SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python-keystone-2013.2.a293.ged1f967-1.1.noarch.rpm :

* Fri Aug 02 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a293.ged1f967: + Clear out the dependency registry between tests + Handle circular dependencies + Use dependency injection for assignment and identity + use \'exc_info=True\' instead of import traceback + .gitignore eggs + add OS-TRUST to links + Sync DB models and migrations in keystone.assignment.backends.sql + Update references with new Mailing List location + V3 API need to check mandatory field when creating resources + Clean up use of token_provider manager in tests + Remove kwargs from manager calls where not needed. + Imported Translations from Transifex + Fix typo: Tenents -> Tenants + Use oslo.sphinx and remove local copy of doc theme
* Thu Aug 01 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a265.g0368950: + Use keystone.wsgi.Request for RequestClass + Remove passwords from LDAP queries
* Thu Aug 01 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a261.gf1ac78c: + Ec2 credentials table not created during testing + Load backends before deploy app in client tests
* Wed Jul 31 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a257.g5958691: + sql.Driver:authenticate() signatures should match
* Tue Jul 30 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a255.gc21b458: + default token format/provider handling
* Mon Jul 29 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a253.g10fde8e: + Clear cached engine when global engine changes + Implement exception module i18n support
* Fri Jul 26 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a249.g97a5b49: + Remove vestiges of Assignments from LDAP Identity Backend + Scipped tests don\'t render as ERROR\'s
* Thu Jul 25 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a246.g0a40152: + Fixing broken credential schema in sqlite.
* Tue Jul 23 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a245.gc6b7dd8: + Deprecate kvs token backend + Load app before loading legacy client in tests. + Use assignment_api rather than assignment
* Mon Jul 22 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a240.g7fde605: + Regenerate example PKI after change of defaults + Return correct link for effective group roles in GET /role_assignments + Deprecation warning for [signing] token_format + Add [assignment].driver to sample config + Remove an enumerate call + Correct Spelling Mistake
* Thu Jul 18 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a228.g53ed50d: + Support token_format for backward compatibility + python3: Introduce py33 to tox.ini
* Wed Jul 17 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a225.gc42533f: + grammar fixes in error messages + update requires to prevent version cap
* Wed Jul 17 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a221.g2667c77: + Change domain component value to org from com + wsgi.BaseApplication and wsgi.Router factories should use
*
*kwargs + Python 3.x compatible use of print + Add unittest for keystone.identity.backends.sql Models + Don\'t use deprecated BaseException.message + Implements Pluggable V2 Token Provider + Implement role assignment inheritance (OS-INHERIT extension) + Pluggable Remote User + Fix XML rendering with empty auth payload. + Implemented token creation without catalog response. + Implement Token Binding.
* Mon Jul 15 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a202.gdec66cd: + Implements Pluggable V3 Token Provider
* Sun Jul 14 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a200.gdf63b9c: + Add version so that pre-release versioning works
* Sat Jul 13 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.198.g95a27a8: + Register Extensions + Sync-up crypto from oslo-incubator
* Fri Jul 12 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.194.g85a5022: + Add crypto dependency + Sync install_venv_common from oslo + Pass on arguments on Base.get_session + Imported Translations from Transifex + Mixed LDAP/SQL Backend.
* Thu Jul 11 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.184.g41ca51c: + Remove a useless arg in range() + Rationalize how we get roles after authentication in the controllers + Do not create LDAP Domains sub tree + Remove context from get_token call in normalize_domain_id + Use InnoDB for MySQL + Move temporary test files into tests/tmp
* Tue Jul 09 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.172.gfafdf07: + assignment backend
* Tue Jul 09 2013 dmuellerAATTsuse.com- add 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch
* Tue Jul 09 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.171.gb556d8a: + Work without admin_token_auth middleware + Move comments in front of dependencies
* Mon Jul 08 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.167.g699b483: + Implement GET /role_assignment API call + DB2 migration support + Remove an enumerate call + Fix issue with v3 tokens and group membership roles + Imported Translations from Transifex + Add callbacks for set_global_engine
* Sat Jul 06 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.155.g6450f75: + Update paths to pem files in keystone.conf.sample
* Fri Jul 05 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.153.g5746f5b: + rename quantum to neutron in docs
* Thu Jul 04 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.151.gbb6ebd4: + Fix up some trivial license mismatches
* Wed Jul 03 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.149.g62d948a: + Use event.listen() instead of deprecated listeners kwarg
* Wed Jul 03 2013 naehringAATTb1-systems.de- adding keystone-paste.ini - the paste configuration has been moved to keystone-paste.ini
* Wed Jul 03 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.147.g214df21: + Remove hard tabs and trailing whitespace + Install locales for httpd.
* Tue Jul 02 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.143.gda9dc14: + `tox -ecover` failure. Missing entry in tox.ini
* Mon Jul 01 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.141.g59ea706: + Add \'application\' to keystone.py for WSGI
* Fri Jun 28 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.140.g6362fb7: + Stop passing context to managers (bug 1194938) + check for constraint before dropping + Clean up keystone-all.rst + Manager instead of direct driver
* Thu Jun 27 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.133.g6c6d15c: + Revert environment module usage in middleware. + Do not raise NEW exceptions
* Wed Jun 26 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.129.g600c38b: + LDAP list group users not fail if user entry deleted
* Tue Jun 25 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.128.g31863d1: + Remove explicit distribute depend.
* Mon Jun 24 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.126.g95cf470: + Version response compatible with Folsom
* Sun Jun 23 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.124.gf1cfbd7: + python WebOb dependency made unpinned. + Initialize logging from HTTPD. + wsgi.Middleware factory should use
*
*kwargs + Consolidate admin_or_owner rule
* Sat Jun 22 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.116.g97225ff: + Fix link typo in Sphinx doc + Base.get_engine honor allow_global_engine=False
* Fri Jun 21 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.112.gb9e46fb: + Move identity ldap backend from directory to file
* Thu Jun 20 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.111.g7ccfac7: + Removing LDAP API Shim
* Thu Jun 20 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.110.g7cd0bb0: + Isolate eventlet code into environment. + Set default \'ou\' name for LDAP projects to Projects
* Tue Jun 18 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.106.ge0834da: + LDAP get_project_users should not return password + Remove how to contribute section in favor of CONTRIBUTING.rst + Imported Translations from Transifex + Http 400 when project enabled is not a boolean + Remove a stat warning log + Correct the resolving api logic in stat middleware + Move user fileds type check to identity.Manager + Adds tests for XML version response + Imported Translations from Transifex
* Sun Jun 16 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.88.g3c687d1: + Using sql as default driver for tokens + Imported Translations from Transifex + Correct the default name attribute for role
* Sat Jun 15 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.82.g543714b: + drop user and group constraints + Allow request headers access in app context. + Fix token purging for memcache for user token index. + Add checks to test if enabled is bool
* Thu Jun 13 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.74.gc963383: + Force simple Bind for authentication + Correct LDAP configuration doc
* Thu Jun 13 2013 dmuellerAATTsuse.com- fix typo in post-install script
* Wed Jun 12 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.72.g6111bc9: + Move coverage output dir for Jenkins. + Replace openstack-common with oslo in docs
* Tue Jun 11 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.68.g5df7424: + Fix internal doc links (bug 1176211) + Remove bufferedhttp + add ca_key to sample configuration + Commit transaction in migration
* Mon Jun 10 2013 bmwiedemannAATTopensuse.org- BuildRequire python-sqlalchemy + migrate for post-build-checks- Update to version 2013.2.b1.60.gb1d4de7: + Add db_version command to keystone-manage + run_tests.sh should use flake8 (bug 1180609) + Require keystone-user/-group for pki_setup + Import eventlet patch from oslo. + Check schema when dropping constraints. + Missing contraction: Its -> It\'s (bug 1176213) + Raise key length defaults + fix error default policy for create_project + Ignore the .update-venv directory.
* Mon Jun 10 2013 dmuellerAATTsuse.com- remove hybrid keystone backend
* Thu Jun 06 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.42.ge6d551d: + Ignore conflict on v2 auto role assignment (bug 1161963) + split authenticate call + remove_role_from_user_and_project affecting all users (bug 1170649)
* Wed Jun 05 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.36.g0c9538d: + Maintain tokens after role assignments (bug 1170186) + typo in \'import pydev\' statement
* Fri May 31 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.33.gcd34971: + Convert openstack-common.conf to the nicer multiline format. + Rename requires files to standard names. + Test 403 error title + Disable eventlet monkey-patching of DNS + Revert \"Set EVENTLET_NO_GREENDNS=yes in tox.ini.\" + Document size limits + Fixes a typo + Add index on valid column of the SQL token Backend + Add missing oslo module. + Fix incorrect role assignment in migration. + Live SQL migration tests
* Fri May 31 2013 dmuellerAATTsuse.com- avoid warning in post script
* Thu May 30 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.b1.11.gfa2f963: + Move auth_token middleware from admin user to an RBAC policy + Improve the performance of tokens deletion for user + Add arg to keystone-manage db_sync + Imported Translations from Transifex
* Wed May 29 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.1.rc2.161.gd67e31b: + Add KEYSTONE_LOCALEDIR env variable + Add missing space to error msg + Fix the debug statement.
* Wed May 29 2013 dmuellerAATTsuse.com- remove setBadness call from rpmlintrc
* Tue May 28 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.1.rc2.157.g2879d42: + Replace assertDictContainsSubset with stdlib ver + separate paste-deploy configuration from parameters + Add index on expires column of the SQL token Backend
* Mon May 27 2013 speilickeAATTsuse.com- Update to version 2013.1.rc2.153.gaf4e969: + Implement Token Flush via keystone-manage. + Documentation about the initial configuration file and sample data. + Imported Translations from Transifex + Read-only default domain for LDAP (bug 1168726) + Add assertNotEmpty to tests and use it. + Fix 403 status response + Use webtest for v2 and v3 API testing. + Consolidate eventlet code + Imported Translations from Transifex + Satisfy flake8 import rules F401 and F403 + Migrate to pbr. + Remove unused variables (flake8 F841) + Enumerate ignored flake8 H
* rules + Use TODO(NAME) (flake8 H101) + use the \'not in\' operator (flake8 H902) + consistent i18n placeholders (flake8 H701, H702, H703) + eliminate \'except:\' (flake8 H201) + one import per line (flake8 H301) + Remove unnecessary commented out code + import only modules (flake8 H302) + imports not in alphabetical order (flake8 H306) + Remove useless private method + Cleanup docstrings (flake8 H401, H402, H403, H404)- More build requirements for for %post section keystone-manage invocation: + python-WebOb + python-passlib + python-routes
* Mon May 27 2013 dmuellerAATTsuse.com- python-pbr/d2to1 requires
* Tue May 21 2013 iartarisiAATTsuse.com- add missing requirement python-sqlalchemy-migrate
* Mon May 20 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a118.g8d2b8e6: + get SQL refs from session (bp sql-query-get)
* Sat May 18 2013 dmuellerAATTsuse.com- update requires based on pip-requires
* Sat May 18 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a117.g7b99bd6: + Test listing of tokens with a null tenant + Http 400 when user enabled is not a boolean + extracting credentials + Accept env variables to override default passwords
* Wed May 15 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a109.g2e15fe4: + Fix pyflakes and pep8 in prep for flake8. + Migrate to flake8.
* Wed May 15 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a105.gcb0ddab: + Enable unicode error message
* Fri May 10 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a103.gefc30be: + Disable eventlet monkey-patching of DNS + Set EVENTLET_NO_GREENDNS=yes in tox.ini. + Revert \"Disable eventlet monkey-patching of DNS\" + Allow backend & client SQL tests on mysql and pg.
* Thu May 09 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a99.g693a486: + Remove unused CONF.pam.url + Replace password to \"
*
*
*\" in the debug message + Revoke tokens on user delete (bug 1166670) + A minor refactor in wsgi.py
* Tue May 07 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a92.g96a816f: + LDAP list groups with missing member entry
* Tue May 07 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a90.gb55620d: + Skip IPv6 tests for eventlet dns
* Wed May 01 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a89.g22d96b2: + HACKING LDAP
* Sat Apr 27 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a87.ga78bc2e: + Allow additional attribute mappings in ldap
* Thu Apr 25 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a85.gd9dd876: + Mark LDAP password and admin_token secret
* Thu Apr 25 2013 dmuellerAATTsuse.com- require python-python-memcached 1.31
* Wed Apr 24 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a83.g7617fef: + Remove new constraint from migration downgrade. + Make migration tests postgres & mysql friendly. + Delete extra dict in token controller.
* Tue Apr 23 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a77.geefc8e0: + Set empty element to \"\" + close db migration session + fix undefined variable + fix duplicate option error + Add rule for list_groups_for_user in policy.json + clean up invalid variable reference
* Mon Apr 22 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a65.g92e40ce: + test duplicate name + don\'t migrate as often
* Sun Apr 21 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a61.g166a03c: + Rename trust extension (bug 1158980) + use the roles in the token when recreating + keystone commands don\'t print any version information + keystone commands don\'t print any version information + Fix test coverage for v2 scoped auth xml response (bug 1160504) + Fix test coverage for v2 scoped auth xml response (bug 1160504) + Mark sql connection with secret flag + Share one engine for more than just sqlite in-memory + Sync with oslo-incubator. + Fix IBM copyright strings + Fix example in documentation. + stop using time.sleep in tests + use the openstack test runner + Fix 401 status response + Add TLS Support for LDAP + catch errors in wsgi.Middleware. + Fix for configuring non-default auth plugins properly + Generate HTTPS certificates with ssl_setup. + Use string for port in default endpoints (bug 1160573) + residual grants after delete action (bug1125637) + Use is_enabled() in folsom->grizzly upgrade (bug 1167421) + Add missing colon for documentation build steps. + Remove un-needed LimitingReader read() function. + Clean up duplicate methods + Fix token ids for memcached + Fixed unicode username user creation error + Fixed logging usage instead of LOG + Removed unused imports + Remove non-production middleware from sample pipelines + What is this for? + bug 1159888 broken links in rst doc + Sync with oslo-incubator copy of setup.py
* Mon Mar 25 2013 opensuse-cloudAATTopensuse.org- Update to version 2013.2.a338.gbceee56: + Fix XML handling of member links (bug 1156594) + Test default_project_id scoping (bug 1023502) + Ensure delete domain removes all owned entities + Utilize legacy_endpoint_id column (bug 1154918) + Pass project membership as dict in migration 015. + V2, V3 token intermix for unscoped tokens (bug 1156913) + Revise docs to use keystoneclient.middleware.auth_token + Fix live ldap tests + Support for LDAP groups (bug #1092187) + Correct spacing in warning msg + Validate domains unconditionally (bug 1130236) + Prohibit V3 V2 token intermix for resource in non-default domain (bug 1157430) + Properly handle emulated ldap enablement + Wrap config module and require manual setup (bug 1143998) + Enable emulation for domains + Allow trusts to be optional + Version bump to 2013.2 + Add a dereference option for ldap + Move trusts to extension + Make versions aware of enabled pipelines. + Imported Translations from Transifex + Rework S3Token middleware tests. + Rename trust extension.
* Mon Mar 18 2013 speilickeAATTsuse.com- Drop +git.$TIMESTAMP.$COMMITHASH version suffix
* Sun Mar 17 2013 dmuellerAATTsuse.com- Update to version 2013.1.a301.g16b4643+git.1363519715.16b4643: + Explain LDAP page_size & default value + Catch and log server exceptions + Filter out legacy_endpoint_id (bug 1152635) + Ensure tokens are revoked for relevant v3 api calls + Switch to final 1.1.0 oslo.config release + Added test cases to improve LDAP project testing + Migrate roles from metadata to user_project_metadata + duplicated trust tests + quiet route logging on skipped tests + Remove TODO that didn\'t land in grizzly + No parent exception to wrap + Remove duplicate password/token opts. + Fixes bug 1151747: broken XML translation for resource collections + xml_body returns backtrace on XMLSyntaxError + extracting user and trust ids into normalized fields + Discard null endpoints (bug 1152632)- remove keystone-cs24277.diff:
* merged upstream
* Wed Mar 13 2013 dmuellerAATTsuse.com- add keystone-cs24277.diff:
* make keystone start again
* Wed Mar 13 2013 cloud-develAATTsuse.de- Update to version 2013.1.a271.g45228ca+git.1363133844.45228ca: + cleanup trusts in controllers + remove spurious roles check + add belongs_to check + Improve tests for api protection and filtering
* Tue Mar 12 2013 dmuellerAATTsuse.com- require python-oslo.config
* Tue Mar 12 2013 cloud-develAATTsuse.de- Update to version 2013.1.a263.g09e2fc7+git.1363047056.09e2fc7: + Make getting user-domain roles backend independant + Make Keystone return v3 as part of the version api + bug 1133526 + Run keystone server in debug mode. + Fix folsom -> grizzly role table migration issues (bug 1119789) + Revert \"from tests import\" + Revert \"update tests/__init__.py to verify openssl version\"
* Mon Mar 11 2013 cloud-develAATTsuse.de- Update to version 2013.1.a251.g59757f6+git.1362995983.59757f6: + Unpin pam dependency version + Sync timeutils with oslo + Remove obsolete
*page[_marker] methods from LDAP backend. + bug 1134802: fix inconsistent format for expires_at and issued_at + Trusts + Expand v3 trust test coverage + keystone : Use Ec2Signer utility class from keystoneclient + remove unused import + Move auth plugins to \'keystone.auth.plugins\' (bug 1136967) + ports should be ints in config (bug 1137696) + mark 2.0 API as stable + Straighten out NotFound raising in LDAP backend. + fix typo in kvs backend + Move get_by_name to LdapBase. + Remove unused methods from LDAP backed. + return 201 Created on POST request (bug1131119) + Delete tokens for user + unable to load certificate should abort request + add missing attributes for group/project tables (bug1126021) + v3 endpoints won\'t have legacy ID\'s (bug 1150930) + Change exception raised to Forbidden on trust_id + from tests import
* Fri Mar 08 2013 vuntzAATTsuse.com- Fix ownership of /var/log/keystone/keystone.log after call to \"keystone-manage pki_setup\" in %post: if the package is installed for the first time, the log file is owned by root, which breaks keystone (since it can\'t write to the log file).
* Thu Mar 07 2013 bwiedemannAATTsuse.com- fix logging.conf to be about keystone and have absolute path
* Tue Mar 05 2013 cloud-develAATTsuse.de- Update to version 2013.1.a210.g2515d1b+git.1362504154.2515d1b: + Ensure keystone unittests do not leave CONF.policyfile in bad state + Move handle_conflicts decorator into sql + flatten payload for policy + Convert api to controller + bug 1131840: fix auth and token data for XML translation + domain_id_attributes in config.py have wrong default value + command line switch for short pep8 output. + Setup logging in keystone-manage command. + Imported Translations from Transifex + Enable a parameters on ldap to allow paged_search of ldap queries This fixes bug 1083463 + update tests/__init__.py to verify openssl version
* Mon Mar 04 2013 iartarisiAATTsuse.com- Move python-ldap requirement to python-keystone subpackage
* Thu Feb 28 2013 dmuellerAATTsuse.com- Fix last change
* Mon Feb 25 2013 saschpeAATTsuse.de- Ghost /var/run/keystone
* Mon Feb 25 2013 saschpeAATTsuse.de- Drop sysconfig from init scripts
* Sun Feb 24 2013 dmuellerAATTsuse.com- Update to version 2013.1.a191.g30dbb74+git.1361731931.30dbb74: + Remove test_auth_token_middleware + Silence routes internal debug logging + Workaround Migration issue with PostgreSQL + Add pysqlite as explicit test dep + project membership to role conversion + Remove usage of UserRoleAssociation.id in LDAP + Add an update option to run_tests.sh + make fakeldap._match_query work for an arbitrary number of groups + Update sample_data.sh to match docs + Use oslo-config-2013.1b3 + Remove old, outdated keystone devref docs + Implement name space for domains + Update the Keystone policy engine to the latest openstack common + Ensure user and tenant enabled in EC2 + merging in fix from oslo upstream + Disable XML entity parsing + make LDAP query scope configurable + enabled attribute emulation support + v3 token API + Pass query filter attributes to policy engine + Removed redundant assertion + Update oslo-config version. + domain-scoping + Fix id_to_dn for creating objects + Tests for domain-scoped tokens + Change the default LDAP mapping for description. + Correct SQL migration 017 column name
* Fri Feb 22 2013 saschpeAATTsuse.de- Require openstack-suse-macros instead of openstack-common-macros
* Thu Feb 21 2013 iartarisiAATTsuse.com- added oslo-config requirement
* Mon Feb 18 2013 saschpeAATTsuse.de- Init script cleanup: + Drop useless shell variables + Don\'t depend on $network facility, we already have $remote_fs (comes after $network) + Source /etc/sysconfig/openstack-keystone (if available), orthogonal to the other init scripts we provide. We\'re not using this feature ATM though- Default configuration cleanup: + Use openstack-utils to set as much default values in the package as possible (instead of patch/sed/...). Some may be overwritting later on by, .e.g., crowbar- More useful lograte configuration: + Compress + Make sure to keep log files for at least 90 days (i.e. rotate 15 + weekly = 15 weeks). + Add size=1M to avoid getting DoS\'ed by wild daemons + Use copytruncate instead of create+postrotate+sharedscripts to avoid a daemon restart
* Mon Feb 18 2013 cloud-develAATTsuse.de- Update to version 2013.1.a138.g5a8682d+git.1361180251.5a8682d: + fix unit test when memcache middleware is not configured + Fix bugs with set ldap password. + Cleaned up keystone-all --help output + add missing kvs functionality (bug1119770) + remove unneeded config reloading (it\'s already done during setUp) + Update to oslo version code.
* Thu Feb 14 2013 iartarisiAATTsuse.com- Remove unused/upstreamed patches for requests and LDAP scope
* Thu Feb 14 2013 iartarisiAATTsuse.cz- Update keystone-hybrid-backend to fix unit tests- Update to version 2013.1+git.1360841915.901d079: + Fix normalize identity sql ugrade for Mysql and postgresql + Sync latest cfg from oslo-incubator + Update .coveragerc + Query only attributes strictly required for keystone when using it with existing LDAP servers + remove duplicate model declaration/attribution + import tools/flakes from oslo + Expand dependency injection test coverage + simplify query building logic + Generate apache-style common access logs + Add missing log_format, log_file, log_dir opts. + allow unauthenticated connections to an LDAP server + Missed import for IPv6 tests skip. + Spell accommodate correctly. + Use install_venv_common.py from oslo. + Keystone backend preparation for domain-scoping + Fix spelling mistakes + Fix test_contrib_s3_core unit test + add check for config-dir parameter (bug1101129) + don\'t create a new, copied list in get_project_users + Tenant update on LDAP breaks if there is no update to apply + adding additional backend tests (bug1101244)
* Tue Feb 12 2013 dmuellerAATTsuse.com- add service-endpoints for Quantum
* Mon Feb 11 2013 dmuellerAATTsuse.com- Update to version 2013.1+git.1360597319.c05041e: + Add --keystone-user/group to keystone-manage pki_setup + UserApi.update not to require all fields in arg + return 400 Bad Request if invalid params supplied (bug1061738) + Relational API links + Adds png versions of all svg image files. Changes reference.
* Mon Feb 11 2013 dmuellerAATTsuse.com- Remove lp-bug-1031372.patch:
* Merged upstream
* Thu Feb 07 2013 iartarisiAATTsuse.com- use in-memory database for hybrid backend unit-tests
* Wed Feb 06 2013 iartarisiAATTsuse.com- re-enable hybrid backend
* Wed Feb 06 2013 cloud-develAATTsuse.de- Update to version 2013.1+git.1360164508.8ec247b: + Document user group LDAP options + Why .pop()\'ing urls first is important + Imported Translations from Transifex + Delete Roles for User and Project LDAP + Fixes \'not in\' operator usage + Add size validations to token controller.
* Mon Feb 04 2013 dmuellerAATTsuse.com- Update to version 2013.1+git.1359979034.4722c84: + Updates migration 008 to work on PostgreSQL. + Create a default domain (bp default-domain) + tenant to project in the apis + Tenant to Project in Back ends + Enable/disable domains (bug 1100145) + Readme: use \'doc\' directory not \'docs\'
* Thu Jan 31 2013 dmuellerAATTsuse.com- Add lp-bug-1031372.patch: Rework the way pki_setup is used
* Mon Jan 28 2013 saschpeAATTsuse.de- Add keystone-requests-compat.patch: Compatiblity with requests>=1.0
* Mon Jan 28 2013 dmuellerAATTsue.com- Update to version 2013.1+git.1359377368.56f194a: + rename tenant to project in sql + Fix pep8 error.
* Wed Jan 23 2013 cloud-develAATTsuse.de- Update to version 2013.1+git.1358959177.7691276: + Limit the size of HTTP requests.
* Wed Jan 23 2013 saschpeAATTsuse.de- Clean up %config(noreplace), only logrotate config and
*.conf files should be noreplace
* Tue Jan 22 2013 dmuellerAATTsuse.com- use pki_setup to setup initial public/private key pair
* Mon Jan 21 2013 dmuellerAATTsuse.com- Update to version 2013.1+git.1358761910.8748cfa: + Allow running of sql against the live DB. + Test that you can undo & re-apply all migrations + downgrade user and tenant + Auto-detect max SQL migration + Safer data migrations + Sync base identity Driver defs with SQL driver + Fix i18n of string templates. + Enhance wsgi to listen on ipv6 address + add database string field length check + Autoload schema before creating FK\'s (bug 1098174) + Enable exception format checking in the tests. + reorder tables for delete
* Wed Jan 16 2013 dmuellerAATTsuse.com- copy example ssl cert to the place where keystone expects it- remove apache2 ssl/wsgi wrapper, keystone can do SSL on its own
* Mon Jan 14 2013 saschpeAATTsuse.de- Update to version 2013.1+git.1358172938.ceec5c0: + Validated URLs in v2 endpoint creation API + Fixes import order nits + Cleanup keystoneclient testing requirements + Correct spelling errors / typos in test names + Keystone server support for user groups + Add missing .po files to tarball + adds keyring to test-requires + Revert \"shorten pep8 output\" + Upgrade WebOb to 1.2.3 + il8n some strings + Imported Translations from Transifex + Removed unused variables + Removed unused imports + Add pyflakes to tox.ini + Fix spelling typo + shorten pep8 output + Driver registry + Adding a means to connect back to a pydevd debugger. + add in pip requires for requests + Split endpoint records in SQL by interface + Fix typo s/interalurl/internalurl/ + module refactoring + Test for content-type appropriate 404 (bug 1089987) + Imported Translations from Transifex + fixing bug 1046862 + Expand default time delta (bug 1089988) + Add tests for contrib.s3.core. + Test drivers return HTTP 501 Not Implemented + Support non-default role_id_attribute + Remove swift auth. + Move token controller into keystone.token + Import pysqlite2 if sqlite3 is not available. + Remove mentions of essex in docs (bug 1085247) + Ensure serviceCatalog is list when empty, not dict + Adding downgrade steps for migration scripts. + Port to argparse based cfg + Only \'import
*\' from \'core\' modules + use keystone test and change config during setUp + Bug 1075090 -- Fixing log messages in python source code to support internationalization. + Added documentation for the external auth support + check the redirected path on the request, not the response + Validate password type (bug 1081861) + split identities module into logical parts remove unneeded imports from core + Ensure token expiration is maintained (bug 1079216) + normalize identity + Fixes typo in keystone setup doc + Imported Translations from Transifex + Stop using cfg\'s internal implementation details + syncing run_tests to match tox + Expose auth failure details in debug mode + Utilize policy.json by default (bug 1043758) + Wrap v3 API with RBAC (bug 1023943) + v3 Identity + v3 Catalog + v3 Policies + Import auth_token middleware from keystoneclient + Imported Translations from Transifex + Refix transient test failures + Make the controller addresses configurable. + Expose authn/z failure info to API in debug mode + Refactor TokenController.authenticate() method. + Fix error un fixtures. + Ensures User is member of tenant in ec2 validation + Properly list tokens with a null tenant + Reduce total number of fixtures + Provide config file fields for enable users in LDAP backend (bug1067516) + populate table check. + Run test_keystoneclient_sql in-memory + Make tox.ini run pep8 checks on bin. + tweaking docs to fix link to wiki Keystone page + Various pep8 fixes for keystone. + Use the right subprocess based on os monkeypatch + Fix transient test failures (bug 1077065, bug 1045962) + Rewrite initial migration + Fix default port for identity.internalURL + Improve feedback on test failure + fixes bug 1074172 + SQL upgrade test. + Include \'extra\' attributes twice (bug 1076120) + Return non-indexed attrs, not \'extra\' (bug 1075376) + bug 1069945: generate certs for the tests in one place + monkeypatch cms Popen + HACKING compliance: consistent use of \'except\' + auth_token hash pki key PKI tokens on hash in memcached when accessed by auth_token middelware + key all backends off of hash of pki token. + don\'t import filter_user name, use it from the identity module + don\'t modify the passed in dict to from_dict + move hashing user password functions to common/utils + ignore .tox directory for pep8 in runtests + Imported Translations from Transifex + Implements REMOTE_USER authentication support. + pin sqlalchemy to 0.7 + Move \'opentack.context\' and \'openstack.params\' definitions to keystone.common.wsgi + Removes duplicate flag for token_format. + Raise exception if openssl stderr indicates one. + Ignore keystone.openstack for PEP8 + Fixed typo in log message + Fixes 500 err on authentication for invalid body + Enable Deletion of Services with Endpoints + Exception.message deprecated in py26 (bug 1070890) + Utilize logging instead of print() + stop LdapIdentity.create_user from returning the user\'s password + Compare token expiry without seconds + Moved SQL backend tests into memory + Add trove classifiers for PyPI + Adding handling for get user/tenant by name + Fixed bug 1068851. Refreshed new crypto for the SSL tests. + move filter_user function to keystone.identity.core + Fixes response for missing credentials in auth + making PKI default token type + Fixes Bug 1063852 + bug 1068674 + Update common. + Extract hardcoded configuration in ldap backend (bug 1052111) + Fix Not Found error, when router not match. + add --config-dir=DIR for keystone-all option + Add --config-dir=DIR in OPTIONS + Delete role does not delete role assignments in tenants (bug 1057436) + replacing PKI token detection from content length to content prefix. (bug 1060389) + Document PKI configuration and management + Raise if we see incorrect keyword args \"condition\" or \"methods\" + Filter users in LDAP backend (bug 1052925) + Use setup.py develop to insert code into venv. + Raise 400 if credentials not provided (bug 1044032) + Fix catalog when services have no URL + Unparseable endpoint URL\'s should raise friendly error + Configurable actions on LDAP backend in users Active Directory (bug 1052929) + Unable to delete tenant if contains roles in LDAP backend (bug 1057407) + Replaced underscores with dashes + fixes bug 1058429 + Command line switch for standard threads. + Remove run_test.py in favor of stock nose. + utf-8 encode user keys in memcache (bug 1056373) + Convert database schemas to use utf8 character set. + Return a meaningful Error when token_id is missing + Backslash continuation cleanup + notify calling process we are ready to serve + add Swift endpoint in sample data + Updated Fix for duplicated entries on LDAP backend for get_tenant_users + Fix wsgi config file access for HTTPD + Bump version to 2013.1 + add Quantum endpoint in sample data + Add XML namespace support for OSADM service api. + Identity API v3 Config, Routers, Controllers- Updated requirements- Dropped patches (merged upstream): + keystone-certs-test.patch + keystone-sql-backend-from_dict.patch + keystone-webob-empty-resp-environ.patch- Dropped FIX-BUILD.patch, we should fix that finally- Disabled hybrid LDAP backend
* Fri Jan 11 2013 iartarisiAATTsuse.com- revert %setup to also unpack hybrid backend tarball
* Fri Jan 11 2013 iartarisiAATTsuse.com- update and re-enable backend hybrid code:
* use sample config for testing
* raise errors in user retrieval code instead of returning None
* Fri Jan 11 2013 saschpeAATTsuse.de- Require WebTest instead of webtest in the test sub-package
* Thu Jan 10 2013 saschpeAATTsuse.de- Add logrotate configuration
* Wed Jan 09 2013 bwiedemannAATTsuse.com- package sample_data.sh for use in quickstart script
* Wed Dec 19 2012 saschpeAATTsuse.de- Move to obs-service-git_tarballs- Update to version 2012.2.3+git.1355917214.0c8c2a3: + Merge commit \'refs/changes/01/17901/1\' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom + Bump next version to 2012.2.3 + Ensure serviceCatalog is list when empty, not dict
* Mon Dec 10 2012 saschpeAATTsuse.de- Update to version 2012.2.1+git.1354224563.7869c3e: + lp#1064914 Removing user from a tenant isn\'t invalidating user access to tenant + lp#1073569 Jenkins jobs fail because of incompatibility between sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1 + lp#1078497 keystone throws error when removing user from tenant. + lp#1060389 Non PKI Tokens longer than 32 characters can never be valid + lp#1068851 Openssl tests rely on expired certificate + lp#1079216 token expires time incorrect for auth by one token + lp#968519 Object reference validation should occur in drivers + lp#1068674 Redo part of bp/sql-identiy-pam undone by bug 968519
* Wed Dec 05 2012 saschpeAATTsuse.de- Use AATTPARENT_TAGAATT in _service file to automate versioning
* Mon Dec 03 2012 iartarisiAATTsuse.com- fix unittest failure with ssl certificates
* Fri Nov 30 2012 iartarisiAATTsuse.com- fix unittest failure on our version of webob
* Thu Nov 22 2012 iartarisiAATTsuse.com- fix typo in passlib dependency package name
* Thu Nov 22 2012 saschpeAATTsuse.de- Split of doc package into seperate spec file- Comment out hybrid_backend parts for now to fix build- Re-arranged %build section to match other packages- Removed a whole bunch of unneded build requirements- Updated requirements for python module and test sub-packages
* Wed Nov 21 2012 iartarisiAATTsuse.com- disable keystone-hybrid-backend source service
* Tue Nov 20 2012 iartarisiAATTsuse.com- Add source service for keystone-hybrid-backend- Update to latest git (f65604d): + Ensures User is member of tenant in ec2 validation
* Thu Nov 15 2012 saschpeAATTsuse.de- Use openstack-macros
* Thu Nov 08 2012 saschpeAATTsuse.de- Fix malformed changes file entries
* Thu Nov 08 2012 saschpeAATTsuse.de- Update to version 2012.2 (Folsom): + See https://github.com/openstack/keystone/commits/folsom-3- Drop the following upstreamed patches: + keystone-ldap-no-authentication.patch + keystone-log-warn-auth-errors.patch- Rebased the following patches: + keystone-sql-backend-from_dict.patch + keystone-hybrid-conf-scope.patch- BuildRequire python-pam for man-page build- Install new man-pages keystone-all.1 and keystone-manage.1- Introduce temporary FIX-BUILD.patch
* Thu Nov 08 2012 saschpeAATTsuse.de- Drop from_vcs build flag
* Wed Oct 31 2012 saschpeAATTsuse.de- Drop temporary fixes for file permissions and attributes in %post section. They were necessary only to migrate from pre-1.0 packages.
* Tue Oct 16 2012 iartarisiAATTsuse.cz- patch sql backend\'s from_dict method to not modify the content of the passed in dict (lp:1066851)
* Wed Oct 10 2012 iartarisiAATTsuse.cz- add hybrid backend test configuration file
* Wed Oct 10 2012 iartarisiAATTsuse.cz- make user search ldap SCOPE configurable in the hybrid backend
* Mon Oct 08 2012 iartarisiAATTsuse.cz- fix LDAP bind with dinamically found user DN
* Fri Oct 05 2012 iartarisiAATTsuse.cz- hybrid backend fixes: + use the DN for the user we just signed in to check for password + fix invalid user error (bnc#783200)
* Tue Oct 02 2012 iartarisiAATTsuse.cz- fix checking for SQL user passwords in the hybrid backend bnc#783036
* Mon Oct 01 2012 jenkinsAATTsuse.de- Update to latest git (0e1f05e): + utf-8 encode user keys in memcache (bug 1056373)
* Wed Sep 26 2012 jdsnAATTsuse.de- make init script start after database (bnc#781798)
* Sun Sep 16 2012 jenkinsAATTsuse.de- Update to latest git (176ee9b): + Require authz to update user\'s tenant (bug 1040626) + List tokens for memcached backend + Delete user tokens after role grant/revoke + Limit token revocation to tenant (bug 1050025)
* Wed Sep 12 2012 vuntzAATTsuse.com- Do not use a sed to modify /usr/bin/gensslcert in %post: this file belongs to another package, and we actually don\'t do any change with the sed... Fix bnc#779747.
* Mon Sep 10 2012 vuntzAATTsuse.com- Add keystone-fix-revoke.patch: fix revoking of roles to also invalidate already existing tokens. Fix bnc#779477, CVE-2012-4413.
* Tue Aug 28 2012 cthielAATTsuse.com- Require authz to update user\'s tenant (lp#1040626, bnc#777664)
* Fri Aug 24 2012 bwiedemannAATTsuse.com- mark hybrid_config.py as config
* Thu Aug 23 2012 jenkinsAATTsuse.de- Update to latest git (a16a0ab): + Allow overloading of username and tenant name in the config files. + Returning roles from authenticate in ldap backend
* Tue Aug 14 2012 iartarisiAATTsuse.cz- Add hybrid identity backend
* Tue Aug 14 2012 iartarisiAATTsuse.cz- Add patch to log all Unauthorized exceptions (authentication failures). Discussed in bnc#753329.
* Fri Aug 10 2012 jenkinsAATTsuse.de- Update to latest git (359c426): + Open 2012.1.3 development
* Wed Aug 08 2012 jenkinsAATTsuse.de- Update to latest git (afc37ae): + Open 2012.1.2 development
* Tue Aug 07 2012 bwiedemannAATTsuse.com- drop executable bit from config file
* Tue Jul 31 2012 jenkinsAATTsuse.de- Update to latest git (f65604d): + fix variable names to coincide with the ones in common.ldap + Import ec2 credentials from old keystone db + Raise unauthorized if tenant disabled (bug 988920)
* Tue Jul 31 2012 iartarisiAATTsuse.cz- Remove fix-ldap-varnames patch after being accepted upstream
* Wed Jul 25 2012 saschpeAATTsuse.de- Secure file permissions for Apache SSL certificate files
* Thu Jul 19 2012 cthielAATTsuse.com- drop keystone-cleanup-user-tenant-deletion.patch, which has been merged upstream: https://review.openstack.org/#/c/7482/
* Tue Jul 17 2012 saschpeAATTsuse.de- Fix WSGI app names, use the \'composite\' apps to get the correct routes mapping
* Tue Jul 17 2012 saschpeAATTsuse.de- Forward keystone WSGI log events to mod_wsgi
* Tue Jul 17 2012 iartarisiAATTsuse.cz- Fix some variable names in the LDAP backend which were causing NameErrors- Don\'t require authentication for LDAP
* Mon Jul 16 2012 iartarisiAATTsuse.cz- Fix bnc#755426 cleanup dependent data upon user/tenant deletion
* Mon Jul 09 2012 saschpeAATTsuse.de- Provide Apache2 SSL-proxy example configuration based on mod_wsgi- Provide self-signed SSL certificates to be used for non-production setups (like openstack-quickstart)- Fix /var/lib/keystone permissions to 0755
* Mon Jul 02 2012 saschpeAATTsuse.de- Drop runtime requirement on openstack-glance- Change requirement for openstack-swift to python-swift, keystone only seems to use it in the S3-compatibility code- Change requirement for openstack-nova to python-nova, keystone only seems to use it in the EC2-compatibility code
* Wed Jun 27 2012 saschpeAATTsuse.de- Change versioning scheme to $release+git.$AUTHORDATE.$COMMITREV- Simplify from_vcs macros
* Wed Jun 27 2012 vuntzAATTsuse.com- Really drop unused disable-tests.patch: not needed anymore.
* Tue Jun 26 2012 saschpeAATTsuse.de- Consistent package summaries- Use upstream description and correct URL- Macro cleanup: + Package is noarch except for SLE-11 + No need to redefine %_initddir, SLE-11 works correctly
* Mon Jun 25 2012 saschpeAATTsuse.de- Also install documentation and manpage when build- No need for \"fixing\" the %_initddir macro
* Tue Jun 12 2012 saschpeAATTsuse.de- Use \'openstack-keystone\' system user instead of \'keystone\'
* Wed Jun 06 2012 saschpeAATTsuse.de- Add %restart_on_update to %post section for openstack-keystone (daemons should be restarted after package update)- Fix some rpmlint warnings- Added rpmlintrc for non-issues
* Thu May 24 2012 jfehligAATTsuse.com- Add \'Requires: python >= 2.6.8\' to openstack-keystone and python-keystone subpackage
* Thu Mar 29 2012 bwiedemannAATTsuse.com- use latest upstream default_catalog.templates to fix nova-volume problems
* Tue Feb 14 2012 bwiedemannAATTsuse.com- run as keystone user
* Wed Feb 08 2012 rhaferAATTsuse.de- Updated to the lastest git checkout
* Thu Jan 26 2012 rhaferAATTsuse.de- Fixed try-restart implementation in init-script
* Thu Jan 26 2012 rhaferAATTsuse.de- Fixed init script dependencies
* Thu Jan 26 2012 rhaferAATTsuse.de- removed no longer needed workaround for lp#921054- patch for lp#921634 is upstreamed- refreshed config file patch
* Tue Jan 24 2012 rhaferAATTsuse.de- Added workaround for doc/, examples/ and tools/ dirs showing up in site-packages/ (https://bugs.launchpad.net/keystone/+bug/921054)- Include examples into the -doc subpackage
* Tue Jan 24 2012 rhaferAATTsuse.de- cleaned up more dependencies
* Mon Jan 23 2012 rhaferAATTsuse.de- run testsuite during build
* Fri Jan 20 2012 rhaferAATTsuse.de- Updated to today\'s git snapshot- Removed some unneeded conditionals- Updated dependencies
* Mon Jan 16 2012 prusnakAATTopensuse.org- fix initscript scriptlets
* Tue Jan 10 2012 bwiedemannAATTsuse.com- use spdx.org License name Apache-2.0
* Tue Dec 13 2011 mlinAATTsuse.com- Enabled build from git- Removed unnecessary dependencies- Separate python-keystone- Fix rpmlint warning- Enabled build for Fedora
* Mon Dec 05 2011 prusnakAATTopensuse.org- added preun and postun sections to handle initscripts
* Mon Dec 05 2011 prusnakAATTopensuse.org- spec cleanup
  
ICM