Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Nov 28, 2012
  1. @dolph @ttx

    Ensure token expiration is maintained

    dolph authored ttx committed
    Ensure token expiration is maintained. Fixes bug 1079216.
    
    Change-Id: I0ce53f106ab6d95916fdc9797cb9d8bf09132a91
Commits on Nov 20, 2012
  1. @openstack-gerrit

    Merge "Properly list tokens with a null tenant" into stable/folsom

    Jenkins authored openstack-gerrit committed
Commits on Nov 16, 2012
  1. @vishvananda @ttx

    Ensures User is member of tenant in ec2 validation

    vishvananda authored ttx committed
    It is possible that a user is no longer a member of a tenant when
    they attempt to use an ec2 token. This checks to make sure that
    the user still has at least one valid role in the tenant before
    authenticating them. This should automatically work for the s3
    version as well since it is a subclass.
    
    Fixes bug 1064914
    
    Change-Id: Ieb237bae936a7b00ce7ba4d4c59aec6c7a69ec21
Commits on Nov 15, 2012
  1. @vishvananda @dolph

    Properly list tokens with a null tenant

    vishvananda authored dolph committed
    We store the tenant as a null value in json, so checking to see
    if it exists is not sufficient. This makes the check safer, checking
    for existance and not null before continuing.
    
    Fixes bug 1078497
    
    Change-Id: Ida1b958e5df6f93a30efae0d3f71df668751ff81
Commits on Nov 1, 2012
  1. @openstack-gerrit

    Merge "bug 1068674" into stable/folsom

    Jenkins authored openstack-gerrit committed
Commits on Oct 31, 2012
  1. @mapleoin @sdague

    pin sqlalchemy to 0.7

    mapleoin authored sdague committed
    sqlalchemy 0.8.0b1 breaks some dependencies such as sqlalchemy-migrate, pin the version until we fix them
    
    Fixes bug #1073569
    
    Change-Id: I6620276bf8f0a7cbc1d51aa226cd33c512e59a48
Commits on Oct 25, 2012
  1. @krtyyy @heckj

    bug 1068674

    krtyyy authored heckj committed
    Redo part of bp/sql-identiy-pam that was accidently undone by bug 968519.
    
    We encapsulated the call to utils.check_password with a local method,
    _check_password, to make it easier to subclass Identity. This allows us
    to use a different password checker without having to replace the entire
    authenticate method in our code.  The fix for 968519 accidently removed
    the call to the local method. *This* fix puts that call back in.
    
    Updating comment because Jenkins failed due to build timeout in
    unrelated test.
    
    (cherry picked from commit 0dc2e9c)
    
    Change-Id: I69a3ba2d5a62e4c600edab7ef2cc07413c7360cc
  2. @radez @heckj

    replacing PKI token detection from content length to content prefix. …

    radez authored heckj committed
    …(bug 1060389)
    
    Change-Id: I68b0e4126f2e339c04271fd982f5f5dab198c630
Commits on Oct 23, 2012
  1. @guangyee @gerardo8a

    Fixed bug 1068851. Refreshed new crypto for the SSL tests.

    guangyee authored gerardo8a committed
    Change-Id: Ib37547923a9da347835a9b2c51deae6b954e1ead
    (cherry picked from commit 4f71ec9)
Commits on Oct 13, 2012
  1. @markmc

    Set defaultbranch in .gitreview to stable/folsom

    markmc authored
    This allows people run git-review without any arguments.
    
    Change-Id: I2b2488ffffd783b64e5c760324e7d4a00d5a39db
Commits on Sep 28, 2012
  1. @ttx

    Bump next version to 2012.2.1

    ttx authored
    Open stable/folsom by bumping next version to 2012.2.1.
    
    Change-Id: I9a705c14ac821cca48cb769d5c6cd9f7ae760f6f
Commits on Sep 25, 2012
  1. @dolph @heckj

    utf-8 encode user keys in memcache (bug 1056373)

    dolph authored heckj committed
    Change-Id: I026dd4282742213e69c7aa02e109439b07a73c8e
    (cherry picked from commit 431e50a)
Commits on Sep 13, 2012
  1. @openstack-gerrit

    Merge "Limit token revocation to tenant (bug 1050025)"

    Jenkins authored openstack-gerrit committed
  2. @dolph

    Limit token revocation to tenant (bug 1050025)

    dolph authored
    Change-Id: I7ebe0192b4900ad9475119a6d582233b37b31fb4
  3. @dolph

    Fixed trivally true tests (bug 983304)

    dolph authored
    Change-Id: I3c66092ce54cab6d972f78857b4c386b69dcabe3
  4. @openstack-gerrit

    Merge "Implement token endpoint list (bug 1006777)"

    Jenkins authored openstack-gerrit committed
  5. @openstack-gerrit

    Merge "LOG.warn all exception.Unauthorized authentication failures"

    Jenkins authored openstack-gerrit committed
  6. @openstack-gerrit

    Merge "Document memcached host system time configuration."

    Jenkins authored openstack-gerrit committed
Commits on Sep 12, 2012
  1. @openstack-gerrit

    Merge "LDAP backend attribute fixes"

    Jenkins authored openstack-gerrit committed
  2. @dolph @ttx

    Delete user tokens after role grant/revoke

    dolph authored ttx committed
    Delete user tokens when a new role is granted or revoked, in order to
    prevent old tokens to continue to be valid for the original set of
    roles for the remainder of the token's lifespan.
    
    Addresses CVE-2012-4413.
    Fixes bug 1041396.
    
    Change-Id: Iecf891f274b67408f568b949a7028362c4c30312
Commits on Sep 11, 2012
  1. @dyarnell

    LDAP backend attribute fixes

    dyarnell authored Adam Young committed
    R Boden and Adam Young assissted on this patch.
    
    There are two issues with the TenantAPI for the ldap Identity.
    
    There is a mistaken attribute_mapping entry, which was mapping
    'description' into 'desc'. Per RFC 2256 there should be no need to map
    this as the attribute as it is already 'description' in the LDAP
    schema. I am not aware of any other schema that would use 'desc'
    attribute for a 'groupOfNames' object.
    
    Since there is no support (yet) for users, tenants or roles to be
    enabled/disabled there needs to be a attribute_ignore set for the
    'enabled' attribute.
    
    Bug 980085
    
    Change-Id: I40afa7a1345c45c119e699bf4fd4c99652f66c2f
  2. Document memcached host system time configuration.

    Maru Newby authored
     * Addresses 1022614
    
    Change-Id: I81617c4eecd6fdfdb3f01eb674f7308d9c93baaa
  3. @openstack-gerrit

    Merge "Implementation of tenant,user,role list functions for ldap"

    Jenkins authored openstack-gerrit committed
Commits on Sep 10, 2012
  1. @openstack-gerrit

    Merge "Cleanup PEP8 errors from Common"

    Jenkins authored openstack-gerrit committed
  2. @dyarnell

    Implementation of tenant,user,role list functions for ldap

    dyarnell authored Adam Young committed
    Bug 983304
    
    Defines functions for the retrival and return of the tenant, user and
    role objects in ldap.  They will return in whatever order LDAP provides
    them.
    
    Additional fix for pep8 whitespace violation.
    
    Additional change to add some minimal unit tests for the new functions
    Tests have successfully run against a live LDAP server
    
    Change-Id: I368ae4097bb9bcdaab7bca0ccc2f9204d58f69d8
  3. @openstack-gerrit

    Merge "Initialize Metadata variable"

    Jenkins authored openstack-gerrit committed
  4. @openstack-gerrit

    Merge "PEP8 fix E251"

    Jenkins authored openstack-gerrit committed
Commits on Sep 8, 2012
  1. Initialize Metadata variable

    Adam Young authored
    Otherwise, Metadata hands back as None, which breaks later on in the
    Authentication process. This is how the SQL backend worksi as well.
    
    Bug 1047848
    
    Change-Id: I53022bff73267c9526d69e1d2c8ec3c87b3b89fe
Commits on Sep 7, 2012
  1. Cleanup PEP8 errors from Common

    Adam Young authored
    Change-Id: Ibd4fec8b38ba33168c271a8efed65dbf598bd372
Commits on Sep 6, 2012
  1. List tokens for memcached backend

    Adam Young authored
    Creates and updates an index of tokens in a memcache entry keyed
    by the user id
    
    Bug 1046905
    
    Change-Id: If11d6b87b0a8ae5f8349f1ebb31790e943c70fbf
  2. @openstack-gerrit

    Merge "Sync some misc changes from openstack-common"

    Jenkins authored openstack-gerrit committed
  3. @openstack-gerrit

    Merge "Sync latest cfg from openstack-common"

    Jenkins authored openstack-gerrit committed
  4. @dolph

    Implement token endpoint list (bug 1006777)

    dolph authored
    Change-Id: Ia7dad06ec763994ce0beb171c481ab01c20af6cb
  5. Ignore eclipse files.

    Adam Young authored
    Change-Id: I3a9bb25b1fbdc696cee45e97e67dfb9af35e7718
Commits on Sep 5, 2012
  1. @markmc

    Sync some misc changes from openstack-common

    markmc authored
    Syncs the following changes from stable/folsom:
    
     769ec65 Don't trap then re-raise ImportError.
     202b8b7 Fix spelling typos
     01b4f31 Support for marshalling datetime while preserving microseconds.
     c11a0d4 Remove unused imports
     9e1bd9d Add missing convert_instances arg.
     2d6f847 Track to_primitive() depth after iteritems().
     8c74b37 Improve exception from importutils.import_class().
     1fb2361 add import_object_ns function
    
    Change-Id: Id5885f4a00207cf70f15f195a154c45903111b8b
Something went wrong with that request. Please try again.