oauth.consumer description into nullable ------------------------------------------------------------------- Sat Aug 24 00:06:10 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a397.g4dbda64: + Ensure username passed by REMOTE_USER can contain '@' + fix the default values for token and password auth + Migrating ec2 credentials to credential. + remove unused function + add foreign key constraint on oauth tables ------------------------------------------------------------------- Fri Aug 23 00:01:08 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a388.gfebab09: + use provider to validate tokens ------------------------------------------------------------------- Thu Aug 22 00:00:59 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a386.gb6f6b57: + Remove User Check from Assignments + Remove an enumerate call + Assignment to reserved built-in symbol: filter + Fix isEnabledFor for compatibility with logging ------------------------------------------------------------------- Wed Aug 21 00:08:51 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a378.g7bc167d: + Refactor Token Providers for better version interfaces + Remove kwargs from manager calls / general cleanup + remove refs to keystone.common.logging + Store hash of access as primary key for ec2 type. + Add test test_deleting_project_delete_grants + Ignore flake issues in build/ directory + Move some logic from update() to BaseLdap + Move affirm_unique() in create() to BaseLdap + Assignment to reserved built-in symbol: dir + Remove Keystone specific logging module ------------------------------------------------------------------- Mon Aug 19 09:37:28 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a358.g9c92d27: + Add support for API message localization ------------------------------------------------------------------- Sat Aug 17 23:59:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a356.g14cba15: + Add delegated_auth support for keystone ------------------------------------------------------------------- Fri Aug 16 23:58:17 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a354.g781c65b: + update usage in run_test.sh for flake8 + Increase length of username in DB + Remove unused import + Set wsgi startup log level to INFO + Add unit test to check non-string password support + Cleaned up a few old crufties from README + Clean hacking errors in advance of hacking update + Implement domain specific Identity backends + More validation in test_user_enable_attribute_mask + Fix LDAP Identity with non-zero user_enabled_default + Fix LDAP Identity get user with user_enabled_mask ------------------------------------------------------------------- Thu Aug 15 23:37:15 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a336.gb0b32d0: + Skip test_create_unicode_user_name in _ldap_livetest + Do not skip test_user_enable_attribute_mask in _ldap_livetest + Fix test_user_enable_attribute_mask so it actually tests + Revoke user tokens when disabling/delete a project + Refactor Keystone to use unified logging from Oslo + Cleaned up pluggable auth docs ------------------------------------------------------------------- Wed Aug 14 07:46:47 UTC 2013 - speilicke@suse.com - Update to version 2013.2.a327.g14e0901: + Drop extra credential indexes + Make pki_setup work with OpenSSL 0.9.x + Add memcache to httpd doc. + Move Babel dependency from test-req to req + Initial implementation of unified-logging + Sync notifier module from Oslo + Move 'tests' directory into 'keystone' package - No need to require shadow-utils anymore, even SLE_11_SP3 has pwdutils - Drop 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch: Merged upstream - Fix spec file typo (dependency token) ------------------------------------------------------------------- Tue Aug 13 07:57:51 UTC 2013 - berendt@b1-systems.de - added missing requirement python-Babel - added missing requirement python-netaddr ------------------------------------------------------------------- Mon Aug 12 23:46:51 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a315.g708ccf0: + Sync models with migrations ------------------------------------------------------------------- Mon Aug 12 09:18:18 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a313.g4829de4: + Configurable max password length (bug 1175906) + Sync unified logging solution from Oslo + Abstract out attribute_mapping filling in LDAP driver. + Create default role on demand + Abstract out attribute_ignore assigning in LDAP driver + Run test_mask_password once ------------------------------------------------------------------- Thu Aug 8 23:42:15 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a303.ga4243e1: + Fix select n+1 issue in keystone catalog ------------------------------------------------------------------- Thu Aug 8 20:07:59 UTC 2013 - dmueller@suse.com - switch to python-setuptools - remove python-d2to1 ------------------------------------------------------------------- Wed Aug 7 23:59:53 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a301.gc547eb4: + extension migrations ------------------------------------------------------------------- Wed Aug 7 00:07:48 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a299.gdb9535c: + Handle json data when migrating role metadata. + Raise max header size to accommodate large tokens. + remove swift dependency of s3 middleware -------------------------------------------------------------------- Fri Aug 2 23:59:55 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a293.ged1f967: + Clear out the dependency registry between tests + Handle circular dependencies + Use dependency injection for assignment and identity + use 'exc_info=True' instead of import traceback + .gitignore eggs + add OS-TRUST to links + Sync DB models and migrations in keystone.assignment.backends.sql + Update references with new Mailing List location + V3 API need to check mandatory field when creating resources + Clean up use of token_provider manager in tests + Remove kwargs from manager calls where not needed. + Imported Translations from Transifex + Fix typo: Tenents -> Tenants + Use oslo.sphinx and remove local copy of doc theme -------------------------------------------------------------------- Thu Aug 1 23:38:01 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a265.g0368950: + Use keystone.wsgi.Request for RequestClass + Remove passwords from LDAP queries -------------------------------------------------------------------- Thu Aug 1 00:03:58 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a261.gf1ac78c: + Ec2 credentials table not created during testing + Load backends before deploy app in client tests -------------------------------------------------------------------- Wed Jul 31 00:04:20 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a257.g5958691: + sql.Driver:authenticate() signatures should match -------------------------------------------------------------------- Tue Jul 30 14:47:43 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a255.gc21b458: + default token format/provider handling -------------------------------------------------------------------- Mon Jul 29 23:50:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a253.g10fde8e: + Clear cached engine when global engine changes + Implement exception module i18n support -------------------------------------------------------------------- Fri Jul 26 23:52:02 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a249.g97a5b49: + Remove vestiges of Assignments from LDAP Identity Backend + Scipped tests don't render as ERROR's -------------------------------------------------------------------- Thu Jul 25 00:03:10 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a246.g0a40152: + Fixing broken credential schema in sqlite. -------------------------------------------------------------------- Tue Jul 23 23:55:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a245.gc6b7dd8: + Deprecate kvs token backend + Load app before loading legacy client in tests. + Use assignment_api rather than assignment -------------------------------------------------------------------- Mon Jul 22 00:22:50 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a240.g7fde605: + Regenerate example PKI after change of defaults + Return correct link for effective group roles in GET /role_assignments + Deprecation warning for [signing] token_format + Add [assignment].driver to sample config + Remove an enumerate call + Correct Spelling Mistake -------------------------------------------------------------------- Thu Jul 18 23:48:41 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a228.g53ed50d: + Support token_format for backward compatibility + python3: Introduce py33 to tox.ini -------------------------------------------------------------------- Wed Jul 17 23:49:24 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a225.gc42533f: + grammar fixes in error messages + update requires to prevent version cap -------------------------------------------------------------------- Wed Jul 17 10:13:43 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a221.g2667c77: + Change domain component value to org from com + wsgi.BaseApplication and wsgi.Router factories should use **kwargs + Python 3.x compatible use of print + Add unittest for keystone.identity.backends.sql Models + Don't use deprecated BaseException.message + Implements Pluggable V2 Token Provider + Implement role assignment inheritance (OS-INHERIT extension) + Pluggable Remote User + Fix XML rendering with empty auth payload. + Implemented token creation without catalog response. + Implement Token Binding. ------------------------------------------------------------------- Mon Jul 15 23:34:54 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a202.gdec66cd: + Implements Pluggable V3 Token Provider ------------------------------------------------------------------- Sun Jul 14 23:51:17 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a200.gdf63b9c: + Add version so that pre-release versioning works ------------------------------------------------------------------- Sat Jul 13 23:52:58 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.198.g95a27a8: + Register Extensions + Sync-up crypto from oslo-incubator ------------------------------------------------------------------- Fri Jul 12 23:53:00 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.194.g85a5022: + Add crypto dependency + Sync install_venv_common from oslo + Pass on arguments on Base.get_session + Imported Translations from Transifex + Mixed LDAP/SQL Backend. ------------------------------------------------------------------- Thu Jul 11 23:55:05 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.184.g41ca51c: + Remove a useless arg in range() + Rationalize how we get roles after authentication in the controllers + Do not create LDAP Domains sub tree + Remove context from get_token call in normalize_domain_id + Use InnoDB for MySQL + Move temporary test files into tests/tmp ------------------------------------------------------------------- Tue Jul 9 23:55:53 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.172.gfafdf07: + assignment backend ------------------------------------------------------------------- Tue Jul 9 16:44:01 UTC 2013 - dmueller@suse.com - add 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch ------------------------------------------------------------------- Tue Jul 9 10:08:09 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.171.gb556d8a: + Work without admin_token_auth middleware + Move comments in front of dependencies ------------------------------------------------------------------- Mon Jul 8 23:56:23 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.167.g699b483: + Implement GET /role_assignment API call + DB2 migration support + Remove an enumerate call + Fix issue with v3 tokens and group membership roles + Imported Translations from Transifex + Add callbacks for set_global_engine ------------------------------------------------------------------- Sat Jul 6 23:52:19 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.155.g6450f75: + Update paths to pem files in keystone.conf.sample ------------------------------------------------------------------- Fri Jul 5 23:51:16 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.153.g5746f5b: + rename quantum to neutron in docs ------------------------------------------------------------------- Thu Jul 4 08:12:47 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.151.gbb6ebd4: + Fix up some trivial license mismatches ------------------------------------------------------------------- Wed Jul 3 23:57:13 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.149.g62d948a: + Use event.listen() instead of deprecated listeners kwarg ------------------------------------------------------------------- Wed Jul 3 14:01:15 UTC 2013 - naehring@b1-systems.de - adding keystone-paste.ini - the paste configuration has been moved to keystone-paste.ini ------------------------------------------------------------------- Wed Jul 3 08:48:01 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.147.g214df21: + Remove hard tabs and trailing whitespace + Install locales for httpd. ------------------------------------------------------------------- Tue Jul 2 23:58:33 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.143.gda9dc14: + `tox -ecover` failure. Missing entry in tox.ini ------------------------------------------------------------------- Mon Jul 1 23:44:39 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.141.g59ea706: + Add 'application' to keystone.py for WSGI -------------------------------------------------------------------- Fri Jun 28 23:43:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.140.g6362fb7: + Stop passing context to managers (bug 1194938) + check for constraint before dropping + Clean up keystone-all.rst + Manager instead of direct driver -------------------------------------------------------------------- Thu Jun 27 23:42:04 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.133.g6c6d15c: + Revert environment module usage in middleware. + Do not raise NEW exceptions -------------------------------------------------------------------- Wed Jun 26 23:41:10 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.129.g600c38b: + LDAP list group users not fail if user entry deleted -------------------------------------------------------------------- Tue Jun 25 23:41:03 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.128.g31863d1: + Remove explicit distribute depend. -------------------------------------------------------------------- Mon Jun 24 23:40:52 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.126.g95cf470: + Version response compatible with Folsom -------------------------------------------------------------------- Sun Jun 23 23:40:53 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.124.gf1cfbd7: + python WebOb dependency made unpinned. + Initialize logging from HTTPD. + wsgi.Middleware factory should use **kwargs + Consolidate admin_or_owner rule -------------------------------------------------------------------- Sat Jun 22 23:40:47 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.116.g97225ff: + Fix link typo in Sphinx doc + Base.get_engine honor allow_global_engine=False -------------------------------------------------------------------- Fri Jun 21 23:40:38 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.112.gb9e46fb: + Move identity ldap backend from directory to file -------------------------------------------------------------------- Thu Jun 20 23:40:44 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.111.g7ccfac7: + Removing LDAP API Shim -------------------------------------------------------------------- Thu Jun 20 00:02:42 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.110.g7cd0bb0: + Isolate eventlet code into environment. + Set default 'ou' name for LDAP projects to Projects -------------------------------------------------------------------- Tue Jun 18 23:42:35 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.106.ge0834da: + LDAP get_project_users should not return password + Remove how to contribute section in favor of CONTRIBUTING.rst + Imported Translations from Transifex + Http 400 when project enabled is not a boolean + Remove a stat warning log + Correct the resolving api logic in stat middleware + Move user fileds type check to identity.Manager + Adds tests for XML version response + Imported Translations from Transifex -------------------------------------------------------------------- Sun Jun 16 00:00:18 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.88.g3c687d1: + Using sql as default driver for tokens + Imported Translations from Transifex + Correct the default name attribute for role -------------------------------------------------------------------- Sat Jun 15 00:02:46 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.82.g543714b: + drop user and group constraints + Allow request headers access in app context. + Fix token purging for memcache for user token index. + Add checks to test if enabled is bool -------------------------------------------------------------------- Thu Jun 13 23:59:36 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.74.gc963383: + Force simple Bind for authentication + Correct LDAP configuration doc ------------------------------------------------------------------- Thu Jun 13 15:58:02 UTC 2013 - dmueller@suse.com - fix typo in post-install script -------------------------------------------------------------------- Wed Jun 12 09:33:49 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.72.g6111bc9: + Move coverage output dir for Jenkins. + Replace openstack-common with oslo in docs -------------------------------------------------------------------- Tue Jun 11 09:33:09 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.68.g5df7424: + Fix internal doc links (bug 1176211) + Remove bufferedhttp + add ca_key to sample configuration + Commit transaction in migration -------------------------------------------------------------------- Mon Jun 10 13:45:12 UTC 2013 - bmwiedemann@opensuse.org - BuildRequire python-sqlalchemy + migrate for post-build-checks - Update to version 2013.2.b1.60.gb1d4de7: + Add db_version command to keystone-manage + run_tests.sh should use flake8 (bug 1180609) + Require keystone-user/-group for pki_setup + Import eventlet patch from oslo. + Check schema when dropping constraints. + Missing contraction: Its -> It's (bug 1176213) + Raise key length defaults + fix error default policy for create_project + Ignore the .update-venv directory. ------------------------------------------------------------------- Mon Jun 10 13:06:46 UTC 2013 - dmueller@suse.com - remove hybrid keystone backend -------------------------------------------------------------------- Thu Jun 6 00:26:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.42.ge6d551d: + Ignore conflict on v2 auto role assignment (bug 1161963) + split authenticate call + remove_role_from_user_and_project affecting all users (bug 1170649) -------------------------------------------------------------------- Wed Jun 5 00:20:14 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.36.g0c9538d: + Maintain tokens after role assignments (bug 1170186) + typo in 'import pydev' statement -------------------------------------------------------------------- Fri May 31 23:38:54 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.33.gcd34971: + Convert openstack-common.conf to the nicer multiline format. + Rename requires files to standard names. + Test 403 error title + Disable eventlet monkey-patching of DNS + Revert "Set EVENTLET_NO_GREENDNS=yes in tox.ini." + Document size limits + Fixes a typo + Add index on valid column of the SQL token Backend + Add missing oslo module. + Fix incorrect role assignment in migration. + Live SQL migration tests ------------------------------------------------------------------- Fri May 31 09:14:26 UTC 2013 - dmueller@suse.com - avoid warning in post script -------------------------------------------------------------------- Thu May 30 23:39:05 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.b1.11.gfa2f963: + Move auth_token middleware from admin user to an RBAC policy + Improve the performance of tokens deletion for user + Add <version> arg to keystone-manage db_sync + Imported Translations from Transifex -------------------------------------------------------------------- Wed May 29 23:38:58 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.1.rc2.161.gd67e31b: + Add KEYSTONE_LOCALEDIR env variable + Add missing space to error msg + Fix the debug statement. ------------------------------------------------------------------- Wed May 29 11:18:45 UTC 2013 - dmueller@suse.com - remove setBadness call from rpmlintrc -------------------------------------------------------------------- Tue May 28 23:38:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.1.rc2.157.g2879d42: + Replace assertDictContainsSubset with stdlib ver + separate paste-deploy configuration from parameters + Add index on expires column of the SQL token Backend -------------------------------------------------------------------- Mon May 27 10:03:12 UTC 2013 - speilicke@suse.com - Update to version 2013.1.rc2.153.gaf4e969: + Implement Token Flush via keystone-manage. + Documentation about the initial configuration file and sample data. + Imported Translations from Transifex + Read-only default domain for LDAP (bug 1168726) + Add assertNotEmpty to tests and use it. + Fix 403 status response + Use webtest for v2 and v3 API testing. + Consolidate eventlet code + Imported Translations from Transifex + Satisfy flake8 import rules F401 and F403 + Migrate to pbr. + Remove unused variables (flake8 F841) + Enumerate ignored flake8 H* rules + Use TODO(NAME) (flake8 H101) + use the 'not in' operator (flake8 H902) + consistent i18n placeholders (flake8 H701, H702, H703) + eliminate 'except:' (flake8 H201) + one import per line (flake8 H301) + Remove unnecessary commented out code + import only modules (flake8 H302) + imports not in alphabetical order (flake8 H306) + Remove useless private method + Cleanup docstrings (flake8 H401, H402, H403, H404) - More build requirements for for %post section keystone-manage invocation: + python-WebOb + python-passlib + python-routes ------------------------------------------------------------------- Mon May 27 08:50:37 UTC 2013 - dmueller@suse.com - python-pbr/d2to1 requires ------------------------------------------------------------------- Tue May 21 13:54:20 UTC 2013 - iartarisi@suse.com - add missing requirement python-sqlalchemy-migrate -------------------------------------------------------------------- Mon May 20 23:58:12 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a118.g8d2b8e6: + get SQL refs from session (bp sql-query-get) ------------------------------------------------------------------- Sat May 18 13:05:42 UTC 2013 - dmueller@suse.com - update requires based on pip-requires -------------------------------------------------------------------- Sat May 18 00:00:13 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a117.g7b99bd6: + Test listing of tokens with a null tenant + Http 400 when user enabled is not a boolean + extracting credentials + Accept env variables to override default passwords -------------------------------------------------------------------- Wed May 15 23:35:41 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a109.g2e15fe4: + Fix pyflakes and pep8 in prep for flake8. + Migrate to flake8. -------------------------------------------------------------------- Wed May 15 08:54:30 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a105.gcb0ddab: + Enable unicode error message -------------------------------------------------------------------- Fri May 10 23:38:30 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a103.gefc30be: + Disable eventlet monkey-patching of DNS + Set EVENTLET_NO_GREENDNS=yes in tox.ini. + Revert "Disable eventlet monkey-patching of DNS" + Allow backend & client SQL tests on mysql and pg. -------------------------------------------------------------------- Thu May 9 23:38:24 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a99.g693a486: + Remove unused CONF.pam.url + Replace password to "***" in the debug message + Revoke tokens on user delete (bug 1166670) + A minor refactor in wsgi.py -------------------------------------------------------------------- Tue May 7 23:38:10 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a92.g96a816f: + LDAP list groups with missing member entry -------------------------------------------------------------------- Tue May 7 16:18:10 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a90.gb55620d: + Skip IPv6 tests for eventlet dns -------------------------------------------------------------------- Wed May 1 23:37:48 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a89.g22d96b2: + HACKING LDAP -------------------------------------------------------------------- Sat Apr 27 00:01:59 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a87.ga78bc2e: + Allow additional attribute mappings in ldap -------------------------------------------------------------------- Thu Apr 25 23:54:41 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a85.gd9dd876: + Mark LDAP password and admin_token secret ------------------------------------------------------------------- Thu Apr 25 14:24:35 UTC 2013 - dmueller@suse.com - require python-python-memcached 1.31 -------------------------------------------------------------------- Wed Apr 24 23:54:56 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a83.g7617fef: + Remove new constraint from migration downgrade. + Make migration tests postgres & mysql friendly. + Delete extra dict in token controller. -------------------------------------------------------------------- Tue Apr 23 21:58:35 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a77.geefc8e0: + Set empty element to "" + close db migration session + fix undefined variable + fix duplicate option error + Add rule for list_groups_for_user in policy.json + clean up invalid variable reference -------------------------------------------------------------------- Mon Apr 22 23:59:52 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a65.g92e40ce: + test duplicate name + don't migrate as often -------------------------------------------------------------------- Sun Apr 21 23:27:01 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a61.g166a03c: + Rename trust extension (bug 1158980) + use the roles in the token when recreating + keystone commands don't print any version information + keystone commands don't print any version information + Fix test coverage for v2 scoped auth xml response (bug 1160504) + Fix test coverage for v2 scoped auth xml response (bug 1160504) + Mark sql connection with secret flag + Share one engine for more than just sqlite in-memory + Sync with oslo-incubator. + Fix IBM copyright strings + Fix example in documentation. + stop using time.sleep in tests + use the openstack test runner + Fix 401 status response + Add TLS Support for LDAP + catch errors in wsgi.Middleware. + Fix for configuring non-default auth plugins properly + Generate HTTPS certificates with ssl_setup. + Use string for port in default endpoints (bug 1160573) + residual grants after delete action (bug1125637) + Use is_enabled() in folsom->grizzly upgrade (bug 1167421) + Add missing colon for documentation build steps. + Remove un-needed LimitingReader read() function. + Clean up duplicate methods + Fix token ids for memcached + Fixed unicode username user creation error + Fixed logging usage instead of LOG + Removed unused imports + Remove non-production middleware from sample pipelines + What is this for? + bug 1159888 broken links in rst doc + Sync with oslo-incubator copy of setup.py -------------------------------------------------------------------- Mon Mar 25 13:52:34 UTC 2013 - opensuse-cloud@opensuse.org - Update to version 2013.2.a338.gbceee56: + Fix XML handling of member links (bug 1156594) + Test default_project_id scoping (bug 1023502) + Ensure delete domain removes all owned entities + Utilize legacy_endpoint_id column (bug 1154918) + Pass project membership as dict in migration 015. + V2, V3 token intermix for unscoped tokens (bug 1156913) + Revise docs to use keystoneclient.middleware.auth_token + Fix live ldap tests + Support for LDAP groups (bug #1092187) + Correct spacing in warning msg + Validate domains unconditionally (bug 1130236) + Prohibit V3 V2 token intermix for resource in non-default domain (bug 1157430) + Properly handle emulated ldap enablement + Wrap config module and require manual setup (bug 1143998) + Enable emulation for domains + Allow trusts to be optional + Version bump to 2013.2 + Add a dereference option for ldap + Move trusts to extension + Make versions aware of enabled pipelines. + Imported Translations from Transifex + Rework S3Token middleware tests. + Rename trust extension. ------------------------------------------------------------------- Mon Mar 18 10:41:29 UTC 2013 - speilicke@suse.com - Drop +git.$TIMESTAMP.$COMMITHASH version suffix -------------------------------------------------------------------- Sun Mar 17 11:28:35 UTC 2013 - dmueller@suse.com - Update to version 2013.1.a301.g16b4643+git.1363519715.16b4643: + Explain LDAP page_size & default value + Catch and log server exceptions + Filter out legacy_endpoint_id (bug 1152635) + Ensure tokens are revoked for relevant v3 api calls + Switch to final 1.1.0 oslo.config release + Added test cases to improve LDAP project testing + Migrate roles from metadata to user_project_metadata + duplicated trust tests + quiet route logging on skipped tests + Remove TODO that didn't land in grizzly + No parent exception to wrap + Remove duplicate password/token opts. + Fixes bug 1151747: broken XML translation for resource collections + xml_body returns backtrace on XMLSyntaxError + extracting user and trust ids into normalized fields + Discard null endpoints (bug 1152632) - remove keystone-cs24277.diff: * merged upstream ------------------------------------------------------------------- Wed Mar 13 10:17:48 UTC 2013 - dmueller@suse.com - add keystone-cs24277.diff: * make keystone start again -------------------------------------------------------------------- Wed Mar 13 00:17:24 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1.a271.g45228ca+git.1363133844.45228ca: + cleanup trusts in controllers + remove spurious roles check + add belongs_to check + Improve tests for api protection and filtering ------------------------------------------------------------------- Tue Mar 12 10:44:59 UTC 2013 - dmueller@suse.com - require python-oslo.config -------------------------------------------------------------------- Tue Mar 12 00:10:56 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1.a263.g09e2fc7+git.1363047056.09e2fc7: + Make getting user-domain roles backend independant + Make Keystone return v3 as part of the version api + bug 1133526 + Run keystone server in debug mode. + Fix folsom -> grizzly role table migration issues (bug 1119789) + Revert "from tests import" + Revert "update tests/__init__.py to verify openssl version" -------------------------------------------------------------------- Mon Mar 11 09:59:43 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1.a251.g59757f6+git.1362995983.59757f6: + Unpin pam dependency version + Sync timeutils with oslo + Remove obsolete *page[_marker] methods from LDAP backend. + bug 1134802: fix inconsistent format for expires_at and issued_at + Trusts + Expand v3 trust test coverage + keystone : Use Ec2Signer utility class from keystoneclient + remove unused import + Move auth plugins to 'keystone.auth.plugins' (bug 1136967) + ports should be ints in config (bug 1137696) + mark 2.0 API as stable + Straighten out NotFound raising in LDAP backend. + fix typo in kvs backend + Move get_by_name to LdapBase. + Remove unused methods from LDAP backed. + return 201 Created on POST request (bug1131119) + Delete tokens for user + unable to load certificate should abort request + add missing attributes for group/project tables (bug1126021) + v3 endpoints won't have legacy ID's (bug 1150930) + Change exception raised to Forbidden on trust_id + from tests import ------------------------------------------------------------------- Fri Mar 8 11:01:34 UTC 2013 - vuntz@suse.com - Fix ownership of /var/log/keystone/keystone.log after call to "keystone-manage pki_setup" in %post: if the package is installed for the first time, the log file is owned by root, which breaks keystone (since it can't write to the log file). ------------------------------------------------------------------- Thu Mar 7 16:10:27 UTC 2013 - bwiedemann@suse.com - fix logging.conf to be about keystone and have absolute path -------------------------------------------------------------------- Tue Mar 5 17:22:34 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1.a210.g2515d1b+git.1362504154.2515d1b: + Ensure keystone unittests do not leave CONF.policyfile in bad state + Move handle_conflicts decorator into sql + flatten payload for policy + Convert api to controller + bug 1131840: fix auth and token data for XML translation + domain_id_attributes in config.py have wrong default value + command line switch for short pep8 output. + Setup logging in keystone-manage command. + Imported Translations from Transifex + Enable a parameters on ldap to allow paged_search of ldap queries This fixes bug 1083463 + update tests/__init__.py to verify openssl version ------------------------------------------------------------------- Mon Mar 4 13:38:13 UTC 2013 - iartarisi@suse.com - Move python-ldap requirement to python-keystone subpackage ------------------------------------------------------------------- Thu Feb 28 14:07:54 UTC 2013 - dmueller@suse.com - Fix last change ------------------------------------------------------------------- Mon Feb 25 13:27:40 UTC 2013 - saschpe@suse.de - Ghost /var/run/keystone ------------------------------------------------------------------- Mon Feb 25 10:07:11 UTC 2013 - saschpe@suse.de - Drop sysconfig from init scripts -------------------------------------------------------------------- Sun Feb 24 18:52:11 UTC 2013 - dmueller@suse.com - Update to version 2013.1.a191.g30dbb74+git.1361731931.30dbb74: + Remove test_auth_token_middleware + Silence routes internal debug logging + Workaround Migration issue with PostgreSQL + Add pysqlite as explicit test dep + project membership to role conversion + Remove usage of UserRoleAssociation.id in LDAP + Add an update option to run_tests.sh + make fakeldap._match_query work for an arbitrary number of groups + Update sample_data.sh to match docs + Use oslo-config-2013.1b3 + Remove old, outdated keystone devref docs + Implement name space for domains + Update the Keystone policy engine to the latest openstack common + Ensure user and tenant enabled in EC2 + merging in fix from oslo upstream + Disable XML entity parsing + make LDAP query scope configurable + enabled attribute emulation support + v3 token API + Pass query filter attributes to policy engine + Removed redundant assertion + Update oslo-config version. + domain-scoping + Fix id_to_dn for creating objects + Tests for domain-scoped tokens + Change the default LDAP mapping for description. + Correct SQL migration 017 column name ------------------------------------------------------------------- Fri Feb 22 10:25:20 UTC 2013 - saschpe@suse.de - Require openstack-suse-macros instead of openstack-common-macros ------------------------------------------------------------------- Thu Feb 21 17:08:52 UTC 2013 - iartarisi@suse.com - added oslo-config requirement ------------------------------------------------------------------- Mon Feb 18 11:18:18 UTC 2013 - saschpe@suse.de - Init script cleanup: + Drop useless shell variables + Don't depend on $network facility, we already have $remote_fs (comes after $network) + Source /etc/sysconfig/openstack-keystone (if available), orthogonal to the other init scripts we provide. We're not using this feature ATM though - Default configuration cleanup: + Use openstack-utils to set as much default values in the package as possible (instead of patch/sed/...). Some may be overwritting later on by, .e.g., crowbar - More useful lograte configuration: + Compress + Make sure to keep log files for at least 90 days (i.e. rotate 15 + weekly = 15 weeks). + Add size=1M to avoid getting DoS'ed by wild daemons + Use copytruncate instead of create+postrotate+sharedscripts to avoid a daemon restart -------------------------------------------------------------------- Mon Feb 18 09:37:31 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1.a138.g5a8682d+git.1361180251.5a8682d: + fix unit test when memcache middleware is not configured + Fix bugs with set ldap password. + Cleaned up keystone-all --help output + add missing kvs functionality (bug1119770) + remove unneeded config reloading (it's already done during setUp) + Update to oslo version code. ------------------------------------------------------------------- Thu Feb 14 13:27:29 UTC 2013 - iartarisi@suse.com - Remove unused/upstreamed patches for requests and LDAP scope -------------------------------------------------------------------- Thu Feb 14 11:38:35 UTC 2013 - iartarisi@suse.cz - Update keystone-hybrid-backend to fix unit tests - Update to version 2013.1+git.1360841915.901d079: + Fix normalize identity sql ugrade for Mysql and postgresql + Sync latest cfg from oslo-incubator + Update .coveragerc + Query only attributes strictly required for keystone when using it with existing LDAP servers + remove duplicate model declaration/attribution + import tools/flakes from oslo + Expand dependency injection test coverage + simplify query building logic + Generate apache-style common access logs + Add missing log_format, log_file, log_dir opts. + allow unauthenticated connections to an LDAP server + Missed import for IPv6 tests skip. + Spell accommodate correctly. + Use install_venv_common.py from oslo. + Keystone backend preparation for domain-scoping + Fix spelling mistakes + Fix test_contrib_s3_core unit test + add check for config-dir parameter (bug1101129) + don't create a new, copied list in get_project_users + Tenant update on LDAP breaks if there is no update to apply + adding additional backend tests (bug1101244) ------------------------------------------------------------------- Tue Feb 12 12:13:21 UTC 2013 - dmueller@suse.com - add service-endpoints for Quantum -------------------------------------------------------------------- Mon Feb 11 15:41:59 UTC 2013 - dmueller@suse.com - Update to version 2013.1+git.1360597319.c05041e: + Add --keystone-user/group to keystone-manage pki_setup + UserApi.update not to require all fields in arg + return 400 Bad Request if invalid params supplied (bug1061738) + Relational API links + Adds png versions of all svg image files. Changes reference. ------------------------------------------------------------------- Mon Feb 11 15:41:40 UTC 2013 - dmueller@suse.com - Remove lp-bug-1031372.patch: * Merged upstream ------------------------------------------------------------------- Thu Feb 7 10:15:55 UTC 2013 - iartarisi@suse.com - use in-memory database for hybrid backend unit-tests ------------------------------------------------------------------- Wed Feb 6 16:08:22 UTC 2013 - iartarisi@suse.com - re-enable hybrid backend -------------------------------------------------------------------- Wed Feb 6 15:28:28 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1+git.1360164508.8ec247b: + Document user group LDAP options + Why .pop()'ing urls first is important + Imported Translations from Transifex + Delete Roles for User and Project LDAP + Fixes 'not in' operator usage + Add size validations to token controller. -------------------------------------------------------------------- Mon Feb 4 11:57:14 UTC 2013 - dmueller@suse.com - Update to version 2013.1+git.1359979034.4722c84: + Updates migration 008 to work on PostgreSQL. + Create a default domain (bp default-domain) + tenant to project in the apis + Tenant to Project in Back ends + Enable/disable domains (bug 1100145) + Readme: use 'doc' directory not 'docs' ------------------------------------------------------------------- Thu Jan 31 16:46:36 UTC 2013 - dmueller@suse.com - Add lp-bug-1031372.patch: Rework the way pki_setup is used ------------------------------------------------------------------- Mon Jan 28 13:26:21 UTC 2013 - saschpe@suse.de - Add keystone-requests-compat.patch: Compatiblity with requests>=1.0 -------------------------------------------------------------------- Mon Jan 28 12:49:28 UTC 2013 - dmueller@sue.com - Update to version 2013.1+git.1359377368.56f194a: + rename tenant to project in sql + Fix pep8 error. -------------------------------------------------------------------- Wed Jan 23 16:39:37 UTC 2013 - cloud-devel@suse.de - Update to version 2013.1+git.1358959177.7691276: + Limit the size of HTTP requests. ------------------------------------------------------------------- Wed Jan 23 14:03:35 UTC 2013 - saschpe@suse.de - Clean up %config(noreplace), only logrotate config and *.conf files should be noreplace ------------------------------------------------------------------- Tue Jan 22 13:30:16 UTC 2013 - dmueller@suse.com - use pki_setup to setup initial public/private key pair -------------------------------------------------------------------- Mon Jan 21 09:51:50 UTC 2013 - dmueller@suse.com - Update to version 2013.1+git.1358761910.8748cfa: + Allow running of sql against the live DB. + Test that you can undo & re-apply all migrations + downgrade user and tenant + Auto-detect max SQL migration + Safer data migrations + Sync base identity Driver defs with SQL driver + Fix i18n of string templates. + Enhance wsgi to listen on ipv6 address + add database string field length check + Autoload schema before creating FK's (bug 1098174) + Enable exception format checking in the tests. + reorder tables for delete ------------------------------------------------------------------- Wed Jan 16 15:05:54 UTC 2013 - dmueller@suse.com - copy example ssl cert to the place where keystone expects it - remove apache2 ssl/wsgi wrapper, keystone can do SSL on its own -------------------------------------------------------------------- Mon Jan 14 15:15:38 UTC 2013 - saschpe@suse.de - Update to version 2013.1+git.1358172938.ceec5c0: + Validated URLs in v2 endpoint creation API + Fixes import order nits + Cleanup keystoneclient testing requirements + Correct spelling errors / typos in test names + Keystone server support for user groups + Add missing .po files to tarball + adds keyring to test-requires + Revert "shorten pep8 output" + Upgrade WebOb to 1.2.3 + il8n some strings + Imported Translations from Transifex + Removed unused variables + Removed unused imports + Add pyflakes to tox.ini + Fix spelling typo + shorten pep8 output + Driver registry + Adding a means to connect back to a pydevd debugger. + add in pip requires for requests + Split endpoint records in SQL by interface + Fix typo s/interalurl/internalurl/ + module refactoring + Test for content-type appropriate 404 (bug 1089987) + Imported Translations from Transifex + fixing bug 1046862 + Expand default time delta (bug 1089988) + Add tests for contrib.s3.core. + Test drivers return HTTP 501 Not Implemented + Support non-default role_id_attribute + Remove swift auth. + Move token controller into keystone.token + Import pysqlite2 if sqlite3 is not available. + Remove mentions of essex in docs (bug 1085247) + Ensure serviceCatalog is list when empty, not dict + Adding downgrade steps for migration scripts. + Port to argparse based cfg + Only 'import *' from 'core' modules + use keystone test and change config during setUp + Bug 1075090 -- Fixing log messages in python source code to support internationalization. + Added documentation for the external auth support + check the redirected path on the request, not the response + Validate password type (bug 1081861) + split identities module into logical parts remove unneeded imports from core + Ensure token expiration is maintained (bug 1079216) + normalize identity + Fixes typo in keystone setup doc + Imported Translations from Transifex + Stop using cfg's internal implementation details + syncing run_tests to match tox + Expose auth failure details in debug mode + Utilize policy.json by default (bug 1043758) + Wrap v3 API with RBAC (bug 1023943) + v3 Identity + v3 Catalog + v3 Policies + Import auth_token middleware from keystoneclient + Imported Translations from Transifex + Refix transient test failures + Make the controller addresses configurable. + Expose authn/z failure info to API in debug mode + Refactor TokenController.authenticate() method. + Fix error un fixtures. + Ensures User is member of tenant in ec2 validation + Properly list tokens with a null tenant + Reduce total number of fixtures + Provide config file fields for enable users in LDAP backend (bug1067516) + populate table check. + Run test_keystoneclient_sql in-memory + Make tox.ini run pep8 checks on bin. + tweaking docs to fix link to wiki Keystone page + Various pep8 fixes for keystone. + Use the right subprocess based on os monkeypatch + Fix transient test failures (bug 1077065, bug 1045962) + Rewrite initial migration + Fix default port for identity.internalURL + Improve feedback on test failure + fixes bug 1074172 + SQL upgrade test. + Include 'extra' attributes twice (bug 1076120) + Return non-indexed attrs, not 'extra' (bug 1075376) + bug 1069945: generate certs for the tests in one place + monkeypatch cms Popen + HACKING compliance: consistent use of 'except' + auth_token hash pki key PKI tokens on hash in memcached when accessed by auth_token middelware + key all backends off of hash of pki token. + don't import filter_user name, use it from the identity module + don't modify the passed in dict to from_dict + move hashing user password functions to common/utils + ignore .tox directory for pep8 in runtests + Imported Translations from Transifex + Implements REMOTE_USER authentication support. + pin sqlalchemy to 0.7 + Move 'opentack.context' and 'openstack.params' definitions to keystone.common.wsgi + Removes duplicate flag for token_format. + Raise exception if openssl stderr indicates one. + Ignore keystone.openstack for PEP8 + Fixed typo in log message + Fixes 500 err on authentication for invalid body + Enable Deletion of Services with Endpoints + Exception.message deprecated in py26 (bug 1070890) + Utilize logging instead of print() + stop LdapIdentity.create_user from returning the user's password + Compare token expiry without seconds + Moved SQL backend tests into memory + Add trove classifiers for PyPI + Adding handling for get user/tenant by name + Fixed bug 1068851. Refreshed new crypto for the SSL tests. + move filter_user function to keystone.identity.core + Fixes response for missing credentials in auth + making PKI default token type + Fixes Bug 1063852 + bug 1068674 + Update common. + Extract hardcoded configuration in ldap backend (bug 1052111) + Fix Not Found error, when router not match. + add --config-dir=DIR for keystone-all option + Add --config-dir=DIR in OPTIONS + Delete role does not delete role assignments in tenants (bug 1057436) + replacing PKI token detection from content length to content prefix. (bug 1060389) + Document PKI configuration and management + Raise if we see incorrect keyword args "condition" or "methods" + Filter users in LDAP backend (bug 1052925) + Use setup.py develop to insert code into venv. + Raise 400 if credentials not provided (bug 1044032) + Fix catalog when services have no URL + Unparseable endpoint URL's should raise friendly error + Configurable actions on LDAP backend in users Active Directory (bug 1052929) + Unable to delete tenant if contains roles in LDAP backend (bug 1057407) + Replaced underscores with dashes + fixes bug 1058429 + Command line switch for standard threads. + Remove run_test.py in favor of stock nose. + utf-8 encode user keys in memcache (bug 1056373) + Convert database schemas to use utf8 character set. + Return a meaningful Error when token_id is missing + Backslash continuation cleanup + notify calling process we are ready to serve + add Swift endpoint in sample data + Updated Fix for duplicated entries on LDAP backend for get_tenant_users + Fix wsgi config file access for HTTPD + Bump version to 2013.1 + add Quantum endpoint in sample data + Add XML namespace support for OSADM service api. + Identity API v3 Config, Routers, Controllers - Updated requirements - Dropped patches (merged upstream): + keystone-certs-test.patch + keystone-sql-backend-from_dict.patch + keystone-webob-empty-resp-environ.patch - Dropped FIX-BUILD.patch, we should fix that finally - Disabled hybrid LDAP backend ------------------------------------------------------------------- Fri Jan 11 15:39:23 UTC 2013 - iartarisi@suse.com - revert %setup to also unpack hybrid backend tarball ------------------------------------------------------------------- Fri Jan 11 15:12:13 UTC 2013 - iartarisi@suse.com - update and re-enable backend hybrid code: * use sample config for testing * raise errors in user retrieval code instead of returning None ------------------------------------------------------------------- Fri Jan 11 11:23:40 UTC 2013 - saschpe@suse.de - Require WebTest instead of webtest in the test sub-package ------------------------------------------------------------------- Thu Jan 10 12:52:41 UTC 2013 - saschpe@suse.de - Add logrotate configuration ------------------------------------------------------------------- Wed Jan 9 15:36:36 UTC 2013 - bwiedemann@suse.com - package sample_data.sh for use in quickstart script -------------------------------------------------------------------- Wed Dec 19 12:40:14 UTC 2012 - saschpe@suse.de - Move to obs-service-git_tarballs - Update to version 2012.2.3+git.1355917214.0c8c2a3: + Merge commit 'refs/changes/01/17901/1' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom + Bump next version to 2012.2.3 + Ensure serviceCatalog is list when empty, not dict ------------------------------------------------------------------- Mon Dec 10 23:57:58 UTC 2012 - saschpe@suse.de - Update to version 2012.2.1+git.1354224563.7869c3e: + lp#1064914 Removing user from a tenant isn't invalidating user access to tenant + lp#1073569 Jenkins jobs fail because of incompatibility between sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1 + lp#1078497 keystone throws error when removing user from tenant. + lp#1060389 Non PKI Tokens longer than 32 characters can never be valid + lp#1068851 Openssl tests rely on expired certificate + lp#1079216 token expires time incorrect for auth by one token + lp#968519 Object reference validation should occur in drivers + lp#1068674 Redo part of bp/sql-identiy-pam undone by bug 968519 ------------------------------------------------------------------- Wed Dec 5 09:36:14 UTC 2012 - saschpe@suse.de - Use @PARENT_TAG@ in _service file to automate versioning ------------------------------------------------------------------- Mon Dec 3 11:34:01 UTC 2012 - iartarisi@suse.com - fix unittest failure with ssl certificates ------------------------------------------------------------------- Fri Nov 30 13:59:57 UTC 2012 - iartarisi@suse.com - fix unittest failure on our version of webob ------------------------------------------------------------------- Thu Nov 22 12:35:37 UTC 2012 - iartarisi@suse.com - fix typo in passlib dependency package name ------------------------------------------------------------------- Thu Nov 22 10:41:39 UTC 2012 - saschpe@suse.de - Split of doc package into seperate spec file - Comment out hybrid_backend parts for now to fix build - Re-arranged %build section to match other packages - Removed a whole bunch of unneded build requirements - Updated requirements for python module and test sub-packages ------------------------------------------------------------------- Wed Nov 21 12:59:17 UTC 2012 - iartarisi@suse.com - disable keystone-hybrid-backend source service ------------------------------------------------------------------- Tue Nov 20 14:50:26 UTC 2012 - iartarisi@suse.com - Add source service for keystone-hybrid-backend - Update to latest git (f65604d): + Ensures User is member of tenant in ec2 validation ------------------------------------------------------------------- Thu Nov 15 13:55:59 UTC 2012 - saschpe@suse.de - Use openstack-macros ------------------------------------------------------------------- Thu Nov 8 13:50:26 UTC 2012 - saschpe@suse.de - Fix malformed changes file entries ------------------------------------------------------------------- Thu Nov 8 13:03:54 UTC 2012 - saschpe@suse.de - Update to version 2012.2 (Folsom): + See https://github.com/openstack/keystone/commits/folsom-3 - Drop the following upstreamed patches: + keystone-ldap-no-authentication.patch + keystone-log-warn-auth-errors.patch - Rebased the following patches: + keystone-sql-backend-from_dict.patch + keystone-hybrid-conf-scope.patch - BuildRequire python-pam for man-page build - Install new man-pages keystone-all.1 and keystone-manage.1 - Introduce temporary FIX-BUILD.patch ------------------------------------------------------------------- Thu Nov 8 11:44:18 UTC 2012 - saschpe@suse.de - Drop from_vcs build flag ------------------------------------------------------------------- Wed Oct 31 15:15:16 UTC 2012 - saschpe@suse.de - Drop temporary fixes for file permissions and attributes in %post section. They were necessary only to migrate from pre-1.0 packages. ------------------------------------------------------------------- Tue Oct 16 11:08:47 CEST 2012 - iartarisi@suse.cz - patch sql backend's from_dict method to not modify the content of the passed in dict (lp:1066851) ------------------------------------------------------------------- Wed Oct 10 14:56:49 CEST 2012 - iartarisi@suse.cz - add hybrid backend test configuration file ------------------------------------------------------------------- Wed Oct 10 14:10:43 CEST 2012 - iartarisi@suse.cz - make user search ldap SCOPE configurable in the hybrid backend ------------------------------------------------------------------- Mon Oct 8 14:38:58 CEST 2012 - iartarisi@suse.cz - fix LDAP bind with dinamically found user DN ------------------------------------------------------------------- Fri Oct 5 12:46:20 CEST 2012 - iartarisi@suse.cz - hybrid backend fixes: + use the DN for the user we just signed in to check for password + fix invalid user error (bnc#783200) ------------------------------------------------------------------- Tue Oct 2 13:57:41 CEST 2012 - iartarisi@suse.cz - fix checking for SQL user passwords in the hybrid backend bnc#783036 ------------------------------------------------------------------- Mon Oct 1 09:26:15 UTC 2012 - jenkins@suse.de - Update to latest git (0e1f05e): + utf-8 encode user keys in memcache (bug 1056373) ------------------------------------------------------------------- Wed Sep 26 09:57:47 UTC 2012 - jdsn@suse.de - make init script start after database (bnc#781798) ------------------------------------------------------------------- Sun Sep 16 18:24:07 UTC 2012 - jenkins@suse.de - Update to latest git (176ee9b): + Require authz to update user's tenant (bug 1040626) + List tokens for memcached backend + Delete user tokens after role grant/revoke + Limit token revocation to tenant (bug 1050025) ------------------------------------------------------------------- Wed Sep 12 11:07:31 UTC 2012 - vuntz@suse.com - Do not use a sed to modify /usr/bin/gensslcert in %post: this file belongs to another package, and we actually don't do any change with the sed... Fix bnc#779747. ------------------------------------------------------------------- Mon Sep 10 08:26:18 UTC 2012 - vuntz@suse.com - Add keystone-fix-revoke.patch: fix revoking of roles to also invalidate already existing tokens. Fix bnc#779477, CVE-2012-4413. ------------------------------------------------------------------- Tue Aug 28 21:40:12 UTC 2012 - cthiel@suse.com - Require authz to update user's tenant (lp#1040626, bnc#777664) ------------------------------------------------------------------- Fri Aug 24 13:44:39 UTC 2012 - bwiedemann@suse.com - mark hybrid_config.py as config ------------------------------------------------------------------- Thu Aug 23 09:08:38 UTC 2012 - jenkins@suse.de - Update to latest git (a16a0ab): + Allow overloading of username and tenant name in the config files. + Returning roles from authenticate in ldap backend ------------------------------------------------------------------- Tue Aug 14 17:40:08 CEST 2012 - iartarisi@suse.cz - Add hybrid identity backend ------------------------------------------------------------------- Tue Aug 14 14:22:19 CEST 2012 - iartarisi@suse.cz - Add patch to log all Unauthorized exceptions (authentication failures). Discussed in bnc#753329. ------------------------------------------------------------------- Fri Aug 10 22:08:44 UTC 2012 - jenkins@suse.de - Update to latest git (359c426): + Open 2012.1.3 development ------------------------------------------------------------------- Wed Aug 8 14:12:01 UTC 2012 - jenkins@suse.de - Update to latest git (afc37ae): + Open 2012.1.2 development ------------------------------------------------------------------- Tue Aug 7 11:53:19 UTC 2012 - bwiedemann@suse.com - drop executable bit from config file ------------------------------------------------------------------- Tue Jul 31 22:12:53 UTC 2012 - jenkins@suse.de - Update to latest git (f65604d): + fix variable names to coincide with the ones in common.ldap + Import ec2 credentials from old keystone db + Raise unauthorized if tenant disabled (bug 988920) ------------------------------------------------------------------- Tue Jul 31 15:56:43 CEST 2012 - iartarisi@suse.cz - Remove fix-ldap-varnames patch after being accepted upstream ------------------------------------------------------------------- Wed Jul 25 11:23:57 UTC 2012 - saschpe@suse.de - Secure file permissions for Apache SSL certificate files ------------------------------------------------------------------- Thu Jul 19 20:20:59 UTC 2012 - cthiel@suse.com - drop keystone-cleanup-user-tenant-deletion.patch, which has been merged upstream: https://review.openstack.org/#/c/7482/ ------------------------------------------------------------------- Tue Jul 17 13:02:33 UTC 2012 - saschpe@suse.de - Fix WSGI app names, use the 'composite' apps to get the correct routes mapping ------------------------------------------------------------------- Tue Jul 17 12:18:32 UTC 2012 - saschpe@suse.de - Forward keystone WSGI log events to mod_wsgi ------------------------------------------------------------------- Tue Jul 17 11:05:49 CEST 2012 - iartarisi@suse.cz - Fix some variable names in the LDAP backend which were causing NameErrors - Don't require authentication for LDAP ------------------------------------------------------------------- Mon Jul 16 14:22:53 CEST 2012 - iartarisi@suse.cz - Fix bnc#755426 cleanup dependent data upon user/tenant deletion ------------------------------------------------------------------- Mon Jul 9 14:50:53 UTC 2012 - saschpe@suse.de - Provide Apache2 SSL-proxy example configuration based on mod_wsgi - Provide self-signed SSL certificates to be used for non-production setups (like openstack-quickstart) - Fix /var/lib/keystone permissions to 0755 ------------------------------------------------------------------- Mon Jul 2 12:33:42 UTC 2012 - saschpe@suse.de - Drop runtime requirement on openstack-glance - Change requirement for openstack-swift to python-swift, keystone only seems to use it in the S3-compatibility code - Change requirement for openstack-nova to python-nova, keystone only seems to use it in the EC2-compatibility code ------------------------------------------------------------------- Wed Jun 27 10:29:24 UTC 2012 - saschpe@suse.de - Change versioning scheme to $release+git.$AUTHORDATE.$COMMITREV - Simplify from_vcs macros ------------------------------------------------------------------- Wed Jun 27 10:35:56 CEST 2012 - vuntz@suse.com - Really drop unused disable-tests.patch: not needed anymore. ------------------------------------------------------------------- Tue Jun 26 12:23:35 UTC 2012 - saschpe@suse.de - Consistent package summaries - Use upstream description and correct URL - Macro cleanup: + Package is noarch except for SLE-11 + No need to redefine %_initddir, SLE-11 works correctly ------------------------------------------------------------------- Mon Jun 25 12:49:58 UTC 2012 - saschpe@suse.de - Also install documentation and manpage when build - No need for "fixing" the %_initddir macro ------------------------------------------------------------------- Tue Jun 12 10:48:49 UTC 2012 - saschpe@suse.de - Use 'openstack-keystone' system user instead of 'keystone' ------------------------------------------------------------------- Wed Jun 6 13:22:43 UTC 2012 - saschpe@suse.de - Add %restart_on_update to %post section for openstack-keystone (daemons should be restarted after package update) - Fix some rpmlint warnings - Added rpmlintrc for non-issues ------------------------------------------------------------------- Thu May 24 10:36:40 MDT 2012 - jfehlig@suse.com - Add 'Requires: python >= 2.6.8' to openstack-keystone and python-keystone subpackage ------------------------------------------------------------------- Thu Mar 29 09:11:01 UTC 2012 - bwiedemann@suse.com - use latest upstream default_catalog.templates to fix nova-volume problems ------------------------------------------------------------------- Tue Feb 14 18:22:37 UTC 2012 - bwiedemann@suse.com - run as keystone user ------------------------------------------------------------------- Wed Feb 8 12:59:05 UTC 2012 - rhafer@suse.de - Updated to the lastest git checkout ------------------------------------------------------------------- Thu Jan 26 12:51:28 UTC 2012 - rhafer@suse.de - Fixed try-restart implementation in init-script ------------------------------------------------------------------- Thu Jan 26 10:25:09 UTC 2012 - rhafer@suse.de - Fixed init script dependencies ------------------------------------------------------------------- Thu Jan 26 10:12:27 UTC 2012 - rhafer@suse.de - removed no longer needed workaround for lp#921054 - patch for lp#921634 is upstreamed - refreshed config file patch ------------------------------------------------------------------- Tue Jan 24 16:37:58 UTC 2012 - rhafer@suse.de - Added workaround for doc/, examples/ and tools/ dirs showing up in site-packages/ (https://bugs.launchpad.net/keystone/+bug/921054) - Include examples into the -doc subpackage ------------------------------------------------------------------- Tue Jan 24 14:14:02 UTC 2012 - rhafer@suse.de - cleaned up more dependencies ------------------------------------------------------------------- Mon Jan 23 15:46:33 UTC 2012 - rhafer@suse.de - run testsuite during build ------------------------------------------------------------------- Fri Jan 20 14:51:35 UTC 2012 - rhafer@suse.de - Updated to today's git snapshot - Removed some unneeded conditionals - Updated dependencies ------------------------------------------------------------------- Mon Jan 16 16:03:20 UTC 2012 - prusnak@opensuse.org - fix initscript scriptlets ------------------------------------------------------------------- Tue Jan 10 13:38:58 UTC 2012 - bwiedemann@suse.com - use spdx.org License name Apache-2.0 ------------------------------------------------------------------- Tue Dec 13 15:31:49 UTC 2011 - mlin@suse.com - Enabled build from git - Removed unnecessary dependencies - Separate python-keystone - Fix rpmlint warning - Enabled build for Fedora ------------------------------------------------------------------- Mon Dec 5 11:27:09 UTC 2011 - prusnak@opensuse.org - added preun and postun sections to handle initscripts ------------------------------------------------------------------- Mon Dec 5 11:16:58 UTC 2011 - prusnak@opensuse.org - spec cleanup
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor