OpenStack Identity (keystone)

OpenStack Identity (keystone) 2012.2 "folsom"

Series folsom
2012.2 "folsom"

Milestone information

Project:: OpenStack Identity (keystone)

Series:: folsom

Version:: 2012.2

Code name:: folsom

Released:: 2012-09-27

Registrant:: Thierry Carrez

Release registered:: 2012-09-27

Active:: No. Drivers cannot target bugs and blueprints to this milestone.

Download RDF metadata

Activities

Assigned to you:: No blueprints or bugs assigned to you.

Assignees:: 1 Adam Gandelman, 11 Adam Young, 2 Alan Pevec, 1 Andrew Bogott, 3 Bernhard M. Wiedemann, 4 Bhuvan Arumugam, 6 Chmouel Boudjnah, 7 Dan Prince, 1 Dean Troyer, 5 Derek Higgins, 34 Dolph Mathews, 1 Everett Toews, 1 Ionuț Arțăriși, 1 Jay Pipes, 1 Johannes Erdfelt, 5 Joseph Heck, 1 Josh Kearney, 2 Ken Thomas, 1 Lin Hua Cheng, 3 Mark McLoughlin, 3 Maru Newby, 1 Mohammed Naser, 1 Monty Taylor, 1 Pádraig Brady, 4 Rafael Durán Castañeda, 1 Registry Administrators, 1 Rongze Zhu, 1 Sam Morrison, 2 Thierry Carrez, 3 Unmesh Gurjar, 2 Vincent Untz, 6 Zhongyue Luo, 1 xyj

Blueprints:: 8 Implemented

Bugs:: 119 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File	Description	Downloads
keystone-2012.2.tar.gz (md5, sig)	Keystone "Folsom" release	2,267 last downloaded 24 hours ago
Total downloads:		2,267

Release notes

This is Keystone 2012.2 release.
See http://wiki.openstack.org/ReleaseNotes/Folsom

Changelog

This release does not have a changelog.

8 blueprints and 119 bugs targeted

Blueprint		Priority	Assignee	Delivery
Draft Keystone V3 API blueprint	Draft Keystone V3 API blueprint	5 Essential	Joseph Heck	11 Implemented
PKI Support for Authentication and Delegation	PKI Support for Authentication and Delegation	4 High	Adam Young	11 Implemented
stub in initial i18n work to match other OpenStack projects	stub in initial i18n work to match other OpenStack projects	4 High	Registry Administrators	11 Implemented
Use '-' in all CLI option names	Use '-' in all CLI option names	3 Medium	Dean Troyer	11 Implemented
Add override feature on swift middleware.	Add override feature on swift middleware.	3 Medium	Chmouel Boudjnah	11 Implemented
Keystone should use openstack.common.importutils	Keystone should use openstack.common.importutils	2 Low	Zhongyue Luo	11 Implemented
Keystone should use openstack.common.jsonutils	Keystone should use openstack.common.jsonutils	2 Low	Zhongyue Luo	11 Implemented
Keystone should use openstack.common.timeutils	Keystone should use openstack.common.timeutils	2 Low	Zhongyue Luo	11 Implemented

Bug report			Importance	Assignee	Status
980085	#980085	ldap Identity backend TenantAPI bugs	2 Critical	Adam Young	10 Fix Released
1006316	#1006316	Add invalid role id to user on tenant is not raising proper exception	2 Critical	Dolph Mathews	10 Fix Released
1006777	#1006777	GET /v2.0/tokens/{token_id}/endpoints not implemented	2 Critical	Dolph Mathews	10 Fix Released
1006815	#1006815	[OSSA 2012-015] Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token	2 Critical	Dolph Mathews	10 Fix Released
1006822	#1006822	[OSSA 2012-015] API v2.0/OS-KSADM/services, v2.0/OS-KSADM/services/{service_id} doesn't validate token	2 Critical	Dolph Mathews	10 Fix Released
1030968	#1030968	'Adminness' is not asserted when validating non-PKI tokens	2 Critical	Dolph Mathews	10 Fix Released
1037683	#1037683	PKI Token revocation	2 Critical		10 Fix Released
1040626	#1040626	[OSSA 2012-013] Update user's default tenant partially succeeds without authz	2 Critical	Dolph Mathews	10 Fix Released
1041396	#1041396	[OSSA 2012-014] Token validation includes revoked roles (CVE-2012-4413)	2 Critical	Thierry Carrez	10 Fix Released
1046905	#1046905	Memcached Token Backend does not support list tokens	2 Critical		10 Fix Released
1056373	#1056373	memcache driver needs protection against unicode user keys	2 Critical	Dolph Mathews	10 Fix Released
928441	#928441	document base model types for key elements within Keystone API	3 High	Joseph Heck	10 Fix Released
951958	#951958	SQL connection errors not getting logged or reported	3 High	Joseph Heck	10 Fix Released
958950	#958950	no unit tests for SQL catalog backend	3 High	Dolph Mathews	10 Fix Released
996595	#996595	[OSSA 2012-010] Following a password compromise and subsequent password change, tokens remain valid.	3 High	Derek Higgins	10 Fix Released
998137	#998137	[SRU] Keystone user tenant membership not always removed	3 High	Adam Gandelman	10 Fix Released
1003829	#1003829	pam backend doesn't have unittests.	3 High	Bhuvan Arumugam	10 Fix Released
1004114	#1004114	Password logging	3 High	Dolph Mathews	10 Fix Released
1006341	#1006341	Attempt to add role to user with nonexistant tenant id in the request is not raising proper exception	3 High	Dolph Mathews	10 Fix Released
1012381	#1012381	Memcache token backend eventually stops working	3 High	Rafael Durán Castañeda	10 Fix Released
1013953	#1013953	keystoneclient fails with 'pkg_resources.DistributionNotFound: argparse' Error	3 High	Monty Taylor	10 Fix Released
1019409	#1019409	python-keystone client fails w/ PrettyTable 0.5-3 (	3 High	Dan Prince	10 Fix Released
1020109	#1020109	User role deletion is broken	3 High	Unmesh Gurjar	10 Fix Released
1031022	#1031022	update auth_token to default signing_dir w/ os USER as suffix	3 High	Adam Young	10 Fix Released
1031164	#1031164	Support PostgreSQL w/ migration 002	3 High	Dan Prince	10 Fix Released
1031191	#1031191	PKI key_size=2048 causes truncation errors on 'id' column	3 High	Dan Prince	10 Fix Released
1031373	#1031373	rename disable_pki=False config option	3 High	Bhuvan Arumugam	10 Fix Released
1037010	#1037010	[folsom-3] Missing files in generated tarballs	3 High	Thierry Carrez	10 Fix Released
1038309	#1038309	auth_token fails to fetch revocation list	3 High	Adam Young	10 Fix Released
1039552	#1039552	Keystone returns traceback for db backend	3 High		10 Fix Released
1043479	#1043479	auth token middleware is an upgrade bottleneck	3 High	Dolph Mathews	10 Fix Released
1047848	#1047848	LDAP identity Backend breaks on unscoped token	3 High	Adam Young	10 Fix Released
966251	#966251	User can be created with name more than 64 characters in length	4 Medium	Unmesh Gurjar	10 Fix Released
967440	#967440	Eventlet monkey_patch done too late ?	4 Medium	Joseph Heck	10 Fix Released
968519	#968519	Object reference validation should occur in drivers	4 Medium	Ken Thomas	10 Fix Released
974583	#974583	unittests not running on OSX	4 Medium	Maru Newby	10 Fix Released
980037	#980037	Service managers starting keystone-all don't know when its ready	4 Medium	Alan Pevec	10 Fix Released
983304	#983304	Implementation of tenant,user,role list functions for ldap	4 Medium	Dolph Mathews	10 Fix Released
987121	#987121	strict constraint for database table creation	4 Medium	Dolph Mathews	10 Fix Released
988523	#988523	(docs) delay_auth_decision = true, fails with ValueError	4 Medium	Dolph Mathews	10 Fix Released
988920	#988920	[OSSA 2012-016]Token authentication for a user in a disabled tenant does not raise Unauthorized error	4 Medium	Dolph Mathews	10 Fix Released
994744	#994744	--user should be --user_id, for consistency	4 Medium	Everett Toews	10 Fix Released
994860	#994860	Keystone middleware auth_token assumes top level URL when making http connection	4 Medium	Adam Young	10 Fix Released
994936	#994936	export_legacy_catalog doesn't convert url names correctly	4 Medium	Sam Morrison	10 Fix Released
995222	#995222	swift proxy start ValueError: invalid literal for int() with base 10: 'true'	4 Medium	Chmouel Boudjnah	10 Fix Released
997700	#997700	LDAP should not check username on "sn" field	4 Medium		10 Fix Released
997725	#997725	Role name is not required	4 Medium	Mohammed Naser	10 Fix Released
998185	#998185	[OSSA 2012-010] Once a token is created/distributed its expiry date can be circumvented	4 Medium	Derek Higgins	10 Fix Released
999447	#999447	swift_auth middleware is still referencing deprecated header HTTP_X_USER	4 Medium	Chmouel Boudjnah	10 Fix Released
999567	#999567	Keystone Admin - Deleting a roleRef for a non existent user or role returns Internal Server Error	4 Medium	Vincent Untz	10 Fix Released
999594	#999594	Keystone Admin: Can create a duplicate roleRef (role assignment) for a user	4 Medium	Vincent Untz	10 Fix Released
999998	#999998	Swift Auth backward compatibility broken	4 Medium	Lin Hua Cheng	10 Fix Released
1000757	#1000757	prettytable 0.6.0 test dependency has bad md5sum in PyPi	4 Medium	Dan Prince	10 Fix Released
1003715	#1003715	auth_token middleware doesn't import optional modules correctly	4 Medium	Pádraig Brady	10 Fix Released
1006055	#1006055	/v2.0/tenants: the 'limit' paramter should limit results instead of scopes	4 Medium	Dolph Mathews	10 Fix Released
1010237	#1010237	Validate token should always return service catalog	4 Medium	Dolph Mathews	10 Fix Released
1012282	#1012282	Missing 'content-type' header triggers 500 Internal Server Error	4 Medium	Dolph Mathews	10 Fix Released
1020569	#1020569	wsgi code ties all middleware consumers to Eventlet	4 Medium	Adam Young	10 Fix Released
1021315	#1021315	Live LDAP tests fail	4 Medium	Adam Young	10 Fix Released
1023998	#1023998	Explicitly prevent X-Service-Catalog from being injected via auth_token middleware	4 Medium	Dan Prince	10 Fix Released
1031317	#1031317	log errors when signing/verification fail	4 Medium	Dan Prince	10 Fix Released
1035428	#1035428	authenticate in ldap backend doesn't return a list of roles	4 Medium	Andrew Bogott	10 Fix Released
1039857	#1039857	default value of verbose and debug in keystone.conf.sample is mistaken	4 Medium	xyj	10 Fix Released
1050025	#1050025	Token invalidation in case of role grant/revoke should be limited to affected tenant	4 Medium	Dolph Mathews	10 Fix Released
956954	#956954	Keystone needs a URL normalizer middleware	5 Low	Rafael Durán Castañeda	10 Fix Released
966643	#966643	Useless error when keystone-all fails to locate config	5 Low	Chmouel Boudjnah	10 Fix Released
978981	#978981	Add ChangeLog to the Tarball	5 Low	Dan Prince	10 Fix Released
980209	#980209	BaseLDAP builds tree_dn backwards	5 Low		10 Fix Released
983734	#983734	Keystone fails badly if you miss one option	5 Low	Mark McLoughlin	10 Fix Released
983800	#983800	TokenNotFound not raised in testsuite because of timezone issues	5 Low	Mark McLoughlin	10 Fix Released
987457	#987457	keystoneclient endpoint-create should require service_id	5 Low	Dolph Mathews	10 Fix Released
991936	#991936	501 Not Implemented response missing "title" attribute	5 Low	Dolph Mathews	10 Fix Released
994957	#994957	handle all mailmap with name and email address	5 Low	Bhuvan Arumugam	10 Fix Released
999209	#999209	Listing roleRefs (Role assignments) for non existent user returns an incorrect status code	5 Low	Dolph Mathews	10 Fix Released
999608	#999608	Keystone Admin: Creating a roleRef for a non existent user or role returns Internal Server Error	5 Low	Dolph Mathews	10 Fix Released
1006029	#1006029	Invalid tokens obtained when tenantId/tenantName is missing/invalid	5 Low	Dolph Mathews	10 Fix Released
1006287	#1006287	Attempt to delete role of user with invalid parameters sent is returning 500 error code	5 Low	Dolph Mathews	10 Fix Released
1006334	#1006334	Attempt to add role to nonexistant user on tenant is not throwing an error	5 Low	Dolph Mathews	10 Fix Released
1006344	#1006344	Attempt to get list ofusers by passing non existant tenant id is not raising exception	5 Low	Dolph Mathews	10 Fix Released
1006793	#1006793	Service API :5000/v2.0/tenants doesn't check HTTP method	5 Low	Dolph Mathews	10 Fix Released
1007661	#1007661	keystoneclient should only attempt to decode JSON in msg body if the response was a success	5 Low	Joseph Heck	10 Fix Released
1027109	#1027109	DOCS: Broken link in http://docs.openstack.org/developer/keystone/api_curl_examples.html	5 Low	Alan Pevec	10 Fix Released
1037303	#1037303	PEP8 version differs between test_requires and tox.ini	5 Low	Dolph Mathews	10 Fix Released
1038131	#1038131	bin/keystone-all prints line break to stdout on every request	5 Low	Dolph Mathews	10 Fix Released
928564	#928564	require only one ctrl-c to kill keystone	6 Wishlist	Rafael Durán Castañeda	10 Fix Released
980864	#980864	Keystone Essex does not support TLS over HTTPS	6 Wishlist		10 Fix Released
994501	#994501	Token authentication for missing tenant	6 Wishlist	Dolph Mathews	10 Fix Released
996922	#996922	Ability to allow a user to change their own password	6 Wishlist	Derek Higgins	10 Fix Released
997194	#997194	[OSSA 2012-010] Tokens remain valid after a user account is disabled	6 Wishlist	Derek Higgins	10 Fix Released
1000608	#1000608	Backslash continuation removal (Keystone folsom-1)	6 Wishlist	Zhongyue Luo	10 Fix Released
1003962	#1003962	PKI Signed Tokens	6 Wishlist	Dolph Mathews	10 Fix Released
1016171	#1016171	Keystone API is forcing Content-Transfer: chunked on responses	6 Wishlist	Dolph Mathews	10 Fix Released
1019498	#1019498	update keystone to pep8 1.3	6 Wishlist	Dolph Mathews	10 Fix Released
1022614	#1022614	Document Memcache server needed system time setting	6 Wishlist	Maru Newby	10 Fix Released
1036161	#1036161	keystone should log all authentication failures	6 Wishlist	Ionuț Arțăriși	10 Fix Released
1037578	#1037578	Remove unused imports	6 Wishlist	Rongze Zhu	10 Fix Released
920757	#920757	'Authors' check in run_tests.sh makes life harder for new contributers	1 Undecided		10 Fix Released
966249	#966249	Tenant can be created with name more than 64 characters in length	1 Undecided	Unmesh Gurjar	10 Fix Released
966612	#966612	Build artifacts are missing from .gitignore	1 Undecided	Maru Newby	10 Fix Released
966670	#966670	keystone-manage looks in source tree first for keystone.conf	1 Undecided	Josh Kearney	10 Fix Released
966749	#966749	documentation incorrect: user-create throws on --default_tenant	1 Undecided	Bhuvan Arumugam	10 Fix Released
969088	#969088	Role conflict when importing nova auth	1 Undecided	Mark McLoughlin	10 Fix Released
973243	#973243	deleting tenants or users does not clean up metadata	1 Undecided	Bernhard M. Wiedemann	10 Fix Released
973433	#973433	S3_Token middleware is not coming back with proper s3 reply when unauthorized token or service is not available	1 Undecided	Chmouel Boudjnah	10 Fix Released
974199	#974199	deleting a tenant does not cleanup its user associations	1 Undecided	Bernhard M. Wiedemann	10 Fix Released
980277	#980277	Live LDAP tests do cleanup no_meta user	1 Undecided		10 Fix Released
992918	#992918	ValueError: rounds too low (sha512_crypt requires >= 1000 rounds)	1 Undecided	Johannes Erdfelt	10 Fix Released
994481	#994481	admin login in pam backend fails	1 Undecided	Bernhard M. Wiedemann	10 Fix Released
1013441	#1013441	Reorder imports by full import path	1 Undecided	Zhongyue Luo	10 Fix Released
1014845	#1014845	keystoneclient requires unittest2 for production install	1 Undecided	Ken Thomas	10 Fix Released
1016056	#1016056	EC2 credentials not migrated from legacy (diablo) database	1 Undecided		10 Fix Released
1017554	#1017554	Provision certificates for Keystone install	1 Undecided	Adam Young	10 Fix Released
1020182	#1020182	Reorder test imports by full import path	1 Undecided	Zhongyue Luo	10 Fix Released
1020613	#1020613	iso8601 is required by default on keystone	1 Undecided	Chmouel Boudjnah	10 Fix Released
1021508	#1021508	pep8 not being ran for tests	1 Undecided	Rafael Durán Castañeda	10 Fix Released
1022411	#1022411	500 Returned when trying to PUT /users/<USER_ID>/enabled	1 Undecided	Jay Pipes	10 Fix Released
1022575	#1022575	pep8 tests failing for tests/*py	1 Undecided	Derek Higgins	10 Fix Released
1030912	#1030912	auth_token middleware fails to fetch CA Cert	1 Undecided	Adam Young	10 Fix Released
1046023	#1046023	PKI Token should not store token body in the backend	1 Undecided	Adam Young	10 Fix Released

Related milestones and releases

This milestone contains Public information

Everyone can see this information.