File openstack-keystone.changes of Package openstack-keystone

-------------------------------------------------------------------
Fri Nov 27 13:18:18 UTC 2015 - vuntz@suse.com

- Bump rpm package version to 2014.2.4.juno:
  - a few months ago, we moved from versions like 2014.2.4.devX to
    2014.2.4~a0~devX, which is technically a downgrade.
  - as Juno code is now frozen upstream, there will be no 2014.2.5
    release and so no new version that would help us avoid the
    downgrade issue.
  - 2014.2.4 got released upstream, so technically, 2014.2.4.juno
    is correct and it is higher than both 2014.2.4.devX and
    2014.2.4~a0~devX, so there's no downgrade issue.

-------------------------------------------------------------------
Thu Nov 19 10:52:53 UTC 2015 - vuntz@suse.com

- Update hybrid backend from git:
  - Make assertion on checking password in SQL backend use a
    message

-------------------------------------------------------------------
Thu Nov 12 02:01:58 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev15:
  * Mask passwords in debug log on user password operations
  * Add test showing password logged

-------------------------------------------------------------------
Wed Nov 11 01:59:52 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev11:
  * Test v2 tokens being deleted by v3

-------------------------------------------------------------------
Sat Oct 17 00:11:12 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev9:
  * Updated from global requirements

-------------------------------------------------------------------
Thu Sep 10 12:32:24 UTC 2015 - rhafer@suse.com

- Added keystone_max_url_length.diff to fix bnc#943764

-------------------------------------------------------------------
Thu Aug 27 00:03:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev8:
  * Updated from global requirements

-------------------------------------------------------------------
Sun Aug 23 00:03:22 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev7:
  * Eventlet green threads not released back to pool

-------------------------------------------------------------------
Sat Jul 18 01:31:14 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev6:
  * Fix xmldsig import

-------------------------------------------------------------------
Fri Jun 26 07:35:03 UTC 2015 - rhafer@suse.com

- Updated hybrid backend to include fix for bsc#935892

-------------------------------------------------------------------
Thu Jun  4 02:34:00 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev5:
  * Deal with PEP-0476 certificate chaining checking
  * Updated from global requirements

-------------------------------------------------------------------
Wed May 13 12:34:35 UTC 2015 - rhafer@suse.com

- Backport fixes for v3 API sample policy file (lp#1381809 and 
  lp#1392155). New Patches:
  0001-Restrict-certain-APIs-to-cloud-admin-in-domain-aware.patch
  0002-Enable-cloud_admin-to-list-projects-in-all-domains.patch
- Install v3 sample policy into the doc directory

-------------------------------------------------------------------
Thu May  7 09:30:33 UTC 2015 - rhafer@suse.com

- Update hybrid backend to include latest fixes for v3 protocol
  (bsc#928718)

-------------------------------------------------------------------
Wed Apr 22 00:52:59 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev2:
  * backend_argument should be marked secret

-------------------------------------------------------------------
Tue Apr 14 01:02:03 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.4.dev1:
  * Bump stable/juno version to 2014.2.4
  2014.2.3

-------------------------------------------------------------------
Fri Apr 10 01:03:49 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev27:
  * Updated from global requirements
  * Work with pymongo 3.0

-------------------------------------------------------------------
Tue Apr  7 01:01:03 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev24:
  * Speed up memcache lock

-------------------------------------------------------------------
Fri Apr  3 01:01:19 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev22:
  * Fix up _ldap_res_to_model for ldap identity backend

-------------------------------------------------------------------
Thu Apr  2 00:57:18 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev21:
  * Don't try to convert LDAP attributes to boolean
  * fix the wrong update logic of catalog kvs driver
  * do parameter check before updating endpoint_group

-------------------------------------------------------------------
Thu Mar 12 01:29:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev15:
  * Correct initialization order for logging to use eventlet locks

-------------------------------------------------------------------
Sat Feb 28 01:30:08 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev13:
  * Fix the syntax issue on creating table `endpoint_group`

-------------------------------------------------------------------
Mon Feb 23 01:56:05 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev11:
  * Updated from global requirements

-------------------------------------------------------------------
Fri Feb 20 12:04:09 UTC 2015 - dmueller@suse.com

- fix requires 

-------------------------------------------------------------------
Tue Feb 17 02:18:32 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev10:
  * Make identity id mapping handle unicode
  * Improve testing of unicode id mapping
  * Updated from global requirements

-------------------------------------------------------------------
Fri Feb 13 02:17:28 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev5:
  * Fix race on default role creation

-------------------------------------------------------------------
Thu Feb 12 02:17:56 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.3.dev3:
  * Keystoneclient tests from venv-installed client
  * Bump stable/juno version to 2014.2.3
  2014.2.2

-------------------------------------------------------------------
Fri Jan 30 11:26:46 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.2.dev36:
  * Additional test coverage for password changes
  * explicit namespace prefixes for SAML2 assertion
  * Fix modifying a role with same name using LDAP
  * Add a test for modifying a role to set the name the same
  * Fix disabling entities when enabled is ignored
  * Add tests for enabled attribute ignored
  * Fix update role without name using LDAP
  * Add test for update role without name
  * Exclude domains with inherited roles from user domain list
  * Improve testing of exclusion of inherited roles
  * Fix project federation tokens for inherited roles
  * Improve testing of project federation tokens for inherited roles
  * Fix domain federation tokens for inherited roles
  * Improve testing of domain federation tokens for inherited roles
  * User ids that begin with 0 cannot authenticate through ldap
  * Move unit tests from test_backend_ldap

-------------------------------------------------------------------
Thu Jan 29 01:29:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.2.dev4:
  * Updated from global requirements

-------------------------------------------------------------------
Mon Jan 19 14:46:50 UTC 2015 - rhafer@suse.com

- re-add hybrid backend
- fixed dependencies. The LDAP backend requires python-ldappool

-------------------------------------------------------------------
Fri Jan 16 01:29:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2014.2.2.dev3:
  * Updated from global requirements

-------------------------------------------------------------------
Fri Dec 19 01:19:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.2.dev2:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Dec  6 01:16:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.2.dev1.g8a7282b:
  * Bump stable/juno next version to 2014.2.2
  2014.2.1
  * Updated from global requirements

-------------------------------------------------------------------
Fri Dec  5 01:17:53 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.1.dev7.g9053a60:
  * Updated from global requirements

-------------------------------------------------------------------
Wed Nov 26 01:41:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.1.dev6.gf6b1b5e:
  * Adds IPv6 url validation support

-------------------------------------------------------------------
Sun Nov 23 00:51:43 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.1.dev4.gf54fa8f:
  * Prevent infinite loop in token_flush

-------------------------------------------------------------------
Mon Oct 27 17:38:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.1.dev3.gdb291b3:
  * Use newer python-ldap paging control API

-------------------------------------------------------------------
Fri Oct 17 23:43:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.1.dev2.ge9cba76:
  * Opening stable/juno
  * Add oslo.serialization for latest keystoneclient

-------------------------------------------------------------------
Fri Oct 17 10:26:33 UTC 2014 - dmueller@suse.com

- update to 2014.2 

-------------------------------------------------------------------
Tue Oct  7 12:57:10 UTC 2014 - dmueller@suse.com

- fix cert creation on hosts with broken hostname 

-------------------------------------------------------------------
Sun Sep 28 00:35:15 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev188.g1f9248e:
  * Imported Translations from Transifex
  * Uses session in migration to stop DB locking
  * Set issuer value to CONF.saml.idp_entity_id
  * Updated from global requirements
  * Add version attribute to the SAML2 Assertion object
  * Fail on empty userId/username before query

-------------------------------------------------------------------
Sat Sep 27 00:35:00 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev176.g0200751:
  * Mark k2k as experimental
  * Update architecture documentation

-------------------------------------------------------------------
Fri Sep 26 09:42:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev172.gd229892:
  * New section for CLI examples in docs
  * Fix failure of delete domain group grant when identity is LDAP
  * Clean up the Configuration documentation
  * Adding an index on token.user_id and token.trust_id

-------------------------------------------------------------------
Fri Sep 26 00:35:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev164.g2fc25ff:
  * Fix a spelling mistake in keystone/common/utils.py

-------------------------------------------------------------------
Thu Sep 25 08:25:52 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev162.gd8d1477:
  * Prevent infinite recursion on persistence core on init

-------------------------------------------------------------------
Wed Sep 24 23:50:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev160.g08416ac:
  * Imported Translations from Transifex
  * Read idp_metadata_path value from CONF.saml
  * Fix Policy backend driver documentation

-------------------------------------------------------------------
Tue Sep 23 23:48:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev154.g1af2428:
  * Fix create and user-role-add in LDAP backend
  * Fix minor spelling issues in comments
  * Add a pool of memcached clients
  * Set LDAP certificate trust options for LDAPS and TLS

-------------------------------------------------------------------
Mon Sep 22 23:49:54 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev146.g641381a:
  * Update URLs for keystone federation configuration docs
  * Add info about pysaml2 into federation docs

-------------------------------------------------------------------
Sun Sep 21 23:49:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev142.g54054e8:
  * Do not run git-cloned ksc master tests when local client specified

-------------------------------------------------------------------
Sat Sep 20 23:49:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev140.g2f14f3a:
  * Mock doesn't have assert_called_once()
  * Imported Translations from Transifex

-------------------------------------------------------------------
Sat Sep 20 00:21:46 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev136.gee4ee3b:
  * Updated from global requirements
  * Safer check for enabled in trusts
  * Set the default number of workers when running under eventlet
  * Add the processutils from oslo-incubator
  * Update 'Configure Federation' documentation
  * Update man pages

-------------------------------------------------------------------
Fri Sep 19 00:23:05 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev124.g8e6e6b3:
  * Ensure identity sql driver supports domain-specific configuration

-------------------------------------------------------------------
Thu Sep 18 00:20:54 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev123.ga56d363:
  * Allow users to clean up role assignments

-------------------------------------------------------------------
Wed Sep 17 00:22:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev121.gae22900:
  * Adds a whitelist for endpoint catalog substitution (bnc#895847, CVE-2014-3621)
  * Revoke the tokens of group members when a group role is revoked
  * Change pysaml2 comment in test-requrements.txt
  * Document Keystone2Keystone federation

-------------------------------------------------------------------
Tue Sep 16 00:20:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev114.g9d4e22b:
  * ldap/core deleteTree not always supported
  * Reduce unit test log level for notifications
  * Fix delete group cleans up role assignments with LDAP
  * Refactor LDAP backend using context manager for connection
  * Add delete notification to endpoint grouping
  * Ensure a consistent transactional context is used
  * Adds hint about filter placement to extension docs
  * Making KvsInheritanceTests use backend KVS

-------------------------------------------------------------------
Sun Sep 14 00:21:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev100.g30c1e8b:
  * Fix using local ID to clean up user/group assignments
  * Add characterization test for cleanup role assignments for group
  * Fix LDAP group role assignment listing
  * Adds pipeline hints to the example paste config
  * Use id attribute map for read-only LDAP
  * Use oslo_debug_helper and remove our own version
  * trustor_user_id not available in v2 trust token

-------------------------------------------------------------------
Sat Sep 13 00:20:56 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev86.g1e20448:
  * Add V3 JSON Home support to GET /
  * Make the extension docs a top level entry in the landing page
  * LDAP: refactor use of "1.1" OID
  * Enable filtering of services by name
  * Sync jsonutils from oslo-incubator 32e7f0b5
  * Update the docs that list sections in keystone.conf

-------------------------------------------------------------------
Fri Sep 12 00:22:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev74.gc4e9556:
  * Document mod_wsgi doesn't support chunked encoding
  * Keystone local authenticate has an unnecessary pending audit record
  * JSON Home data is required

-------------------------------------------------------------------
Thu Sep 11 00:19:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev68.g12655bf:
  * Stop skipping LDAP tests
  * Update the revocation configuration docs
  * Fixes formatting error in debug log statement
  * Update paste pipelines in configuration docs
  * Fixed typo 'in sane manner' to 'in a sane manner'
  * correct typos
  * Prevent domains creation for the default LDAP+SQL
  * Fix oauth sqlite migration downgrade failure
  * Imported Translations from Transifex
  * Avoid conversion of binary LDAP values (bnc#897467)
  * Remove unused variable TIME_FORMAT
  * Add characterization test for group role assignment listing
  * Fix dn_startswith
  * Fixes a mock cleanup issue caused by oslotest
  * Add rst code-blocks to a bunch of missing examples
  * Capitalize all instances of Keystone in the docs
  2014.2.b3
  * Fixed spelling mistakes in comments
  * use one indentation style
  * Fix admin server doesn't report v2 support in Apache httpd
  * Add test for single app loaded version response
  * Work toward Python 3.4 support and testing
  * Update the federation configuration docs for saml2
  * Add docs for enabling endpoint policy
  * warn against sorting requirements
  * Fix minor nits for token2saml generation
  * Routes for Keystone-IdP metadata endpoint

-------------------------------------------------------------------
Fri Sep  5 00:19:42 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev324.g7d9b8dc:
  * Lower log level for notification registration
  * Test cleanup: do not leak FDs during test runs
  * Cleanup superfluous string comprehension and coersion

-------------------------------------------------------------------
Thu Sep  4 00:20:51 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev318.g8661e94:
  * Adds region back into the catalog endpoint
  * Implementation of Endpoint Grouping
  * Implement validation on Trust V3 API
  * Remove TODO that was done
  * Fix follow up review issues with endpoint policy backend patch
  * Mark the revoke kvs backend deprecated, for removal in Kilo

-------------------------------------------------------------------
Tue Sep  2 13:15:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev306.g67b474f:
  * Transform a Keystone token to a SAML assertion
  * Fix region schema comment
  * Remove unused _validate_endpoint
  * controller for the endpoint policy extension
  * Implement validation on the Catalog V3 API

-------------------------------------------------------------------
Mon Sep  1 00:20:43 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev296.g7b81974:
  * backend for policy endpoint extension
  * Implement validation on Credential V3
  * Implement validation on Policy V3 API
  * Fix token flush fails with recursion depth exception
  * Add index for actor_id in assignments table
  * Endpoint table is missing reference to region table
  * add missing log hints for level C/E/I/W
  * Add string id type validation
  * Implement validation on Assignment V3 API
  * Redirect stdout and stderr when using subprocess

-------------------------------------------------------------------
Sun Aug 31 00:19:30 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev276.g9a8e6bd:
  * Add audit support to keystone federation
  * Adds tests that show how update with validation works
  * Mark the trust kvs backend deprecated, for removal in Kilo
  * Do not load auth plugins by class in tests

-------------------------------------------------------------------
Sat Aug 30 00:20:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev269.ge0d8377:
  * Add commas for ease of maintenance
  * Comments to docstrings for notification emit methods
  * Notification cleanup: namespace actions
  * Add bash code style to some portions of configuration.rst
  * Update tests to not use token_api
  * Make persistence manager in token_provider_api private
  * Add extra guarding to revoke_by_audit_id methods
  * Mark methods on token_api deprecated
  * Remove SAML2 plugin dependency on token_api
  * Remove oauth controller dependency on token_api

-------------------------------------------------------------------
Fri Aug 29 00:20:52 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev249.g18efc78:
  * Mark kvs backends as deprecated, for removal in Kilo
  * Add libxmlsec1 as external package dependency on OS X
  * Remove assignment_api dependency on token_api

-------------------------------------------------------------------
Thu Aug 28 15:54:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev243.g4bbbf81:
  * Update sample config

-------------------------------------------------------------------
Wed Aug 27 23:48:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev241.gf4f0bdf:
  * Enhance GET /v3 to handle Accept header
  * Enhance V3 extensions to provide JSON Home data
  * Enhance V3 extension class to integrate JSON Home data
  * Change OS-INHERIT extension to provide JSON Home data
  * Change the sub-routers to provide JSON Home data
  * Change V3 router classes to provide JSON Home data
  * Create additional docs for role assignment events
  * Add __repr__ to KeystoneToken model
  * Notification Constant Cleanup and internal notify type
  * Remove wsgi and base controller dependency on token_api
  * Remove identity_api dependency on token_api
  * Remove trust dependency on token_api
  * Update AuthContextMiddleware to not use token_api
  * Back off initial migration to 34

-------------------------------------------------------------------
Tue Aug 26 23:47:51 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev213.g0b54321:
  * Revoke by Audit Id / Audit Id Chain instead of expires
  * assignment controller error path fix
  * Make SQL the default backend for Identity & Assignment unit tests
  * Enhance V3 version controller to provide JSON Home response
  * Provide the V3 routers to the V3 extension controller
  * Back off initial migration to 35
  * Configurable python-keystoneclient repo

-------------------------------------------------------------------
Mon Aug 25 23:47:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev199.gde2c6e1:
  * Add CADF notifications for role assignment create and delete
  * Enhance V3 routers to store basic resource description

-------------------------------------------------------------------
Mon Aug 25 13:04:08 UTC 2014 - bwiedemann@suse.com

- use %_rundir if available, otherwise /var/run

-------------------------------------------------------------------
Sat Aug 23 23:47:24 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev195.ge372aaf:
  * Sync Py2 and Py3 requirements files
  * Standardizing the Federation Process

-------------------------------------------------------------------
Fri Aug 22 23:47:43 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev191.g463b2ee:
  * Convert to urlsafe base64 audit ids
  * Sync with oslo-incubator
  * Add audit ids to tokens

-------------------------------------------------------------------
Thu Aug 21 23:47:30 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev185.gf6ad8f0:
  * Add notifications for policy, region, service and endpoint
  * Correct the signature for some catalog abstract method signatures
  * Fixing simple type in comment
  * Create authentication specific routes
  * Allow LDAP lock attributes to be used as enable attributes

-------------------------------------------------------------------
Tue Aug 19 23:46:59 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev177.g498a003:
  * Enable filtering of credentials by user ID
  * Expose context to create grant and delete grant
  * Use python convention for function names in test_notifications
  * Fixes an issue with the XMLEquals matcher

-------------------------------------------------------------------
Mon Aug 18 16:09:32 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev170.g2e49770:
  * Use mail for the default LDAP email attribute name

-------------------------------------------------------------------
Sat Aug 16 00:25:15 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev168.g45728c5:
  * Bump hacking to 0.9.x series
  * Rename bash8 requirement
  * Support the hints mechanism in list_credentials()
  * Keystone service throws error on receiving SIGHUP
  * Issue multiple SQL statements in separate engine.execute() calls

-------------------------------------------------------------------
Fri Aug 15 00:24:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev159.ga1da397:
  * Do not require method attribute on plugins

-------------------------------------------------------------------
Thu Aug 14 00:24:12 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev157.g409c94d:
  * Remove _BaseFederationExtension
  * Add a URL field to region table
  * Remove unnecessary declaration of CONF
  * Filter List Regions by 'parent_region_id'

-------------------------------------------------------------------
Wed Aug 13 04:53:33 UTC 2014 - tbechtold@suse.com

- Update to version keystone-2014.2.dev149.g2ea3006:
  * Updates the sample config
  * remove unused import
  * Clean whitespace off token
  * Remove strutils and timeutils from openstack-common.conf
  * Use functions in oslo.utils
  * Add an OS-FEDERATION section to scoped federation tokens
  * Ensure roles created by unit tests have correct attributes
  * Update control_exchange value in keystone.conf
  * swap import order of lxml
  * add i18n to lxml error
  * Check for empty string value in REMOTE_USER
  * Refactor names in catalog backends
  * Update CADF auditing example to show non-payload information
  * Remove ec2 contrib dependency on token_api
  * Expose token revocation list via token_provider_api
  * Remove assignment controller dependency on token_api
  * Refactor serializer import to XmlBodyMiddleware
  * Delete intersphinx mappings
  * Fix documentation link
  * Make token_provider_api contain token persistence
  * Remove S3 middleware tests from tox.ini
  * Remove unused function
  * Add oslo.utils requirement
  * Surround REMOTE_USER variable name with quotes
  * Remove `with_lockmode` use from Trust SQL backend
  * Improve instructions about federation
  * Do not override venvs
  * Imported Translations from Transifex
  * Remove debug CADF payload for every authN request
  * Don't override tox envdir for pep8 and cover jobs
- Add python-oslo.utils to requirements and post requirements

-------------------------------------------------------------------
Sun Aug  3 23:56:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev60.g1ef2975:
  * Fix invalid self link in get access token
  * Details the proper way to call a callable

-------------------------------------------------------------------
Fri Aug  1 23:57:20 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev56.g76f3c55:
  * Check that region ID is not an empty string

-------------------------------------------------------------------
Thu Jul 31 23:57:05 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev54.ga617408:
  * Do not consume trust uses when create token fails
  * Refactor set domain-id and mapping code

-------------------------------------------------------------------
Wed Jul 30 23:56:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev50.g99bef1f:
  * Add filters to the collections 'self' link
  * Use config fixture from oslo.config
  * Updated from global requirements
  * KeyError instead of exception.KeyError
  * Remove duplicated asserts
  * Check url is in the 'self' link in list responses
  * Update middleware that was moved to keystonemiddleware

-------------------------------------------------------------------
Tue Jul 29 23:56:35 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev36.g5017993:
  * Update setup docs with Fedora 19+ dependencies
  * Correct revocation event test for domain_id (bnc#892099, CVE-2014-5253)
  * Add workaround to support tox 1.7.2
  * Fix for V2 token issued_at time changing (bnc#892095, CVE-2014-5252)
  * Sqlite files excluded from the repo

-------------------------------------------------------------------
Mon Jul 28 23:57:20 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev26.gdf13caf:
  * Fixes a capitalization issue
  * Add tests related to V2 token issued_at time changing
  * Sample config update
  * auth tests should not require admin token

-------------------------------------------------------------------
Fri Jul 25 23:44:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev19.g4cbe8ca:
  * Add the new Keystone TokenModel
  * Add X-Auth-Token header in federation examples
  * Clean up EP-Filter after delete project/endpoint
  * add internal delete notification for endpoint
  * remove static files from docs
  * Move token persistence classes to token.persistence module

-------------------------------------------------------------------
Thu Jul 24 23:43:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev7.g1c88ead:
  * cache the catalog
  * Disable a domain will revoke tokens under the same domain
  * Adding support for ldap connection pooling
  2014.2.b2
  * Add the new oslo.i18n as a dependency for Python 3

-------------------------------------------------------------------
Thu Jul 24 08:49:21 UTC 2014 - dmueller@suse.com

- Update to version keystone-2014.2.dev225.g686597b:
  * Fixes test_exceptions.py for Python3
  * Fixes test_wsgi for Python3
  * Adds several more test modules that pass on Py3
  * Reduces the amount of mocked imports for Python 3
  * Disables LDAP unit tests
  * Updated from global requirements
  * Initial implementation of validator
  * Mark the 'check_vX_token' methods deprecated
  * Extracting get group roles for project logic to drivers
  * implement GET /v3/catalog
  * Adds coverage report to py33 test runs
  * Fixed tox cover environment to share venv
  * Regenerate sample config file
  * Example JSON files should be human-readable
  * Consolidate `assert_XXX_enabled` type calls to managers
  * Move keystone.token.default_expire_time to token.provider
  * Move token_api.unique_id to token_provider_api
  * Capitalize a few project names in configuring services doc
  * Fixes a Python3 syntax error
  * Introduce pragma no cover to asbtract classes
  * project disabled/deleted notification recommendations
  * Use oslo.i18n
  * Implicitly ignore attributes that are mapped to None in LDAP

-------------------------------------------------------------------
Thu Jul 24 08:49:01 UTC 2014 - dmueller@suse.com

- fix requires 

-------------------------------------------------------------------
Thu Jul 17 23:44:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev180.gc1a6639:
  * Sync with oslo-incubator
  * render json examples with syntax highlighting
  * Avoid loading a ref from SQL to delete the ref
  * Add revocation extension to default pipeline
  * Update docs to reflect new db_sync behaviour
  * Migrate default extensions
  * Update the configuration docs for the revocation extension
  * LDAP: Added documentation for debug_level option
  * Fixes the order of assertEqual arguments

-------------------------------------------------------------------
Wed Jul 16 23:52:16 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev162.g362216b:
  * Make sure unit tests set the correct log levels
  * Clean up the endpoint filtering configuration docs

-------------------------------------------------------------------
Sat Jul 12 00:35:12 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev158.gbbfd58a:
  * multi-backend support for identity
  * Add oslo.i18n as dependency
  * Do not use lazy translation for keystone-manage
  * Remove deprecated token_api.list_tokens
  * Imported Translations from Transifex
  * Add keystonemiddleware to requirements
  * Do not use keystone's config for nova's port
  * Adds hacking check for debug logging translations

-------------------------------------------------------------------
Fri Jul 11 00:34:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev144.gb3f9a5f:
  * Add _BaseFederationExtension class
  * Correct the region table to be InnoDB and UTF8
  * HEAD responses should return same status as GET
  * Make OS-FEDERATION core.Driver methods abstract

-------------------------------------------------------------------
Wed Jul  9 00:34:35 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev137.gfac022a:
  * Fix OAuth1 to not JSON-encode create access token response
  * Do not support toggling key_manglers in cache layer

-------------------------------------------------------------------
Tue Jul  8 00:34:14 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev133.g9d0ecaa:
  * Updated from global requirements
  * Sync with oslo-incubator e9bb0b59
  * Fix the section name in CONTRIBUTING.rst
  * Fix docs and scripts for pki_setup and ssl_setup

-------------------------------------------------------------------
Sun Jul  6 00:33:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev127.gb4140ae:
  * Add schema check for OS-FEDERATION mapping table

-------------------------------------------------------------------
Sat Jul  5 00:34:17 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev126.g59e01e5:
  * update example with a status code we actually use
  * Correct docstring for assertResponseSuccessful
  * remove default=None for config options

-------------------------------------------------------------------
Thu Jul  3 00:31:50 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev122.g4e45a5f:
  * Ending periods in exception messages deleted
  * Ensure that in v2 auth tenant_id matches trust (bnc#885798, CVE-2014-352)
  * Add identity mapping capability

-------------------------------------------------------------------
Wed Jul  2 00:30:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev117.gb2f3b5c:
  * Updated from global requirements
  * Move bash8 to run under pep8 tox env

-------------------------------------------------------------------
Tue Jul  1 00:29:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev114.g7c47629:
  * Fix test for get_*_by_name invalidation
  * Remove backend_entities from backend_ldap.conf
  * Do not leak SQL queries in HTTP 409 (conflict)

-------------------------------------------------------------------
Sun Jun 29 00:29:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev108.g50be156:
  * Remove db, db.sqlalchemy from openstack-common.conf
  * Consolidate provider calls to token_api.create_token
  * Updates Python3 requirements to match Python2
  * TestAuthInfo class in test_v3_auth made more efficient
  * Only emit disable notifications for project/domain on disable
  * Fixes catalog URL formatting to never return None
  * Updates keystone.catalog.core.format_url tests

-------------------------------------------------------------------
Sat Jun 28 00:28:21 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev94.gd96d546:
  * Regenerate sample config file

-------------------------------------------------------------------
Fri Jun 27 06:01:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev92.gbaf4c23:
  * Adds oslo.db support for Python 3 tests
  * Imported Translations from Transifex
  * Do not log 14+ INFO lines on a broken pipe error (eventlet)
  * Convert explicit session get/begin to transaction context

-------------------------------------------------------------------
Thu Jun 26 11:35:52 UTC 2014 - dmueller@suse.com

- Update to version keystone-2014.2.dev85.gf82b887:
  * deprecate LDAP config options for 'tenants'
  * the user_tenant_membership table was replaced by "assignment"
  * Corrects minor spelling mistakes
  * Ignoring order of user list in TenantTestCase
  * Make gen_pki.sh & debug_helper.sh bash8 compliant
  * Update docs to reference #openstack-keystone
  * Don't set sqlite_db default
  * Migrate ID generation for users/groups from controller to manager
  * oslo.db implementation
  * Test `common.sql` initialization
  * Kerberos as method name
  * test REMOTE_USER does not authenticate
  * Document pkiz as provider in config
  * Fix the typo and reformat the comments for the added option
  * Updated from global requirements
  * fix flake8 issues
  * Update sample keystone.conf file
  * Fix 500 error if request body is not JSON object
  * Default to PKIZ tokens
  * Fix a few typos in the shibboleth doc
  * Ignore broken endpoints in get_catalog
  * Properly invalidate cache for get_*_by_name methods
  * remove unnecessary word in docs: 'an'
  * remove unneeded definitions of Python Source Code Encoding
  * update release support warning for domain-specific drivers

-------------------------------------------------------------------
Wed Jun 18 00:08:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev36.gd9193ce:
  * pkiz String conversion
  * Add instructions for removing pyc files to docs
  * Add missing docstrings and 1 unittest for LDAP utf-8 fixes
  * install gettext on OS X for msgfmt

-------------------------------------------------------------------
Tue Jun 17 00:07:36 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev28.gd738598:
  * Allow for multiple PKI Style Providers
  * Password trunction makes password insecure

-------------------------------------------------------------------
Mon Jun 16 00:06:57 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev24.g7029722:
  * enable multiple keystone-all worker processes

-------------------------------------------------------------------
Sun Jun 15 00:07:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev22.g51a05bd:
  * Add cloud auditing notification documentation
  * Fixes typo error in Keystone
  * Make sure domains are enabled by default
  * Add v3 curl examples
  * Sync service module from oslo-incubator
  * gitignore etc/keystone/
  * Enforce ``saml2`` protocol in Apache config
  * Use translation hints
  * Fix type error message in format_url

-------------------------------------------------------------------
Sat Jun 14 00:07:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev4.ge7baea2:
  * Block delegation escalation of privilege (bnc#881977, CVE-2014-3476)

-------------------------------------------------------------------
Fri Jun 13 00:07:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev2.g4f93ec6:
  2014.2.b1
  * Use code-block for curl examples

-------------------------------------------------------------------
Wed Jun 11 23:42:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev349.gfb0e4c5:
  * add docs on v2 & v3 support in the service catalog

-------------------------------------------------------------------
Tue Jun 10 23:41:49 UTC 2014 - cloud-devel@suse.de

- Rebased patches:
  + 0001-Consistenly-use-jsonutils-instead-of-json.patch dropped (merged upstream)

-------------------------------------------------------------------
Tue Jun 10 23:41:47 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev347.g8de4ffa:
  * Make sure all the auth plugins agree on the shared identity attributes
  * Catalog driver generates v3 catalog from v2 catalog
  * fixed several pep8 issues
  * Consistenly use jsonutils instead of json

-------------------------------------------------------------------
Mon Jun  9 23:41:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev339.ga0a3237:
  * Code which gets and deletes elements of tree was moved to one method
  * Remove obsolete note from ldap

-------------------------------------------------------------------
Fri Jun  6 23:41:35 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev335.g3c07fba:
  * Add v2 & v3 API documentation
  * Compressed Token Provider
  * document keystone-specs instead of LP blueprints in README

-------------------------------------------------------------------
Thu Jun  5 23:41:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev329.g983baf4:
  * remove out of date docs for Fedora 15

-------------------------------------------------------------------
Wed Jun  4 23:41:48 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev327.g25a7f4a:
  * Invalid command referenced in federation documentation
  * Fix curl example refs in docs
  * pep8: do not test locale files
  * Updated from global requirements
  * Refactor driver_hints
  * Unimplemented get roles by group for project list
  * Update mailmap entry for Brant

-------------------------------------------------------------------
Sat May 31 17:52:22 UTC 2014 - dmueller@suse.com

- add 0001-Consistenly-use-jsonutils-instead-of-json.patch  

-------------------------------------------------------------------
Sat May 31 00:06:46 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev314.g3556857:
  * Make sure scoping to the project of a disabled domain result in 401
  * Fixed wrong behavior when updating tenant or user with LDAP backends
  * Cleanup openstack-common.conf and sync from olso
  * Refactor tests regarding required attributes
  * Check that the user is dumb moved to the common method

-------------------------------------------------------------------
Fri May 30 00:09:48 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev304.g6ed0549:
  * document pki_setup and ssl_setup in keystone.conf.sample

-------------------------------------------------------------------
Thu May 29 00:09:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev303.g93bc881:
  * recommend excluding 35357 from ephemeral ports
  * Fixes duplicated DELETE queries on SQL backends
  * Suggest users to remove REMOTE_USER from shibd conf
  * Imported Translations from Transifex
  * indicate that sensitive messages can be disabled
  * replaced unicode() with six.text_type()
  * no one uses macports

-------------------------------------------------------------------
Wed May 28 00:08:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev290.g972322d:
  * Fix spelling mistakes in docs
  * Replace magic value 'service/security' in CadfNotificationWrapper
  * Replace assertTrue and assertFalse with more suitable asserts
  * remove a few backslash line continuations

-------------------------------------------------------------------
Tue May 27 00:07:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev282.g97fca80:
  * sql migration: ensure using innodb utf8 for assignment table

-------------------------------------------------------------------
Mon May 26 18:52:32 UTC 2014 - dmueller@suse.com

- setup tmpdirs under systemd distributions 

-------------------------------------------------------------------
Mon May 26 00:08:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev280.g8b83737:
  * install from source docs never actually install the keystone service

-------------------------------------------------------------------
Sun May 25 00:07:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev278.g660d351:
  * Cleanup of ldap assignment backend

-------------------------------------------------------------------
Sat May 24 00:08:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev276.g7d09cdc:
  * LDAP fix for get_roles_for_user_and_project user=group ID
    (bnc#876902, CVE-2014-0204)
  * Mapping engine does not handle regex properly
  * Regenerate sample config
  * Stronger assertion for test_user_extra_attribute_mapping

-------------------------------------------------------------------
Fri May 23 00:08:20 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev268.g6c9b48f:
  * Reduce log noise on expired tokens
  * Fix version links to docs.openstack.org

-------------------------------------------------------------------
Wed May 21 23:45:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev264.g72f046f:
  * Remove all mostly untranslated PO files
  * SQL fix for get_roles_for_user_and_project user=group ID

-------------------------------------------------------------------
Sun May 18 23:44:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev261.g455d50e:
  * Add note for v3 API clients using auth plugin docs
  * Refactor test_auth trust related tests
  * Add mailmap entry

-------------------------------------------------------------------
Wed May 14 23:57:19 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev255.g3ca5ce4:
  * Make the LDAP debug option a configurable setting

-------------------------------------------------------------------
Tue May 13 23:57:13 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev253.g8697b39:
  * Add detailed federation configuration docs
  * Escape values in LDAP search filters

-------------------------------------------------------------------
Fri May  9 23:57:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev249.g401294d:
  * Reduce excess LDAP searches

-------------------------------------------------------------------
Tue May  6 23:56:09 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev248.g820e4f1:
  * Refactor create_trust for readability
  * Adds several more tests to the Python 3 test run

-------------------------------------------------------------------
Mon May  5 23:53:02 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev246.g3ec0c5e:
  * Fixed the policy tests in Python 3
  * Fixed the size limit tests in Python 3
  * Fix cache configuration checks

-------------------------------------------------------------------
Sat May  3 23:52:07 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev242.g1e6b45f:
  * setUp must be called on a fixture's parent first
  * First real Python 3 tests
  * Make the py33 Jenkins job happy

-------------------------------------------------------------------
Fri May  2 23:52:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev236.ga725b67:
  * fixed typos found by RETF rules in RST files
  * Remove the configure portion of extension docs
  * Ensure token is a string
  * Fixed some typos throughout the codebase
  * Allow 'description' in V3 Regions to be optional
  * More random values for oAuth1 verifier
  * Set proper DB_INIT_VERSION on db_version command
  * Sync with oslo-incubator 28fba9c
  * Check that all po/pot files are valid
  * Refactor service readiness notification

-------------------------------------------------------------------
Thu May  1 23:52:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev216.g1dde174:
  * Add rally performance gate job for keystone

-------------------------------------------------------------------
Wed Apr 30 23:52:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev214.g314c032:
  * Migration DB_INIT_VERSION in common place
  * Redundant unique constraint
  * Correct `nullable` values in models and migrations

-------------------------------------------------------------------
Tue Apr 29 23:53:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev208.g69ef772:
  * Move hacking code to a separate fixture
  * Some methods in ldap were moved to superclass
  * Use oslo.test mockpatch
  * Refactor notifications
  * Ignore broken endpoints in get_v3_catalog

-------------------------------------------------------------------
Sun Apr 27 00:42:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev198.gd4c4a96:
  * No longer allow listing users by email
  * Fix sql_upgrade tests run by themselves
  * Refactor test_password_hashed to the backend testers
  * Fix catalog Driver signatures

-------------------------------------------------------------------
Sat Apr 26 00:39:54 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev190.g64857e3:
  * Add localized response test
  * Make test_revoke expiry times distinct
  * Removed duplication with list_user_ids_for_project
  * Fix the "search for sql.py" files for db models
  * Sync with oslo-incubator 74ae271
  * Updated from global requirements
  * Compatible server default value in the models
  * Explicit foreign key indexes
  * Added statement for ... if ... else
  * More notification unit tests
  * Fix typo of ANS1 to ASN1

-------------------------------------------------------------------
Fri Apr 25 00:38:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev169.gb44ba65:
  * Imported Translations from Transifex
  * Fix typo on cache backend module

-------------------------------------------------------------------
Thu Apr 24 00:38:42 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev166.g2fea4a9:
  * Code which gets elements of tree in ldap moved to a common method
  * Include extra attributes in list results
  * Configurable token hash algorithm

-------------------------------------------------------------------
Wed Apr 23 00:39:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev160.gc267914:
  * Discourage use of pki_setup
  * Fixes for in-code documentation

-------------------------------------------------------------------
Tue Apr 22 00:42:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev156.gfd5a148:
  * add dependencies of keystone dev-enviroment

-------------------------------------------------------------------
Mon Apr 21 00:42:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev155.g0773c4e:
  * Remove LDAP password hashing code

-------------------------------------------------------------------
Sun Apr 20 00:43:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev153.gaca369f:
  * More efficient DN list for LDAP role delete
  * Allow any attributes in mapping

-------------------------------------------------------------------
Sat Apr 19 00:43:56 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev150.g4907779:
  * Don't re-raise instance
  * Enhance tests for user extra attribute mapping

-------------------------------------------------------------------
Fri Apr 18 00:43:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev146.ge55216e:
  * Isolate backend loading
  * Adding one more check on project_id
  * Cleanup of test_cert_setup tests

-------------------------------------------------------------------
Wed Apr 16 23:37:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev140.g0473e5a:
  * Add missing import, remove trailing ":" in middleware example
  * Sync with oslo-incubator 2fd457b
  * Remove unnecessary dict copy
  * Removed unused code

-------------------------------------------------------------------
Tue Apr 15 23:37:13 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev133.gde33c22:
  * Moves test database setup/teardown into a fixture
  * More debug output for test
  * Updated from global requirements

-------------------------------------------------------------------
Mon Apr 14 23:37:13 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev127.g4cc6a9c:
  * Collapse SQL Migrations

-------------------------------------------------------------------
Sat Apr 12 23:37:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev125.g58d71b9:
  * Refactor: moved flatten function to utils
  * Treat LDAP attribute names as case-insensitive
  * Adds style checks to ease reviewer burden
  * Refactor: move federation functions to federation utils
  * Convert test_backend_ldap to config fixture
  * Fix assertEqual arguments order(catalog, cert_setup, etc)

-------------------------------------------------------------------
Fri Apr 11 00:02:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev114.g9b580d2:
  * replace word 'by' with 'be'
  * List all forbidden attributes in the request body

-------------------------------------------------------------------
Thu Apr 10 00:03:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev110.gda4d4a1:
  * Adding more descriptive error message
  * Fixed wrong behavior in method search_s in BaseLdap class

-------------------------------------------------------------------
Wed Apr  9 00:03:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev108.gdc43f94:
  * Fix response for missing attributes in trust
  * Add tests for user ID with comma
  * Cleanup config.py

-------------------------------------------------------------------
Tue Apr  8 00:44:55 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev103.g76b396a:
  * Clean up config help text

-------------------------------------------------------------------
Sun Apr  6 00:41:30 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev101.g284511a:
  * Remove common.V3Controller.check_required_params() method

-------------------------------------------------------------------
Sat Apr  5 00:42:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev99.gdef83cc:
  * Fix invalid LDAP filter for user ID with comma
  * Remove assignment proxy methods/controllers
  * Remove legacy_endpoint_id and enabled from service catalog
  * Replace all use of mox with mock
  * Reduce environment logging
  * Add slowest output to tox runs (testr)

-------------------------------------------------------------------
Fri Apr  4 09:14:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev87.g8c53f42:
  * Fix parallel unit tests keystoneclient partial checkout
  * Sync from oslo db.sqlalchemy.migration
  * Removes unused db_sync methods
  * Removes useless wrapper from manager base class
  * For ldap, API wrongly reports user is in group
  * Keystone doesn't use pam
  * remove the unused variable in test_sql_upgrade

-------------------------------------------------------------------
Thu Apr  3 00:50:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev73.gd8c0c81:
  * Sanitizes authentication methods received in requests
  * Fix create_region_with_id raise 500 Error bug
  * Make service catalog include service name
  * Remove unused db_sync from extensions

-------------------------------------------------------------------
Wed Apr  2 00:56:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev65.gd33cd47:
  * support conventional domain name with one or more dot
  * Remove _delete_tokens function from federation controller

-------------------------------------------------------------------
Tue Apr  1 00:53:47 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev61.gb803fe8:
  * Fixed small capitalization issue
  * Removes some duplicate setup from a testcase
  * Updated from global requirements
  * Enable concurrent testing by default
  * Moves database setup/teardown closer to its usage
  * Fix assertEqual arguments order(auth_plugin, backend, backend_sql, etc)
  * Fix the order of assertEqual arguments(keystoneclient, kvs, etc)

-------------------------------------------------------------------
Sun Mar 30 01:02:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev47.ge8d8306:
  * Fix Jenkins translation jobs

-------------------------------------------------------------------
Sat Mar 29 01:03:34 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev46.g7882359:
  * Cleanup ldap tests (mox and reset values)
  * Check domain_id with equality in assignment kvs
  * Imported Translations from Transifex
  * test_v3_token_id correctly hash token
  * Safer noqa handling
  * Expand the use of non-ascii values in ldap test
  * Properly handle unicode & utf-8 in LDAP
  * Refactor LDAP API
  * Remove unnecessary test setUps
  * Use CMS to generate sample tokens
  * Allows override of stdout/stderr/log capturing
  * Cleanup revocation query
  * Use assertIsNone when comparing against None
  * Removes the use of mutables as default args
  * Use assertIn in test_v3_catalog
  * Start using to oslotest
  * Fix test_provider_token_expiration_validation transient failure

-------------------------------------------------------------------
Fri Mar 28 01:03:07 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev13.ga5382fa:
  * Remove noqa form import _s
  * Use in-memory SQLite for sql migration tests
  * Use in-memory SQLite for testing
  * Remove extraenous instantiations of managers
  * Add placeholders for reserved migrations
  2014.1.rc1
  * code hygiene; use six.text_type, escape regexp's, use key function
  * Add a space after the hash for block comments

-------------------------------------------------------------------
Thu Mar 27 01:02:46 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev176.g724d056:
  * Open Juno development
  * Enable lazy translations in httpd/keystone.py
  * Avoid using .values() on the indexed columns
  * Imported Translations from Transifex
  * revert deprecation of v2 API
  * Updated from global requirements
  * Uses generator expressions instead of filter

-------------------------------------------------------------------
Wed Mar 26 01:04:12 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev162.g3056dc5:
  * exclude disabled services from the catalog
  * refactor AuthCatalog tests
  * Rename keystone.tests.fixtures
  * Change the default version discovery URLs
  * Remove extra cache layer debugging
  * Fix doc build errors with SQLAlchemy 0.9
  * Sync oslo-incubator db.sqlalchemy b9e2499
  * Always include 'enabled' field in service response

-------------------------------------------------------------------
Tue Mar 25 01:04:34 UTC 2014 - cloud-devel@suse.de

- Rebased patches:
  + 0001-Create-TMPDIR-for-tests-recursively.patch dropped (merged upstream)
  + 0001-Create-TMPDIR-for-tests-recursively.patch dropped (merged upstream)

-------------------------------------------------------------------
Tue Mar 25 01:04:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev146.ge7b3005:
  * Create TMPDIR for tests recursively
  * test tcp_keepidle only if it's available on the current platform
  * Add dedicated URL for issuing unscoped federation tokens

-------------------------------------------------------------------
Mon Mar 24 17:50:48 UTC 2014 - dmueller@suse.com

- add 0001-Create-TMPDIR-for-tests-recursively.patch 

-------------------------------------------------------------------
Mon Mar 24 01:03:20 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev141.g0fb0dfd:
  * Filter SAML2 assertion parameters with certain prefix

-------------------------------------------------------------------
Sun Mar 23 01:04:13 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev139.g1e84251:
  * Use oslo db.sqlalchemy.session.EngineFacade.from_config

-------------------------------------------------------------------
Sat Mar 22 01:02:50 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev137.ga3c7553:
  * Add support for parallel testr workers in Keystone
  * is_revoked check all viable subtrees
  * update sample conf
  * explicitly import gettext function
  * expires_at should be in a tuple not turned into one
  * Comparisons should account for instantaneous test execution
  * Make domain_id immutable by default
  * Do not expose internal data on UnexpectedError
  * Filter LDAP dumb member when listing role assignments

-------------------------------------------------------------------
Fri Mar 21 00:57:32 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev121.gff88763:
  * Ability to turn off ldap referral chasing
  * Add user_id when calling populate_roles_for_groups
  * Store groups ids objects list in the OS-FEDERATION object
  * Uses explicit imports for _
  * Rename scope_to_bad_project() to test_scope_to_bad_project()
  * Make LIVE Tests configurable with ENV

-------------------------------------------------------------------
Wed Mar 19 01:09:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev109.gd4574a7:
  * Move test .conf files to keystone/tests/config_files
  * Removal of test .conf files

-------------------------------------------------------------------
Tue Mar 18 10:31:52 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev105.gd906f57:
  * Filter out nonstring environment variables before rules mapping
  * Provide option to make domain_id immutable
  * Replace httplib.HTTPSConnection in ec2_token
  * Don't automatically enable revocation events
  * Ensure v3policysample correctly limits domain_admin access
  * Sync db, db.sqlalchemy from oslo-incubator 0a3436f
  * Do not use keystone.conf.sample in tests
  * Use class attribute to represent 'user' and 'group'
  * trust creation allowed with empty roles list

-------------------------------------------------------------------
Mon Mar 17 10:05:28 UTC 2014 - rhafer@suse.com

- switch over to non-openstack-prefix'ed users

-------------------------------------------------------------------
Sat Mar 15 01:12:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev88.gcd3b6f6:
  * Update sample config
  * remove hardcoded SQL queries in tests
  * Fix db_version failed with wrong arguments

-------------------------------------------------------------------
Fri Mar 14 00:57:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev82.g358674a:
  * Updated from global requirements
  * Remove unnecessary oauth1.Manager constructions
  * Enforce groups presence for federated authn
  * Very minor cleanup to default_fixtures
  * Cleanup keystoneclient tests
  * Cleanup fixture data added to test instances
  * Cleans up test data from limit tests
  * Cleanup of instance attrs in core tests
  * Cleanup backends after each test
  * Fix include only enabled endpoints in catalog
  * Add unit tests for disabled endpoints in catalog
  * Add OS-OAUTH1 to consumers links section

-------------------------------------------------------------------
Thu Mar 13 01:39:53 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev58.gcb742d0:
  * Fixup region description uniqueness
  * Add missing documentation for enabling oauth1 auth plugin
  * Configurable temporary directory for tests

-------------------------------------------------------------------
Wed Mar 12 00:55:42 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev52.g989dd71:
  * Add missing documentation for enabling federation auth plugin
  * Call an existing method in sync cache for revoke events
  * Remove unnecessary calls to self.config()
  * Import order is fixed

-------------------------------------------------------------------
Tue Mar 11 01:34:51 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev45.gfb8209e:
  * Use config fixture

-------------------------------------------------------------------
Mon Mar 10 16:21:23 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev43.g58bb5e9:
  * Fix docstrings in federation related modules
  * Sync db, db.sqlalchemy, gettextutils from oslo-incubator 6ba44fd
  * V3 xml responses should use v3 namespace
  2014.1.b3
  * Update ADMIN_TOKEN description in docs
  * Remove unused function from tests
  * Don't need session.flush in context managed by session
  * Remove vim headers
  * Removes use of timeutils.set_time_override
  * Removes a redundant test
  * revocation_list only call isotime on datetime objects
  * Handle exception messages with six.text_type
  * Fix webob.exc.HTTPForbidden parameter miss

-------------------------------------------------------------------
Fri Mar  7 15:33:31 UTC 2014 - speilicke@suse.com

- Use sphinx-build rathern than pbr-infested setup.py build_sphinx

-------------------------------------------------------------------
Fri Mar  7 09:46:07 UTC 2014 - speilicke@suse.com

- Fix requirements

-------------------------------------------------------------------
Thu Mar  6 16:20:19 UTC 2014 - speilicke@suse.com

- Update to version keystone-2014.1.dev515.g8c168bc:
  * v3 endpoint create should require url
- Fixed requirements

-------------------------------------------------------------------
Thu Mar  6 15:15:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev513.g7913636:
  * Mark revoke as experimental
  * Imported Translations from Transifex
  * allow create credential with the system admin token
  * Always include 'enabled' field in endpoint response
  * Add the last of the outstanding helpstrings to config
  * Update curl api example to specify tenant
  * Update Oslo wiki link in README
  * Lazy gettextutils behavior
  * Update Oslo wiki link in README

-------------------------------------------------------------------
Thu Mar  6 00:55:42 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev495.g388155c:
  * Stop gating on up-to-date sample config file
  * Token Revocation Extension

-------------------------------------------------------------------
Wed Mar  5 01:00:29 UTC 2014 -  bwiedemann@suse.com

- Update to version keystone-2014.1.dev492.g4bec42e:
  * drop key distribution from icehouse
  * Limited use trusts
  * Remove common.sql.migration

-------------------------------------------------------------------
Tue Mar  4 01:31:19 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev487.ge9c5a00:
  * Properly configure OS-EP-FILTER test backend
  * Add tests for endpoint enabled
  * Remove the un-used and non-maintained PAM identity backend
  * SQLAlchemy Change to support more strict dialect checking
  * Update oslo-incubator log.py to a01f79c

-------------------------------------------------------------------
Mon Mar  3 11:55:21 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev477.gfb19984:
  * deprecate XML support in favor of JSON
  * Remove unused variable
  * Replace assertEqual(None, *) with assertIsNone in tests
  * Fix assertEqual arguments order(_ldap_tls_livetest, backend_kvs, etc)

-------------------------------------------------------------------
Mon Mar  3 01:34:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev469.g0908a0b:
  * Remove paste_deploy from test_overrides.conf
  * Remove "test-only" pam config options
  * Imported Translations from Transifex
  * Fix assertEqual arguments order(backend_ldap, cache, v3_protection)
  * add policy entries for /v3/regions

-------------------------------------------------------------------
Sun Mar  2 00:46:13 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev460.g42e2375:
  * Fix get project users when no user exists
  * Implement V3 Specific Version of EC2 Contrib
  * Support authentication via SAML 2.0 assertions
  * oauth1 extension migration fails with DB2

-------------------------------------------------------------------
Sat Mar  1 01:13:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev453.g716c52c:
  * Fix table name typo in test_sql_upgrade
  * Cleanup and add more config help strings
  * Ensure v2 API only returns projects in the default domain
  * Fix the order of assertEqual arguments(v3_auth, v3_identity)

-------------------------------------------------------------------
Thu Feb 27 01:31:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev445.g9663fa8:
  * Support for mongo as dogpile cache backend
  * Fix issue with DB upgrade to assignment table
  * Remove duplicated cms file

-------------------------------------------------------------------
Wed Feb 26 00:38:53 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev440.g8c8f776:
  * Unimplemented error on V3 get token
  * Updated from global requirements
  * Fix keystone-manage db_version
  * Remove redundant default value None for dict.get
  * Always hash passwords on their way into the DB
  * Refactor tests move assertValidErrorResponse

-------------------------------------------------------------------
Tue Feb 25 01:33:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev428.gb5a26b3:
  * Move _BaseController to common/controllers.py
  * Remove oslo rpc
  * Uses the venv virtualenv for the pep8 command
  * Update man pages
  * Remove auth_token middleware doc

-------------------------------------------------------------------
Mon Feb 24 01:10:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev418.g8bc0433:
  * Sync db.exception from Oslo
  * Add tests for create grant when no group
  * Add tests for create grant when no user
  * Add version routes to KDS
  * KDS fix documented exception
  * Remove unused method _get_domain_id_from_auth

-------------------------------------------------------------------
Sun Feb 23 00:54:53 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev406.g72b794f:
  * Remove oslo notifier
  * Keystone doc has wrong keystone-manage command

-------------------------------------------------------------------
Sat Feb 22 00:54:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev402.g932647d:
  * Correct a docstring in keystone.common.config
  * Enable pep8 test against auto-generated configuration
  * Update config options with helpstrings and generate sample
  * strengthen assertion for unscoped tokens
  * bad config user_enable_emulation in mask test
  * Fix test_provider_token_expiration_validation transient failure
  * Update oslo-incubator fixture to 81c478
  * Mark strings for translation in ldap backends

-------------------------------------------------------------------
Fri Feb 21 01:35:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev386.g472cc5e:
  * Fix assertEqual arguments order
  * Remove sql.Base
  * Add test for list project users when no user

-------------------------------------------------------------------
Thu Feb 20 15:33:49 UTC 2014 - dmueller@suse.com

- Update to version keystone-2014.1.dev381.g9fbb60d:
  * Convert Token Memcache backend to new KeyValueStore Impl
  * Implement mechanism to provide non-expiring keys in KVS
  * Rationalize the Assignment Grant Tables
  * Keystone team uses #openstack-keystone now
  * Adds model mixin for {to,from}_dict functionality
  * Adds Cloud Audit (CADF) Support for keystone authentication
  * Use class attribute to represent 'project'
  * Switch over to oslosphinx
  * Replace notifier with oslo.messaging
  * Clean StatsController unnecesary members
  * Use global to represent OS-TRUST:trust
  * Additional notifications for revocations
  * Use Oslo.db migration
  * `find_migrate_repo` improvement
  * Variable 'domain_ref' referenced before assignment
  * Cleanup Dogpile KVS Memcache backend support
  * Restructure KDS options to be more like Keystone's options
  * Setup code for auto-config sample generation
  * Correct `find_migrate_repo` usage
  * Make live LDAP user DN match the default from devstack
  * Set sensible default for keystone's paste
  * Treat sphinx warnings as errors
  * Use WebOb directly in ec2_token middleware
  * Add lockfile and kombu as requirements for keystone
  * Move filter_limit_query out of sql.Base
  * List trusts, incorrect self link
  * LDAP: document enabled_emulation
  * Provide clearer error when deleting enabled domain
  * Cleanup oauth tests
  * Correctly normalize consumer fields on update

-------------------------------------------------------------------
Fri Feb 14 15:27:21 UTC 2014 - dmueller@suse.com

- added patches:
  * 0001-Set-sensible-default-for-keystone-s-paste.patch
-------------------------------------------------------------------
Fri Feb 14 09:26:01 UTC 2014 - dmueller@suse.com

- revert last change
- fix keystone-manage.log permissions

-------------------------------------------------------------------
Fri Feb 14 08:10:20 UTC 2014 - speilicke@suse.com

- Use oauthlib on openSUSE and keep oauth2 for SLE

-------------------------------------------------------------------
Fri Feb 14 07:44:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev310.ge8f8c17:
  * Remove s3_token functional tests
  * Remove copyright from empty files
  * Syncing policy engine from oslo-incubator
  * Rename Openstack to OpenStack
  * Refactor get role for trust
  * Adds a fixture for setting up the cache
  * Fixes bug in exception message generation
  * reverse my preferred mailmap
  * Notifications upon disable
  * Move identity logic from controller to manager
  * Changing testcase name to match our terminology
  * explicitly expect hints in the @truncated signature
  * list limit doc cleanup
  * Correct error class in find_migrate_repo
  * Enforce current certificate retrieval behaviour
  * Use WebOb directly for locale testing
  * Doc - Keystone configuration - moving RBAC section
  * Do not use auth_info objects for accessing the API
  * Update kvs assignment backend docs
  * Remove vim header
  * Document priority level on Keystone notifications
  * Uses six.iteritems for Python3 compat
  * Use message when creating Unauthorized exception
  * Use passed filter dict param in core sql filtering
  * Tests use setUp rather than init
  * Tests remove useless config list cleanup code
  * Reference dogpile.cache.memcached backend properly
  * Safe command handling for openssl

-------------------------------------------------------------------
Thu Feb 13 13:37:30 UTC 2014 - dmueller@suse.com

- remove log_file option setting
- added patches:
  * 0001-Switch-over-to-oslosphinx.patch

-------------------------------------------------------------------
Thu Feb 13 01:25:34 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev255.g586a3ff:
  * Allow specifying region ID when creating region
  * Cleanup KDS doc build errors
  * Add in functionality to set key_mangler on dogpile backends
  * Fix indentation issue
  * Cleanup invalid token exception text
  * Fixes a misspelling
  * Doc - Detailing objects' attributes available for policy.json
  * Remove unused method _get_domain_conf
  * Remove unused method _store_protocol
  * Remove tox locale overrides
  * Remove unused methods from AuthInfo
  * Remove unused method _create_metadata
  * revise example extension directory structure
  * Update db.sqlalchemy.session from oslo-incubator 018138
  * Do not call deprecated functions
  * Fixes a Python3 syntax error using raise
  * Uses six.text_type instead of unicode
  * Removes xrange for Python3 compat
  * Cleanup sample config
  * Remove unused variable assignment
  * Remove legacy diablo and essex test cruft
  * Enhancing tests to check project deletion in Active Directory
  * Change assertTrue(isinstance()) by optimal assert
  * sync oslo-incubator log.py
  * turn off eventlet.wsgi debug

-------------------------------------------------------------------
Wed Feb 12 00:55:24 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev205.gfcc1547:
  * Adds rule processing for mapping
  * Limit calls to memcache backend as user token index increases in size
  * Implement list limiting support in driver backends
  * Update the default_log_levels defaults
  * Correct sample config default log levels

-------------------------------------------------------------------
Tue Feb 11 14:46:00 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev195.g6ed19c2:
  * Style the code examples in docs as python
  * Deprecate s3_token middleware
  * Update requirements to 661e6
  * Fix misspellings in keystone
  * Removes use of fake_notify and fixes notify test
  * Remove host from per notification options
  * Remove default_notification_level from conf
  * Mock sys.exit in testing
  * Move v3_to_v2_user from manager to controller
  * Adds tcp_keepalive and tcp_keepidle config options
  * clean up keystone-manage man page
  * Fix indentation errors found by Pep8 1.4.6+
  * Fix assignment to not require user or group existence
  * cleaned up extension development docs
  * Tests initialize database
  * Improve forbidden checks
  * rename templated.TemplatedCatalog to templated.Catalog

-------------------------------------------------------------------
Wed Feb  9 15:41:47 UTC 2014 - speilicke@suse.com

- Update to version keystone-2014.1.dev161.g211bfc3:
  * Ensure mapping rule has only local and remote properties
  * fix grammar error in keystone-manage.rst
  * Add rules to be a required field for mapping schema
  * Cleanup docstrings
  * Removes useless string
  * Removes duplicate key from test fixtures
  * Add tests to ensure additional remote properties are not validated
  * Change 'oauth_extension' to 'oauth1_extension'
  * Modified keystone endpoint-create default region
  * Load the federation manager
  * Sync oslo's policy module
  * Replace urllib/urlparse with six.moves.*
  * Change Continuous Integration Project link
  * Refactor Auth plugin configuration options
  * Use self.opt_in_group overrides
  * Federation IdentityProvider filter fields on update response
  * Remove unnecessary test methods
  * Refactor federation controller class hierarchy
  * Refactor mutable parameter handling
  * Make error strings translatable
  * Add required properties field to rules schema
  * deprecate access log middleware
  * remove access log middleware from the default paste pipeline
  * deprecate v2.0 API in multiple choice response
  * Add a docstring and rename mapping tests
  * Remove versionId, versionInfo, versionList from examples
  * Don't set default for a nullable column
  * Remove autoincrement from String column
- Replace git_tarballs source service with download_files and set_version
  + Use upstream URL as source (enables verification)

-------------------------------------------------------------------
Thu Feb  6 14:46:17 UTC 2014 - dmueller@suse.com

- fix typo in logrotate 

-------------------------------------------------------------------
Sun Feb  2 01:30:57 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev134.ge2f8277:
  + Make error strings translatable
  + Sync oslo's policy module

-------------------------------------------------------------------
Sat Feb  1 01:37:14 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev130.g14a159b:
  + Use self.opt_in_group overrides
  + remove access log middleware from the default paste pipeline
  + Refactor Auth plugin configuration options
  + Refactor mutable parameter handling
  + Refactor federation controller class hierarchy
  + Remove unnecessary test methods
  + Federation IdentityProvider filter fields on update response
  + deprecate access log middleware

-------------------------------------------------------------------
Fri Jan 31 08:14:28 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev115.g70b2f2a:
  + Make boolean query filter "False" argument work
  + deprecate stats middleware
  + Policy sample - Identity v3 resources management
  + Drop unsused "extras" dependency
  + Introduce database functionality into KDS
  + Add required properties field to rules schema
  + Add a docstring and rename mapping tests

-------------------------------------------------------------------
Thu Jan 30 17:10:12 UTC 2014 - speilicke@suse.com

- Set common name of example certs to FQDN to make then slightly more
  useful

-------------------------------------------------------------------
Thu Jan 30 01:38:01 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev101.g4fc6e97:
  + Fix list_projects_for_endpoint failed bug
  + Fix federation documentation reference
  + Fix docstrings in federation controller.
  + Remove autoincrement from String column.
  + Don't set default for a nullable column

-------------------------------------------------------------------
Wed Jan 29 15:51:59 UTC 2014 - dmueller@suse.com

- move cronjob to hourly 

-------------------------------------------------------------------
Mon Jan 27 12:53:25 UTC 2014 - dmueller@suse.com

- fix dependency 

-------------------------------------------------------------------
Mon Jan 27 10:15:45 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev91.g51602dc:
  + correct the document links in man documents
  + Fix test_auth isolation

-------------------------------------------------------------------
Mon Jan 27 01:25:11 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev87.g28f43f8:
  + Use six.text_type to replace unicode
  + Remove sql.Base.get_session
  + Move sql.Base.transaction
  + Don't mask the filter built-in
  + description is wrong in endpoint filter rst doc
  + append extension name to trust notifications
  + Adds support for username to match the v2 spec
  + build auth context from middleware
  + Clean up docstrings in contrib.oauth1.core

-------------------------------------------------------------------
Sun Jan 26 00:59:23 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev70.g455219d:
  + Fix reading cache-time before configured
  + Don't configure on import
  + Fix typos in documents and comments
  + Cleanup eventlet setup
  + use assertEqual instead of assertIs for string comparison
  + Use six to make dict work in Python 2 and Python 3
  + Implement filter support in driver backends
  + renamed extensions development doc
  + Allow event callback registration for arbitrary resource types
  + Unify StringIO usage with six.StringIO

-------------------------------------------------------------------
Sat Jan 25 01:16:52 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev50.gdaa44b8:
  + Sync several modules from oslo-incubator
  + Sync with global requirements
  + remove unused LOG
  + Use six.string_types instead of basestring
  + derive custom exceptions directly from Exception
  + Don't duplicate the existing config file list
  + initialize environment for tests that call popen
  + Remove unused variables from common.config

-------------------------------------------------------------------
Fri Jan 24 13:34:19 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev34.g627141f:
  + Document running with pdb
  + Fix sample config external default doc
  + Subclasses of TestCase don't need to reset conf
  + Cleanup test_no_admin_token_auth cleanup code
  + Refactor context trust_id check to wsgi.Application base class
  + Store trust_id for v3/credentials ec2 keypairs
  + Store ec2 credentials blob as json
  + v3 credentials, ensure blob response is json
  + Enable lazy translation
  + Move KDS paths file
  + Update comments in test_v3_protection.py
  + Identity Providers CRUD operations
  + Add mapping function to keystone
  + Switch from 400 to 403 on ImmutableAttributeError
  + Simple Certificate Extension
  + Fixup incorrect comment
  + Remove kwargs from trust_api.create_trust
  + Implement notifications for trusts
  + Merge db.sqlalchemy from oslo-incubator af5f710
  + Sync oslo strutils.py
  + Enhance tests for non-default default_domain_id
  + Remove unused member from KVS assignment
  + KVS support domain as namespace for users
  + Enhance auth tests for non-default default_domain_id
  + Fix using non-default default_domain_id

--------------------------------------------------------------------
Thu Jan 23 18:00:28 UTC 2014 - dmueller@suse.com

- install cron job to flush expired tokens, otherwise keystone
  slows down after a while

------------------------------------------------------------------
Wed Jan 22 00:50:17 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev190.gb7b8134:
  + Removes deprecation warning from run_tests.sh
  + Removes option to delete test DB from run_tests.sh
  + Adds run_tests.sh cli option to stop on failure
  + LDAP Assignment does not support grant v3 API
  + Remove unused variables

-------------------------------------------------------------------
Tue Jan 21 08:44:31 UTC 2014 - dmueller@suse.com

- fix requires 

-------------------------------------------------------------------
Mon Jan 20 10:32:41 UTC 2014 - speilicke@suse.com

- Sync requirements:
  + Replace oauth2 with oauthlib
  + Use discover only on SLE

-------------------------------------------------------------------
Sun Jan 19 00:38:39 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev180.g5b1fa19:
  + Reduces memory utilization during test runs
  + Do not append to messages with +
  + Sync gettextutils from oslo-incubator 997ab277
  + Replacing python-oauth2 by oauthlib
  + Implementation of internal notification callbacks within Keystone
  + Restructure developing.rst

-------------------------------------------------------------------
Sat Jan 18 01:11:41 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev168.g012618c:
  + Implements regions resource in 3.2 Catalog API

-------------------------------------------------------------------
Fri Jan 17 01:40:17 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev166.ge54a6a3:
  + Documentation cleanup
  + reduce default token duration to one hour

-------------------------------------------------------------------
Thu Jan 16 11:42:49 UTC 2014 - dmueller@suse.com

- fix requires 

-------------------------------------------------------------------
Tue Jan 14 01:11:35 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev162.g9837137:
  + Flush tokens in batches with DB2
  + Convert Token KVS backend to new KeyValueStore Impl

-------------------------------------------------------------------
Mon Jan 13 00:58:51 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev159.g5a1a371:
  + Remove unnecessary line in test_auth
  + Make common log import consistent
  + Cleanup test_associate_project_endpoint_extension
  + Synchronized with oslo db and db.sqlalchemy
  + Sync oslo-incubator rpc	module
  + Don't need session.flush in context managed by session

-------------------------------------------------------------------
Sun Jan 12 01:09:35 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev147.g4759276:
  + races cause 404 when removing user from project
  + Remove unused test function
  + Remove netifaces requirement
  + Change ListOpt default value from str or None to list
  + Tests use cleanUp rather than tearDown
  + Resolve oauth dependency after paste pipeline is loaded
  + Fix external auth (REMOTE_USER) plugin support

-------------------------------------------------------------------
Sat Jan 11 01:27:04 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev133.g89a99de:
  + Clean up fakeldap logging
  + Remove noop code

-------------------------------------------------------------------
Fri Jan 10 14:35:38 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev129.g53d5f77:
  + Remove unused code in contrib/ec2/controllers.py
  + Remove unused imports
  + Fix typo in test
  + Introduce basic Pecan/WSME framework for KDS
  + Cleanup from business logic refactor

-------------------------------------------------------------------
Thu Jan  9 08:23:53 UTC 2014 - speilicke@suse.com

- Move to DB-based endpoint catalog. Avoids running out of sync with
  upstream changes in the default_catalog.template.sample file and
  allows to manipulate via 'keystone' CLI tool.

-------------------------------------------------------------------
Thu Jan  9 01:42:55 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev119.gd7eb925:
  + initialize eventlet for tests
  + Enhance list_group_users in GroupApi.
  + Cleanup of new credential_api delete methods
  + Do not update password when updating grants in Assignment KVS
  + Move deletion business logic out of controllers
  + Break dependency of base V3Controller on V2Controller
  + Remove 'disable user' logic from _delete_domain_contents

-------------------------------------------------------------------
Wed Jan  8 00:49:52 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev105.gf33ec9e:
  + Updated Keystone development install instructions for Ubuntu
  + Remove unused token.valid index

-------------------------------------------------------------------
Tue Jan  7 11:07:50 UTC 2014 - dmueller@suse.com

- fix requires 

-------------------------------------------------------------------
Tue Jan  7 01:08:21 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev101.g11bb081:
  + Fixes the v2 GET /extensions curl example in the documentation.

-------------------------------------------------------------------
Sat Jan  4 01:30:12 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev99.g8d1072f:
  + Fix IPv6 check

-------------------------------------------------------------------
Thu Jan  2 18:21:25 UTC 2014 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev97.gce5fcb1:
  + Imported Translations from Transifex
  + Fix variable passed to driver module
  + Fix use the fact that empty sequences are false.
  + Reduced parameters not used in _populate_user()

-------------------------------------------------------------------
Tue Dec 24 01:03:20 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev90.ga22520b:
  + Moves keystoneclient master tests in a new class
  + Stops file descriptor leaking in tests
  + Updated from global requirements

-------------------------------------------------------------------
Mon Dec 23 15:34:14 UTC 2013 - dmueller@suse.com

- remove  sqlalchemy-08x.diff: we switched back to sqlalchemy 0.7.x 

-------------------------------------------------------------------
Sat Dec 21 01:01:06 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev84.gde73544:
  + Remove Identity and Assignment controller interdependancies
  + Move Assignment Controllers and Routers to be First Class
  + Re-write comment for ADMIN_TOKEN
  + Makes the test git checkout info more declaritive

-------------------------------------------------------------------
Fri Dec 20 00:44:48 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev76.g5fe6602:
  + replace "global" roles var names with "all" roles
  + Use oslo.db sessions
  + Switch to oslo-incubator mask_password
  + Replace xrange in for loop with range
  + Move endpoint_filter extension documentation

-------------------------------------------------------------------
Thu Dec 19 00:55:18 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev66.g0d83e3a:
  + Cleanup duplication in test_backend
  + Remove roles from OS-TRUST list responses

-------------------------------------------------------------------
Wed Dec 18 00:58:49 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev62.g1a96f96:
  + Uses oslo's deprecated decorator; removes ours
  + Policy based domain isolation can't be defined.
  + trustee unable to perform role based operations on trust

-------------------------------------------------------------------
Mon Dec 16 00:52:05 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev56.g576f5d9:
  + Refactor setup_logging
  + Cleanup backend loading
  + Fix typo in identity:list_role_assignments policy

-------------------------------------------------------------------
Sun Dec 15 01:33:26 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev50.g61a2ad3:
  + Fixes documentation building
  + Create user returns 400 without a password
  + Remove deprecated code

-------------------------------------------------------------------
Sat Dec 14 00:40:31 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev44.gf6aa723:
  + Fix issues handling trust tokens via ec2tokens API (bnc#855338, CVE-2013-6391)
  + UUID vs PKI docs
  + Base Implementation of KVS Dogpile Refactor
  + Add ABCMeta metaclass to token provider
  + Add assertSetEqual to base test class

-------------------------------------------------------------------
Fri Dec 13 01:01:42 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev34.g35242b0:
  + Sync db.sqlalchemy from oslo-incubator

-------------------------------------------------------------------
Thu Dec 12 01:26:10 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev32.g52cb8fe:
  + Fix errors for create_endpoint api in version2
  + Debug env for tox

-------------------------------------------------------------------
Wed Dec 11 01:33:20 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev29.g6c7f00d:
  + Sync versionutils from oslo
  + token provider cleanup
  + Sync global requirements to pin sphinx to sphinx>=1.1.2,<1.2

-------------------------------------------------------------------
Tue Dec 10 01:07:53 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev25.g926755a:
  + refactor test_catalog
  + Formalize deprecation of token_api.list_tokens

-------------------------------------------------------------------
Mon Dec  9 00:52:40 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev21.gc354a38:
  + Narrow columns used in list_revoked_tokens sql

-------------------------------------------------------------------
Sun Dec  8 00:39:15 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev19.g45b8f13:
  + Add index to cover revoked token list
  + Allow caching to be disabled and tests still pass
  + Sync rpc fix from oslo-incubator

-------------------------------------------------------------------
Fri Dec  6 10:58:38 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev13.g5acd26b:
  + Add pycrypto as a test-requirement
  + Revert "Return a descriptive error message for controllers"
  + Adds a resource for changing a user's password
  + Deprecates V2 controllers
  + don't rebind stdlib's os.chdir function
  + Dependency cleanup
  + Updated from global requirements
  + Enhance tests for assignment create_grant when no user or group
  + Fix KVS create_grant to not raise NotFound if no user/group
  + Utilites for manipulating base64 & PEM
  + Updates .gitignore
  + One transaction per call to sql assignment backend
  + Fix typo in keystone
  + Try decoding string to UTF-8 on error message fail
  + Sync From OSLO
  + Refactor assertEqualXML into a testtools matcher
  + Added documentation to keystone.common.dependency.
  + Ensure the sample policy file won't diverge
  + Don't run non-tests
  + Easy testing with alternate keystoneclient

-------------------------------------------------------------------
Sun Dec  1 00:54:50 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev199.gf72f369:
  + Return a descriptive error message for controllers

-------------------------------------------------------------------
Sat Nov 30 01:05:55 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev197.g789cade:
  + Imported Translations from Transifex

-------------------------------------------------------------------
Fri Nov 29 10:45:13 UTC 2013 - dmueller@suse.com

- fix test package requires 

-------------------------------------------------------------------
Fri Nov 29 00:35:01 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev195.g7172737:
  + PasteConfigNotFound also raised when keystone.conf not found
  + Sync the DB2 communication error code change from olso
  + Style improvements to logging format strings
  + RST fix for os_inherit example
  + Make HACKING.rst DRYer
  + Allow downgrade for extensions

-------------------------------------------------------------------
Thu Nov 28 00:59:29 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev183.gdbdb94c:
  + Import strutils from oslo
  + Skip test_create_update_delete_unicode_project in _ldap_livetest
  + Add documentation for Read Only LDAP configuration option.
  + Remove deprecated auth_token middleware
  + Sync log_handler module from Oslo
  + Skip test_arbitrary_attributes_* in _ldap_livetest

-------------------------------------------------------------------
Wed Nov 27 14:36:07 UTC 2013 - dmueller@suse.com

- add sqlalchemy-08x.diff 

-------------------------------------------------------------------
Wed Nov 27 01:29:08 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev171.g886befa:
  + Capture debug logging in tests

-------------------------------------------------------------------
Mon Nov 25 11:03:38 UTC 2013 - dmueller@suse.com

- fix requires 

-------------------------------------------------------------------
Sat Nov 23 01:14:28 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev170.g607b850:
  + Update mailmap for Joe Gordon
  + Add WWW-Authenticate header in 401 responses.
  + Detangle v3 RestfulTestCase setup
  + Fix issue deleting ec2-credentials as non-admin user
  + fix unparseable JSON
  + Remove obsolete redhat-eventlet.patch
  + Add memcache options to sample config
  + Rewrites the serveapp method into a fixture
  + Proxy Assignment from Identity Deprecated
  + Return an error when a non-existing tenant is added to a user
  + Allow use of rules Policy driver
  + Role NoneType object has no attribute setdefault

-------------------------------------------------------------------
Sat Nov 16 01:01:17 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev146.g2ab2c62:
  + Sync log module from oslo

-------------------------------------------------------------------
Fri Nov 15 18:07:52 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev144.ge5416c4:
  + Updated from global requirements
  + Issue unscoped token if user's default project is invalid
  + Do not name variables as builtins
  + Duplicate delete the user_project_metadata.
  + AuthInfo use dependency injection
  + UserAuthInfo use dependency injection

-------------------------------------------------------------------
Thu Nov 14 11:55:01 UTC 2013 - speilicke@suse.com

- Update to version 2014.1.dev132.g9307dee:
  + Moves common RestfulTestCase to it's own module.
  + Change deprecated CLI arguments
  + Change sample policy files to use policy language
  + test attribute update edge cases
  + use different bind addresses for admin and public
  + Fix newly discovered H302
  + Add WSGI environment to context
  + Removes unused paste appserver instances from tests
  + trusts raise validation error if expires_at is invalid
- Explicitly require OpenStack's fork of sqlalchemy-migrate for the
  %post scriptlet

-------------------------------------------------------------------
Mon Nov  4 01:09:35 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev115.g6751c7d:
  + Clean up duplicate exceptions in docs for assignment.Driver

-------------------------------------------------------------------
Fri Nov  1 01:11:55 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev113.g8de9861:
  + Enhance tests for delete_grant no user/group
  + Allow delete user or group at same time as role
  + Adds fixture package from oslo
  + proxy removed from identity and changed to assignment
  + Uses fixtures for mox and stubs
  + Remove unused DEFAULT_DOMAIN variable
  + Update my mailmap
  + Remove duplicated code on test_v3_auth

-------------------------------------------------------------------
Thu Oct 31 01:29:40 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev97.geee9fd5:
  + Removes NoModule from the base testcase
  + Use abstract base class for token driver
  + Catch the socket exception and log it.
  + Use abstract base class for policy driver
  + Use abstract base class for oauth driver
  + Use abstract base class for endpoint_filter driver
  + Document tox instead of run_tests.sh
  + Documentation on how-to develop Keystone Extensions
  + Remove obsolete driver test module

-------------------------------------------------------------------
Wed Oct 30 15:34:40 UTC 2013 - rhafer@suse.com

- Add %{python_sitelib}/keystone/tests/tmp symlink to the -test
  subpackage allow the unittests to create/located their database

-------------------------------------------------------------------
Tue Oct 29 01:54:33 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.dev79.g402060a:
  + Remove unused config option auth_admin_prefix
  + remove 8888 port in sample_data.sh
  + Fixes tox coverage command

-------------------------------------------------------------------
Fri Oct 25 23:32:55 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a73.gf4a441c:
  + Adds tests for user extra attribute behavior

-------------------------------------------------------------------
Fri Oct 25 00:18:19 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a71.g11f589d:
  + Move fakeldap to tests
  + Treats OS-KSADM:password as password in v2 APIs
  + Adds decorator to deprecate functions and methods
  + Adds identity v2 tests to show extra behavior

-------------------------------------------------------------------
Thu Oct 24 10:04:02 UTC 2013 - dmueller@suse.com

- fix post requires on python-Routes 

-------------------------------------------------------------------
Wed Oct 23 16:14:53 UTC 2013 - iartarisi@suse.com

- Move default tests TMPDIR location to
  /var/lib/openstack-keystone-test/tmp

-------------------------------------------------------------------
Wed Oct 23 14:39:51 UTC 2013 - dmueller@suse.com

- switched to testr now, refresh requirements 

-------------------------------------------------------------------
Tue Oct 22 23:30:08 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a63.g4a100d4:
  + Enhance tests for deleting a role not assigned
  + Fix remove role assignment adds role using LDAP assignment
  + Add external.Base class to external plugins
  + Implementation of opt-out from catalog data during token validation.

-------------------------------------------------------------------
Sun Oct 20 00:09:47 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a57.g2df1b7c:
  + Move CA key from certs directory to private directory

-------------------------------------------------------------------
Fri Oct 18 08:10:43 UTC 2013 - speilicke@suse.com

- Update to version 2014.1.a55.ga0e26c1:
  + Fixes error messaging
  + Add notifications for groups and roles
  + Changes to testr as the test runner
- Drop 0001-Make-ROOTDIR-determination-more-robust.patch: Solved
  diffently upstream

-------------------------------------------------------------------
Thu Oct 17 18:53:17 UTC 2013 - dmueller@suse.com

- update requires 

-------------------------------------------------------------------
Thu Oct 17 15:45:13 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a49.g060ced4:
  + remove the nova dependency in the ec2_token middleware
  + Use abstract base class for auth handler

-------------------------------------------------------------------
Wed Oct 16 23:28:47 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a45.g7ee88a0:
  + Add python-six to requirements
  + add IRC channel & wiki link to README
  + Use abstract base class for catalog driver
  + Adds more uniformity to identity update_user calls
  + Fixes broken doc references

-------------------------------------------------------------------
Wed Oct 16 00:13:48 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a37.g20d6ffb:
  + Use abstract base class for assignment driver
  + Fix v2 token user ref with trust impersonation=True
  + Use abstract base class for credential driver

-------------------------------------------------------------------
Mon Oct 14 23:36:08 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a31.gb426fa5:
  + Handle unicode at the caching layer more elegantly
  + Use abstract base class for identity driver
  + Remove unused member
  + set user_update policy to admin_required
  + Use abstract base class for trust driver

-------------------------------------------------------------------
Mon Oct 14 12:24:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a22.g8ba9898:
  + Need to use _() to handle i18n string messages
  + Don't use default value in LimitingReader

-------------------------------------------------------------------
Wed Oct  9 00:52:43 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2014.1.a18.gdf0a963:
  + Sync db.sqlalchemy
  + Fix mysql checkout handler AttributeError
  + Handle DB2 disconnect

-------------------------------------------------------------------
Tue Oct  8 12:15:24 UTC 2013 - dmueller@suse.com

- run db_sync before starting keystone server 

-------------------------------------------------------------------
Wed Oct  2 19:09:27 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.rc1:
  + Update tox config
  + Add tests dir to the coverage omit list
  + Imports oslo policy to fix test issues

-------------------------------------------------------------------
Wed Oct  2 00:09:23 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a100.g1d91334:
  + Sync with global requirements
  + Enclose command args in with_venv.sh
  + Imported Translations from Transifex
  + Fixes errors logging in as a user with no password

-------------------------------------------------------------------
Tue Oct  1 00:19:02 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a92.gec4680a:
  + sync oslo policy
  + Validate token calls return 404 on invalid tokens
  + Eliminate type error on search_s
  + Fix live LDAP tests
  + Sync gettextutils from oslo

-------------------------------------------------------------------
Mon Sep 30 16:49:43 UTC 2013 - dmueller@suse.com

- add missing endpoints to catalog 

-------------------------------------------------------------------
Sun Sep 29 00:56:54 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a82.ge979323:
  + Fix error when create user with LDAP backend
  + Protect oauth controller calls and update policy.json

-------------------------------------------------------------------
Fri Sep 27 16:23:19 UTC 2013 - dmueller@suse.com

- switch to crudini 

-------------------------------------------------------------------
Thu Sep 26 10:00:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a79.g2f75699:
  + upgrade to oslo.config 1.2 final
  + Modify oauth1 tests to use generated keystone token in a call
  + Optional dependency injection
  + oauth using optional dependencies
  + only run flake8 once (bug 1223023)
  + Update man pages
  + Fix updating attributes with ldap backend
  + Test for backend case sensitivity
  + Update man page version

-------------------------------------------------------------------
Tue Sep 24 23:59:15 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a61.g3130076:
  + Check token_format for default token providers only.
  + Sync gettextutils from oslo
  + Ensure any relevant tokens are revoked when a role is deleted
  + Add user to project if project ID is changed

-------------------------------------------------------------------
Mon Sep 23 23:36:37 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a54.g66d7c2c:
  + Cleanup of tenantId, tenant_id, and default_project_id
  + Remove ldap identity domain attribute options

-------------------------------------------------------------------
Sat Sep 21 00:15:46 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a50.gbdac547:
  + Rewrite README.rst
  + Ensure v2 tokens are correctly invalidated when using BelongsTo
  + Monkey patch select in environment
  + check for domain existence before doing any ID work
  + Add extra test coverage for unscoped token invalidation

-------------------------------------------------------------------
Wed Sep 18 23:36:42 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a41.g5a5023b:
  + Include new notification options in sample config

-------------------------------------------------------------------
Wed Sep 18 10:16:32 UTC 2013 - dmueller@suse.com

- add 0001-Make-ROOTDIR-determination-more-robust.patch 

-------------------------------------------------------------------
Tue Sep 17 23:59:24 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a39.gd3460c3:
  + Rationalize list_user_projects and get_projects_for_user
  + Fix misused assertTrue in unit tests

-------------------------------------------------------------------
Tue Sep 17 00:05:45 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a36.g54b8ec5:
  + Ignore H803 from Hacking.
  + fix rst syntax in database schema migrations docs

-------------------------------------------------------------------
Sun Sep 15 00:05:37 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a32.gd7eff43:
  + Move gettextutils installation in tests to core

-------------------------------------------------------------------
Fri Sep 13 23:55:11 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a30.g3651879:
  + Test upgrade migration 16->17
  + gate on H304: no relative imports

-------------------------------------------------------------------
Thu Sep 12 23:35:16 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a26.g607b115:
  + test token revocation list API (bug 1202952)
  + Remove CA key password from cert setup
  + Cleanup tests imports so not relative
  + Fixes for user response with LDAP user_enabled_mask

-------------------------------------------------------------------
Wed Sep 11 23:58:00 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a18.g1b97529:
  + Reduce churn of cache on revocation_list
  + Imported Translations from Transifex

-------------------------------------------------------------------
Wed Sep 11 00:15:03 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a15.g33c8025:
  + Import core.* in keystone.tests
  + Tests use "from keystone import tests"

-------------------------------------------------------------------
Tue Sep 10 00:12:35 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a12.g8dc7ed2:
  + Close each LDAP connection after it is used,
  + domain-specific drivers experimental in havana
  + Fix incorrect test for list_users

-------------------------------------------------------------------
Mon Sep  9 12:22:00 UTC 2013 - dmueller@suse.com

- update openstack-keystone.init: Set HOME dir correctly
  for openssl random state preservation

-------------------------------------------------------------------
Sat Sep  7 07:46:43 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a7.gdac281a:
  + Changed header from LLC to Foundation based on trademark policies

-------------------------------------------------------------------
Fri Sep  6 00:02:39 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a490.g8d2f53c:
  + Move _generate_paste_config to tests.core
  + OAuth authorizing user should propose roles to delegate
  + Imported Translations from Transifex
  + Support timezone in memcached token backend
  + Changes template header for translation catalogs

-------------------------------------------------------------------
Thu Sep  5 15:07:05 UTC 2013 - speilicke@suse.com

- Fix RUNDIR in init-script

-------------------------------------------------------------------
Thu Sep  5 00:21:16 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a481.gd286187:
  + Modify default file/directory permissions
  + Utilities to create directores, set ownership & permissions
  + Update keystone-all man page
  + Add a oauth1-configuration.rst and extension section to docs
  + Update keystone wsgi httpd script for oslo logging
  + Fix the code miss to show the correct error messages

-------------------------------------------------------------------
Tue Sep  3 23:39:02 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a469.g36b5df5:
  + Cleanup cache layer tests
  + Implement basic caching around assignment CRUD
  + add 'project' notifications to docs

-------------------------------------------------------------------
Mon Sep  2 08:21:36 UTC 2013 - dmueller@suse.com

- Update to version 2013.2.a464.g372a062:
  + Fixes a link in the documentation
  + Create associations between projects and endpoints
  + Keystone Caching Layer for Manager Calls
  + Add defense in ldap:get_roles_for_user_and_project
  + filter in ldap list_groups_for_user
  + Implement API protection on target entities
  + Fix error where consumer is not deleted from sql
  + Implement Caching for Token Revocation List
  + Refactor Token Provider to be aware of expired tokens.
  + Add notifications module
  + Remove enumerate calls
  + Drop support for diablo to essex migrations
  + Use correct filename for index & serial file when setting permissions
  + Removes KVS references from the documentation
  + Implement decorator-based notifications for users
  + Add Memory Isolating Cache Proxy
  + Add project CRUD to assignment_api Manager
  + Enable SQL tests for oauth
  + Add 'cn' to attribute_list for enabled_users/tenants query
  + Fix role lookup for Active Directory
  + Bump hacking to 0.7
  + Remove kvs backend from oauth1 extension
  + Add common code from Oslo for work with database
  + Use common db model class from Oslo
  + Imported Translations from Transifex
  + Implement caching for Tokens and Token Validation
  + Document usage notifications
  + Use joins instead of multiple lookups in groups sql
  + Use testtools as base test class.

-------------------------------------------------------------------
Mon Aug 26 23:56:06 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a410.g7eed453:
  + Remove a useless arg in range()
  + Fix translate static messages in response
  + Use system locale when Accept-Language header is not provided

-------------------------------------------------------------------
Mon Aug 26 08:56:18 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a404.g15a3bde:
  + Clean up keystone-manage man page

-------------------------------------------------------------------
Sun Aug 25 23:59:23 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a402.g361185c:
  + remove flake8 option from run_tests.sh

-------------------------------------------------------------------
Sun Aug 25 00:00:44 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a401.gda26317:
  + Delete file TODO
  + change oauth.consumer description into nullable

-------------------------------------------------------------------
Sat Aug 24 00:06:10 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a397.g4dbda64:
  + Ensure username passed by REMOTE_USER can contain '@'
  + fix the default values for token and password auth
  + Migrating ec2 credentials to credential.
  + remove unused function
  + add foreign key constraint on oauth tables

-------------------------------------------------------------------
Fri Aug 23 00:01:08 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a388.gfebab09:
  + use provider to validate tokens

-------------------------------------------------------------------
Thu Aug 22 00:00:59 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a386.gb6f6b57:
  + Remove User Check from Assignments
  + Remove an enumerate call
  + Assignment to reserved built-in symbol: filter
  + Fix isEnabledFor for compatibility with logging

-------------------------------------------------------------------
Wed Aug 21 00:08:51 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a378.g7bc167d:
  + Refactor Token Providers for better version interfaces
  + Remove kwargs from manager calls / general cleanup
  + remove refs to keystone.common.logging
  + Store hash of access as primary key for ec2 type.
  + Add test test_deleting_project_delete_grants
  + Ignore flake issues in build/ directory
  + Move some logic from update() to BaseLdap
  + Move affirm_unique() in create() to BaseLdap
  + Assignment to reserved built-in symbol: dir
  + Remove Keystone specific logging module

-------------------------------------------------------------------
Mon Aug 19 09:37:28 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a358.g9c92d27:
  + Add support for API message localization

-------------------------------------------------------------------
Sat Aug 17 23:59:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a356.g14cba15:
  + Add delegated_auth support for keystone

-------------------------------------------------------------------
Fri Aug 16 23:58:17 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a354.g781c65b:
  + update usage in run_test.sh for flake8
  + Increase length of username in DB
  + Remove unused import
  + Set wsgi startup log level to INFO
  + Add unit test to check non-string password support
  + Cleaned up a few old crufties from README
  + Clean hacking errors in advance of hacking update
  + Implement domain specific Identity backends
  + More validation in test_user_enable_attribute_mask
  + Fix LDAP Identity with non-zero user_enabled_default
  + Fix LDAP Identity get user with user_enabled_mask

-------------------------------------------------------------------
Thu Aug 15 23:37:15 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a336.gb0b32d0:
  + Skip test_create_unicode_user_name in _ldap_livetest
  + Do not skip test_user_enable_attribute_mask in _ldap_livetest
  + Fix test_user_enable_attribute_mask so it actually tests
  + Revoke user tokens when disabling/delete a project
  + Refactor Keystone to use unified logging from Oslo
  + Cleaned up pluggable auth docs

-------------------------------------------------------------------
Wed Aug 14 07:46:47 UTC 2013 - speilicke@suse.com

- Update to version 2013.2.a327.g14e0901:
  + Drop extra credential indexes
  + Make pki_setup work with OpenSSL 0.9.x
  + Add memcache to httpd doc.
  + Move Babel dependency from test-req to req
  + Initial implementation of unified-logging
  + Sync notifier module from Oslo
  + Move 'tests' directory into 'keystone' package
- No need to require shadow-utils anymore, even SLE_11_SP3 has pwdutils
- Drop 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch: Merged upstream
- Fix spec file typo (dependency token)

-------------------------------------------------------------------
Tue Aug 13 07:57:51 UTC 2013 - berendt@b1-systems.de

- added missing requirement python-Babel
- added missing requirement python-netaddr

-------------------------------------------------------------------
Mon Aug 12 23:46:51 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a315.g708ccf0:
  + Sync models with migrations

-------------------------------------------------------------------
Mon Aug 12 09:18:18 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a313.g4829de4:
  + Configurable max password length (bug 1175906)
  + Sync unified logging solution from Oslo
  + Abstract out attribute_mapping filling in LDAP driver.
  + Create default role on demand
  + Abstract out attribute_ignore assigning in LDAP driver
  + Run test_mask_password once

-------------------------------------------------------------------
Thu Aug  8 23:42:15 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a303.ga4243e1:
  + Fix select n+1 issue in keystone catalog

-------------------------------------------------------------------
Thu Aug  8 20:07:59 UTC 2013 - dmueller@suse.com

- switch to python-setuptools 
- remove python-d2to1

-------------------------------------------------------------------
Wed Aug  7 23:59:53 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a301.gc547eb4:
  + extension migrations

-------------------------------------------------------------------
Wed Aug  7 00:07:48 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a299.gdb9535c:
  + Handle json data when migrating role metadata.
  + Raise max header size to accommodate large tokens.
  + remove swift dependency of s3 middleware

--------------------------------------------------------------------
Fri Aug  2 23:59:55 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a293.ged1f967:
  + Clear out the dependency registry between tests
  + Handle circular dependencies
  + Use dependency injection for assignment and identity
  + use 'exc_info=True' instead of import traceback
  + .gitignore eggs
  + add OS-TRUST to links
  + Sync DB models and migrations in keystone.assignment.backends.sql
  + Update references with new Mailing List location
  + V3 API need to check mandatory field when creating resources
  + Clean up use of token_provider manager in tests
  + Remove kwargs from manager calls where not needed.
  + Imported Translations from Transifex
  + Fix typo: Tenents -> Tenants
  + Use oslo.sphinx and remove local copy of doc theme

--------------------------------------------------------------------
Thu Aug  1 23:38:01 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a265.g0368950:
  + Use keystone.wsgi.Request for RequestClass
  + Remove passwords from LDAP queries

--------------------------------------------------------------------
Thu Aug  1 00:03:58 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a261.gf1ac78c:
  + Ec2 credentials table not created during testing
  + Load backends before deploy app in client tests

--------------------------------------------------------------------
Wed Jul 31 00:04:20 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a257.g5958691:
  + sql.Driver:authenticate() signatures should match

--------------------------------------------------------------------
Tue Jul 30 14:47:43 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a255.gc21b458:
  + default token format/provider handling

--------------------------------------------------------------------
Mon Jul 29 23:50:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a253.g10fde8e:
  + Clear cached engine when global engine changes
  + Implement exception module i18n support

--------------------------------------------------------------------
Fri Jul 26 23:52:02 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a249.g97a5b49:
  + Remove vestiges of Assignments from LDAP Identity Backend
  + Scipped tests don't render as ERROR's

--------------------------------------------------------------------
Thu Jul 25 00:03:10 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a246.g0a40152:
  + Fixing broken credential schema in sqlite.

--------------------------------------------------------------------
Tue Jul 23 23:55:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a245.gc6b7dd8:
  + Deprecate kvs token backend
  + Load app before loading legacy client in tests.
  + Use assignment_api rather than assignment

--------------------------------------------------------------------
Mon Jul 22 00:22:50 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a240.g7fde605:
  + Regenerate example PKI after change of defaults
  + Return correct link for effective group roles in GET /role_assignments
  + Deprecation warning for [signing] token_format
  + Add [assignment].driver to sample config
  + Remove an enumerate call
  + Correct Spelling Mistake

--------------------------------------------------------------------
Thu Jul 18 23:48:41 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a228.g53ed50d:
  + Support token_format for backward compatibility
  + python3: Introduce py33 to tox.ini

--------------------------------------------------------------------
Wed Jul 17 23:49:24 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a225.gc42533f:
  + grammar fixes in error messages
  + update requires to prevent version cap

--------------------------------------------------------------------
Wed Jul 17 10:13:43 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a221.g2667c77:
  + Change domain component value to org from com
  + wsgi.BaseApplication and wsgi.Router factories should use **kwargs
  + Python 3.x compatible use of print
  + Add unittest for keystone.identity.backends.sql Models
  + Don't use deprecated BaseException.message
  + Implements Pluggable V2 Token Provider
  + Implement role assignment inheritance (OS-INHERIT extension)
  + Pluggable Remote User
  + Fix XML rendering with empty auth payload.
  + Implemented token creation without catalog response.
  + Implement Token Binding.

-------------------------------------------------------------------
Mon Jul 15 23:34:54 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a202.gdec66cd:
  + Implements Pluggable V3 Token Provider

-------------------------------------------------------------------
Sun Jul 14 23:51:17 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a200.gdf63b9c:
  + Add version so that pre-release versioning works

-------------------------------------------------------------------
Sat Jul 13 23:52:58 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.198.g95a27a8:
  + Register Extensions
  + Sync-up crypto from oslo-incubator

-------------------------------------------------------------------
Fri Jul 12 23:53:00 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.194.g85a5022:
  + Add crypto dependency
  + Sync install_venv_common from oslo
  + Pass on arguments on Base.get_session
  + Imported Translations from Transifex
  + Mixed LDAP/SQL Backend.

-------------------------------------------------------------------
Thu Jul 11 23:55:05 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.184.g41ca51c:
  + Remove a useless arg in range()
  + Rationalize how we get roles after authentication in the controllers
  + Do not create LDAP Domains sub tree
  + Remove context from get_token call in normalize_domain_id
  + Use InnoDB for MySQL
  + Move temporary test files into tests/tmp

-------------------------------------------------------------------
Tue Jul  9 23:55:53 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.172.gfafdf07:
  + assignment backend

-------------------------------------------------------------------
Tue Jul  9 16:44:01 UTC 2013 - dmueller@suse.com

- add 0001-Make-pki_setup-work-with-OpenSSL-0.9.x.patch

-------------------------------------------------------------------
Tue Jul  9 10:08:09 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.171.gb556d8a:
  + Work without admin_token_auth middleware
  + Move comments in front of dependencies

-------------------------------------------------------------------
Mon Jul  8 23:56:23 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.167.g699b483:
  + Implement GET /role_assignment API call
  + DB2 migration support
  + Remove an enumerate call
  + Fix issue with v3 tokens and group membership roles
  + Imported Translations from Transifex
  + Add callbacks for set_global_engine

-------------------------------------------------------------------
Sat Jul  6 23:52:19 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.155.g6450f75:
  + Update paths to pem files in keystone.conf.sample

-------------------------------------------------------------------
Fri Jul  5 23:51:16 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.153.g5746f5b:
  + rename quantum to neutron in docs

-------------------------------------------------------------------
Thu Jul  4 08:12:47 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.151.gbb6ebd4:
  + Fix up some trivial license mismatches

-------------------------------------------------------------------
Wed Jul  3 23:57:13 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.149.g62d948a:
  + Use event.listen() instead of deprecated listeners kwarg

-------------------------------------------------------------------
Wed Jul  3 14:01:15 UTC 2013 - naehring@b1-systems.de

- adding keystone-paste.ini
  - the paste configuration has been moved to keystone-paste.ini 

-------------------------------------------------------------------
Wed Jul  3 08:48:01 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.147.g214df21:
  + Remove hard tabs and trailing whitespace
  + Install locales for httpd.

-------------------------------------------------------------------
Tue Jul  2 23:58:33 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.143.gda9dc14:
  + `tox -ecover` failure. Missing entry in tox.ini

-------------------------------------------------------------------
Mon Jul  1 23:44:39 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.141.g59ea706:
  + Add 'application' to keystone.py for WSGI

--------------------------------------------------------------------
Fri Jun 28 23:43:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.140.g6362fb7:
  + Stop passing context to managers (bug 1194938)
  + check for constraint before dropping
  + Clean up keystone-all.rst
  + Manager instead of direct driver

--------------------------------------------------------------------
Thu Jun 27 23:42:04 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.133.g6c6d15c:
  + Revert environment module usage in middleware.
  + Do not raise NEW exceptions

--------------------------------------------------------------------
Wed Jun 26 23:41:10 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.129.g600c38b:
  + LDAP list group users not fail if user entry deleted

--------------------------------------------------------------------
Tue Jun 25 23:41:03 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.128.g31863d1:
  + Remove explicit distribute depend.

--------------------------------------------------------------------
Mon Jun 24 23:40:52 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.126.g95cf470:
  + Version response compatible with Folsom

--------------------------------------------------------------------
Sun Jun 23 23:40:53 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.124.gf1cfbd7:
  + python WebOb dependency made unpinned.
  + Initialize logging from HTTPD.
  + wsgi.Middleware factory should use **kwargs
  + Consolidate admin_or_owner rule

--------------------------------------------------------------------
Sat Jun 22 23:40:47 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.116.g97225ff:
  + Fix link typo in Sphinx doc
  + Base.get_engine honor allow_global_engine=False

--------------------------------------------------------------------
Fri Jun 21 23:40:38 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.112.gb9e46fb:
  + Move identity ldap backend from directory to file

--------------------------------------------------------------------
Thu Jun 20 23:40:44 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.111.g7ccfac7:
  + Removing LDAP API Shim

--------------------------------------------------------------------
Thu Jun 20 00:02:42 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.110.g7cd0bb0:
  + Isolate eventlet code into environment.
  + Set default 'ou' name for LDAP projects to Projects

--------------------------------------------------------------------
Tue Jun 18 23:42:35 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.106.ge0834da:
  + LDAP get_project_users should not return password
  + Remove how to contribute section in favor of CONTRIBUTING.rst
  + Imported Translations from Transifex
  + Http 400 when project enabled is not a boolean
  + Remove a stat warning log
  + Correct the resolving api logic in stat middleware
  + Move user fileds type check to identity.Manager
  + Adds tests for XML version response
  + Imported Translations from Transifex

--------------------------------------------------------------------
Sun Jun 16 00:00:18 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.88.g3c687d1:
  + Using sql as default driver for tokens
  + Imported Translations from Transifex
  + Correct the default name attribute for role

--------------------------------------------------------------------
Sat Jun 15 00:02:46 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.82.g543714b:
  + drop user and group constraints
  + Allow request headers access in app context.
  + Fix token purging for memcache for user token index.
  + Add checks to test if enabled is bool

--------------------------------------------------------------------
Thu Jun 13 23:59:36 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.74.gc963383:
  + Force simple Bind for authentication
  + Correct LDAP configuration doc

-------------------------------------------------------------------
Thu Jun 13 15:58:02 UTC 2013 - dmueller@suse.com

- fix typo in post-install script 

--------------------------------------------------------------------
Wed Jun 12 09:33:49 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.72.g6111bc9:
  + Move coverage output dir for Jenkins.
  + Replace openstack-common with oslo in docs

--------------------------------------------------------------------
Tue Jun 11 09:33:09 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.68.g5df7424:
  + Fix internal doc links (bug 1176211)
  + Remove bufferedhttp
  + add ca_key to sample configuration
  + Commit transaction in migration

--------------------------------------------------------------------
Mon Jun 10 13:45:12 UTC 2013 - bmwiedemann@opensuse.org

- BuildRequire python-sqlalchemy + migrate for post-build-checks
- Update to version 2013.2.b1.60.gb1d4de7:
  + Add db_version command to keystone-manage
  + run_tests.sh should use flake8 (bug 1180609)
  + Require keystone-user/-group for pki_setup
  + Import eventlet patch from oslo.
  + Check schema when dropping constraints.
  + Missing contraction: Its -> It's (bug 1176213)
  + Raise key length defaults
  + fix error default policy for create_project
  + Ignore the .update-venv directory.

-------------------------------------------------------------------
Mon Jun 10 13:06:46 UTC 2013 - dmueller@suse.com

- remove hybrid keystone backend 

--------------------------------------------------------------------
Thu Jun  6 00:26:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.42.ge6d551d:
  + Ignore conflict on v2 auto role assignment (bug 1161963)
  + split authenticate call
  + remove_role_from_user_and_project affecting all users (bug 1170649)

--------------------------------------------------------------------
Wed Jun  5 00:20:14 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.36.g0c9538d:
  + Maintain tokens after role assignments (bug 1170186)
  + typo in 'import pydev' statement

--------------------------------------------------------------------
Fri May 31 23:38:54 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.33.gcd34971:
  + Convert openstack-common.conf to the nicer multiline format.
  +    Rename requires files to standard names.
  + Test 403 error title
  + Disable eventlet monkey-patching of DNS
  + Revert "Set EVENTLET_NO_GREENDNS=yes in tox.ini."
  + Document size limits
  + Fixes a typo
  + Add index on valid column of the SQL token Backend
  + Add missing oslo module.
  + Fix incorrect role assignment in migration.
  + Live SQL migration tests

-------------------------------------------------------------------
Fri May 31 09:14:26 UTC 2013 - dmueller@suse.com

- avoid warning in post script

--------------------------------------------------------------------
Thu May 30 23:39:05 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.b1.11.gfa2f963:
  + Move auth_token middleware from admin user to an RBAC policy
  + Improve the performance of tokens deletion for user
  + Add <version> arg to keystone-manage db_sync
  + Imported Translations from Transifex

--------------------------------------------------------------------
Wed May 29 23:38:58 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.1.rc2.161.gd67e31b:
  + Add KEYSTONE_LOCALEDIR env variable
  + Add missing space to error msg
  + Fix the debug statement.

-------------------------------------------------------------------
Wed May 29 11:18:45 UTC 2013 - dmueller@suse.com

- remove setBadness call from rpmlintrc

--------------------------------------------------------------------
Tue May 28 23:38:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.1.rc2.157.g2879d42:
  + Replace assertDictContainsSubset with stdlib ver
  + separate paste-deploy configuration from parameters
  + Add index on expires column of the SQL token Backend

--------------------------------------------------------------------
Mon May 27 10:03:12 UTC 2013 - speilicke@suse.com

- Update to version 2013.1.rc2.153.gaf4e969:
  + Implement Token Flush via keystone-manage.
  + Documentation about the initial configuration file and sample data.
  + Imported Translations from Transifex
  + Read-only default domain for LDAP (bug 1168726)
  + Add assertNotEmpty to tests and use it.
  + Fix 403 status response
  + Use webtest for v2 and v3 API testing.
  + Consolidate eventlet code
  + Imported Translations from Transifex
  + Satisfy flake8 import rules F401 and F403
  + Migrate to pbr.
  + Remove unused variables (flake8 F841)
  + Enumerate ignored flake8 H* rules
  + Use TODO(NAME) (flake8 H101)
  + use the 'not in' operator (flake8 H902)
  + consistent i18n placeholders (flake8 H701, H702, H703)
  + eliminate 'except:' (flake8 H201)
  + one import per line (flake8 H301)
  + Remove unnecessary commented out code
  + import only modules (flake8 H302)
  + imports not in alphabetical order (flake8 H306)
  + Remove useless private method
  + Cleanup docstrings (flake8 H401, H402, H403, H404)
- More build requirements for for %post section keystone-manage invocation:
  + python-WebOb
  + python-passlib
  + python-routes

-------------------------------------------------------------------
Mon May 27 08:50:37 UTC 2013 - dmueller@suse.com

- python-pbr/d2to1 requires 

-------------------------------------------------------------------
Tue May 21 13:54:20 UTC 2013 - iartarisi@suse.com

- add missing requirement python-sqlalchemy-migrate 

--------------------------------------------------------------------
Mon May 20 23:58:12 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a118.g8d2b8e6:
  + get SQL refs from session (bp sql-query-get)

-------------------------------------------------------------------
Sat May 18 13:05:42 UTC 2013 - dmueller@suse.com

- update requires based on pip-requires 

--------------------------------------------------------------------
Sat May 18 00:00:13 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a117.g7b99bd6:
  + Test listing of tokens with a null tenant
  + Http 400 when user enabled is not a boolean
  + extracting credentials
  + Accept env variables to override default passwords

--------------------------------------------------------------------
Wed May 15 23:35:41 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a109.g2e15fe4:
  + Fix pyflakes and pep8 in prep for flake8.
  + Migrate to flake8.

--------------------------------------------------------------------
Wed May 15 08:54:30 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a105.gcb0ddab:
  + Enable unicode error message

--------------------------------------------------------------------
Fri May 10 23:38:30 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a103.gefc30be:
  + Disable eventlet monkey-patching of DNS
  + Set EVENTLET_NO_GREENDNS=yes in tox.ini.
  + Revert "Disable eventlet monkey-patching of DNS"
  + Allow backend & client SQL tests on mysql and pg.

--------------------------------------------------------------------
Thu May  9 23:38:24 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a99.g693a486:
  + Remove unused CONF.pam.url
  + Replace password to "***" in the debug message
  + Revoke tokens on user delete (bug 1166670)
  + A minor refactor in wsgi.py

--------------------------------------------------------------------
Tue May  7 23:38:10 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a92.g96a816f:
  + LDAP list groups with missing member entry

--------------------------------------------------------------------
Tue May  7 16:18:10 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a90.gb55620d:
  + Skip IPv6 tests for eventlet dns

--------------------------------------------------------------------
Wed May  1 23:37:48 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a89.g22d96b2:
  + HACKING LDAP

--------------------------------------------------------------------
Sat Apr 27 00:01:59 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a87.ga78bc2e:
  + Allow additional attribute mappings in ldap

--------------------------------------------------------------------
Thu Apr 25 23:54:41 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a85.gd9dd876:
  + Mark LDAP password and admin_token secret

-------------------------------------------------------------------
Thu Apr 25 14:24:35 UTC 2013 - dmueller@suse.com

- require python-python-memcached 1.31 

--------------------------------------------------------------------
Wed Apr 24 23:54:56 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a83.g7617fef:
  + Remove new constraint from migration downgrade.
  + Make migration tests postgres & mysql friendly.
  + Delete extra dict in token controller.

--------------------------------------------------------------------
Tue Apr 23 21:58:35 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a77.geefc8e0:
  + Set empty element to ""
  + close db migration session
  + fix undefined variable
  + fix duplicate option error
  + Add rule for list_groups_for_user in policy.json
  + clean up invalid variable reference

--------------------------------------------------------------------
Mon Apr 22 23:59:52 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a65.g92e40ce:
  + test duplicate name
  + don't migrate as often

--------------------------------------------------------------------
Sun Apr 21 23:27:01 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a61.g166a03c:
  + Rename trust extension (bug 1158980)
  + use the roles in the token when recreating
  + keystone commands don't print any version information
  + keystone commands don't print any version information
  + Fix test coverage for v2 scoped auth xml response (bug 1160504)
  + Fix test coverage for v2 scoped auth xml response (bug 1160504)
  + Mark sql connection with secret flag
  + Share one engine for more than just sqlite in-memory
  + Sync with oslo-incubator.
  + Fix IBM copyright strings
  + Fix example in documentation.
  + stop using time.sleep in tests
  + use the openstack test runner
  + Fix 401 status response
  + Add TLS Support for LDAP
  + catch errors in wsgi.Middleware.
  + Fix for configuring non-default auth plugins properly
  + Generate HTTPS certificates with ssl_setup.
  + Use string for port in default endpoints (bug 1160573)
  + residual grants after delete action (bug1125637)
  + Use is_enabled() in folsom->grizzly upgrade (bug 1167421)
  + Add missing colon for documentation build steps.
  + Remove un-needed LimitingReader read() function.
  + Clean up duplicate methods
  + Fix token ids for memcached
  + Fixed unicode username user creation error
  + Fixed logging usage instead of LOG
  + Removed unused imports
  + Remove non-production middleware from sample pipelines
  + What is this for?
  + bug 1159888 broken links in rst doc
  + Sync with oslo-incubator copy of setup.py

--------------------------------------------------------------------
Mon Mar 25 13:52:34 UTC 2013 - opensuse-cloud@opensuse.org

- Update to version 2013.2.a338.gbceee56:
  + Fix XML handling of member links (bug 1156594)
  + Test default_project_id scoping (bug 1023502)
  + Ensure delete domain removes all owned entities
  + Utilize legacy_endpoint_id column (bug 1154918)
  + Pass project membership as dict in migration 015.
  + V2, V3 token intermix for unscoped tokens (bug 1156913)
  + Revise docs to use keystoneclient.middleware.auth_token
  + Fix live ldap tests
  + Support for LDAP groups (bug #1092187)
  + Correct spacing in warning msg
  + Validate domains unconditionally (bug 1130236)
  + Prohibit V3 V2 token intermix for resource in non-default domain (bug 1157430)
  + Properly handle emulated ldap enablement
  + Wrap config module and require manual setup (bug 1143998)
  + Enable emulation for domains
  + Allow trusts to be optional
  + Version bump to 2013.2
  + Add a dereference option for ldap
  + Move trusts to extension
  + Make versions aware of enabled pipelines.
  + Imported Translations from Transifex
  + Rework S3Token middleware tests.
  + Rename trust extension.

-------------------------------------------------------------------
Mon Mar 18 10:41:29 UTC 2013 - speilicke@suse.com

- Drop +git.$TIMESTAMP.$COMMITHASH version suffix 

--------------------------------------------------------------------
Sun Mar 17 11:28:35 UTC 2013 - dmueller@suse.com

- Update to version 2013.1.a301.g16b4643+git.1363519715.16b4643:
  + Explain LDAP page_size & default value
  + Catch and log server exceptions
  + Filter out legacy_endpoint_id (bug 1152635)
  + Ensure tokens are revoked for relevant v3 api calls
  + Switch to final 1.1.0 oslo.config release
  + Added test cases to improve LDAP project testing
  + Migrate roles from metadata to user_project_metadata
  + duplicated trust tests
  + quiet route logging on skipped tests
  + Remove TODO that didn't land in grizzly
  + No parent exception to wrap
  + Remove duplicate password/token opts.
  + Fixes bug 1151747: broken XML translation for resource collections
  + xml_body returns backtrace on XMLSyntaxError
  + extracting user and trust ids into normalized fields
  + Discard null endpoints (bug 1152632)
- remove keystone-cs24277.diff:
  * merged upstream

-------------------------------------------------------------------
Wed Mar 13 10:17:48 UTC 2013 - dmueller@suse.com

- add keystone-cs24277.diff:
  * make keystone start again 

--------------------------------------------------------------------
Wed Mar 13 00:17:24 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1.a271.g45228ca+git.1363133844.45228ca:
  + cleanup trusts in controllers
  + remove spurious roles check
  + add belongs_to check
  + Improve tests for api protection and filtering

-------------------------------------------------------------------
Tue Mar 12 10:44:59 UTC 2013 - dmueller@suse.com

- require python-oslo.config 

--------------------------------------------------------------------
Tue Mar 12 00:10:56 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1.a263.g09e2fc7+git.1363047056.09e2fc7:
  + Make getting user-domain roles backend independant
  + Make Keystone return v3 as part of the version api
  + bug 1133526
  + Run keystone server in debug mode.
  + Fix folsom -> grizzly role table migration issues (bug 1119789)
  + Revert "from tests import"
  + Revert "update tests/__init__.py to verify openssl version"

--------------------------------------------------------------------
Mon Mar 11 09:59:43 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1.a251.g59757f6+git.1362995983.59757f6:
  + Unpin pam dependency version
  + Sync timeutils with oslo
  + Remove obsolete *page[_marker] methods from LDAP backend.
  + bug 1134802: fix inconsistent format for expires_at and issued_at
  + Trusts
  + Expand v3 trust test coverage
  + keystone : Use Ec2Signer utility class from keystoneclient
  + remove unused import
  + Move auth plugins to 'keystone.auth.plugins' (bug 1136967)
  + ports should be ints in config (bug 1137696)
  + mark 2.0 API as stable
  + Straighten out NotFound raising in LDAP backend.
  + fix typo in kvs backend
  + Move get_by_name to LdapBase.
  + Remove unused methods from LDAP backed.
  + return 201 Created on POST request (bug1131119)
  + Delete tokens for user
  + unable to load certificate should abort request
  + add missing attributes for group/project tables (bug1126021)
  + v3 endpoints won't have legacy ID's (bug 1150930)
  + Change exception raised to Forbidden on trust_id
  + from tests import

-------------------------------------------------------------------
Fri Mar  8 11:01:34 UTC 2013 - vuntz@suse.com

- Fix ownership of /var/log/keystone/keystone.log after call to
  "keystone-manage pki_setup" in %post: if the package is installed
  for the first time, the log file is owned by root, which breaks
  keystone (since it can't write to the log file).

-------------------------------------------------------------------
Thu Mar  7 16:10:27 UTC 2013 - bwiedemann@suse.com

- fix logging.conf to be about keystone and have absolute path

--------------------------------------------------------------------
Tue Mar  5 17:22:34 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1.a210.g2515d1b+git.1362504154.2515d1b:
  + Ensure keystone unittests do not leave CONF.policyfile in bad state
  + Move handle_conflicts decorator into sql
  + flatten payload for policy
  + Convert api to controller
  + bug 1131840: fix auth and token data for XML translation
  + domain_id_attributes in config.py have wrong default value
  + command line switch for short pep8 output.
  + Setup logging in keystone-manage command.
  + Imported Translations from Transifex
  + Enable a parameters on ldap to allow paged_search of ldap queries This fixes bug 1083463
  + update tests/__init__.py to verify openssl version

-------------------------------------------------------------------
Mon Mar  4 13:38:13 UTC 2013 - iartarisi@suse.com

- Move python-ldap requirement to python-keystone subpackage

-------------------------------------------------------------------
Thu Feb 28 14:07:54 UTC 2013 - dmueller@suse.com

- Fix last change 

-------------------------------------------------------------------
Mon Feb 25 13:27:40 UTC 2013 - saschpe@suse.de

- Ghost /var/run/keystone

-------------------------------------------------------------------
Mon Feb 25 10:07:11 UTC 2013 - saschpe@suse.de

- Drop sysconfig from init scripts

--------------------------------------------------------------------
Sun Feb 24 18:52:11 UTC 2013 - dmueller@suse.com

- Update to version 2013.1.a191.g30dbb74+git.1361731931.30dbb74:
  + Remove test_auth_token_middleware
  + Silence routes internal debug logging
  + Workaround Migration issue with PostgreSQL
  + Add pysqlite as explicit test dep
  + project membership to role conversion
  + Remove usage of UserRoleAssociation.id in LDAP
  + Add an update option to run_tests.sh
  + make fakeldap._match_query work for an arbitrary number of groups
  + Update sample_data.sh to match docs
  + Use oslo-config-2013.1b3
  + Remove old, outdated keystone devref docs
  + Implement name space for domains
  + Update the Keystone policy engine to the latest openstack common
  + Ensure user and tenant enabled in EC2
  + merging in fix from oslo upstream
  + Disable XML entity parsing
  + make LDAP query scope configurable
  + enabled attribute emulation support
  + v3 token API
  + Pass query filter attributes to policy engine
  + Removed redundant assertion
  + Update oslo-config version.
  + domain-scoping
  + Fix id_to_dn for creating objects
  + Tests for domain-scoped tokens
  + Change the default LDAP mapping for description.
  + Correct SQL migration 017 column name

-------------------------------------------------------------------
Fri Feb 22 10:25:20 UTC 2013 - saschpe@suse.de

- Require openstack-suse-macros instead of openstack-common-macros

-------------------------------------------------------------------
Thu Feb 21 17:08:52 UTC 2013 - iartarisi@suse.com

- added oslo-config requirement

-------------------------------------------------------------------
Mon Feb 18 11:18:18 UTC 2013 - saschpe@suse.de

- Init script cleanup:
  + Drop useless shell variables
  + Don't depend on $network facility, we already have $remote_fs
    (comes after $network)
  + Source /etc/sysconfig/openstack-keystone (if available), orthogonal
    to the other init scripts we provide. We're not using this feature
    ATM though
- Default configuration cleanup:
  + Use openstack-utils to set as much default values in the package
    as possible (instead of patch/sed/...). Some may be overwritting
    later on by, .e.g., crowbar
- More useful lograte configuration:
  + Compress
  + Make sure to keep log files for at least 90 days (i.e. rotate 15
    + weekly = 15 weeks).
  + Add size=1M to avoid getting DoS'ed by wild daemons
  + Use copytruncate instead of create+postrotate+sharedscripts to
    avoid a daemon restart

--------------------------------------------------------------------
Mon Feb 18 09:37:31 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1.a138.g5a8682d+git.1361180251.5a8682d:
  + fix unit test when memcache middleware is not configured
  + Fix bugs with set ldap password.
  + Cleaned up keystone-all --help output
  + add missing kvs functionality (bug1119770)
  + remove unneeded config reloading (it's already done during setUp)
  + Update to oslo version code.

-------------------------------------------------------------------
Thu Feb 14 13:27:29 UTC 2013 - iartarisi@suse.com

- Remove unused/upstreamed patches for requests and LDAP scope

--------------------------------------------------------------------
Thu Feb 14 11:38:35 UTC 2013 - iartarisi@suse.cz

- Update keystone-hybrid-backend to fix unit tests
- Update to version 2013.1+git.1360841915.901d079:
  + Fix normalize identity sql ugrade for Mysql and postgresql
  + Sync latest cfg from oslo-incubator
  + Update .coveragerc
  + Query only attributes strictly required for keystone when using it with existing LDAP servers
  + remove duplicate model declaration/attribution
  + import tools/flakes from oslo
  + Expand dependency injection test coverage
  + simplify query building logic
  + Generate apache-style common access logs
  + Add missing log_format, log_file, log_dir opts.
  + allow unauthenticated connections to an LDAP server
  + Missed import for IPv6 tests skip.
  + Spell accommodate correctly.
  + Use install_venv_common.py from oslo.
  + Keystone backend preparation for domain-scoping
  + Fix spelling mistakes
  + Fix test_contrib_s3_core unit test
  + add check for config-dir parameter (bug1101129)
  + don't create a new, copied list in get_project_users
  + Tenant update on LDAP breaks if there is no update to apply
  + adding additional backend tests (bug1101244)

-------------------------------------------------------------------
Tue Feb 12 12:13:21 UTC 2013 - dmueller@suse.com

- add service-endpoints for Quantum

--------------------------------------------------------------------
Mon Feb 11 15:41:59 UTC 2013 - dmueller@suse.com

- Update to version 2013.1+git.1360597319.c05041e:
  + Add --keystone-user/group to keystone-manage pki_setup
  + UserApi.update not to require all fields in arg
  + return 400 Bad Request if invalid params supplied (bug1061738)
  + Relational API links
  + Adds png versions of all svg image files. Changes reference.

-------------------------------------------------------------------
Mon Feb 11 15:41:40 UTC 2013 - dmueller@suse.com

- Remove lp-bug-1031372.patch:
  * Merged upstream

-------------------------------------------------------------------
Thu Feb  7 10:15:55 UTC 2013 - iartarisi@suse.com

- use in-memory database for hybrid backend unit-tests

-------------------------------------------------------------------
Wed Feb  6 16:08:22 UTC 2013 - iartarisi@suse.com

- re-enable hybrid backend

--------------------------------------------------------------------
Wed Feb  6 15:28:28 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1+git.1360164508.8ec247b:
  + Document user group LDAP options
  + Why .pop()'ing urls first is important
  + Imported Translations from Transifex
  + Delete Roles for User and Project LDAP
  + Fixes 'not in' operator usage
  + Add size validations to token controller.

--------------------------------------------------------------------
Mon Feb  4 11:57:14 UTC 2013 - dmueller@suse.com

- Update to version 2013.1+git.1359979034.4722c84:
  + Updates migration 008 to work on PostgreSQL.
  + Create a default domain (bp default-domain)
  + tenant to project in the apis
  + Tenant to Project in Back ends
  + Enable/disable domains (bug 1100145)
  + Readme: use 'doc' directory not 'docs'

-------------------------------------------------------------------
Thu Jan 31 16:46:36 UTC 2013 - dmueller@suse.com

- Add lp-bug-1031372.patch: Rework the way pki_setup is used

-------------------------------------------------------------------
Mon Jan 28 13:26:21 UTC 2013 - saschpe@suse.de

- Add keystone-requests-compat.patch: Compatiblity with requests>=1.0

--------------------------------------------------------------------
Mon Jan 28 12:49:28 UTC 2013 - dmueller@sue.com

- Update to version 2013.1+git.1359377368.56f194a:
  + rename tenant to project in sql
  + Fix pep8 error.

--------------------------------------------------------------------
Wed Jan 23 16:39:37 UTC 2013 - cloud-devel@suse.de

- Update to version 2013.1+git.1358959177.7691276:
  + Limit the size of HTTP requests.

-------------------------------------------------------------------
Wed Jan 23 14:03:35 UTC 2013 - saschpe@suse.de

- Clean up %config(noreplace), only logrotate config and *.conf
  files should be noreplace

-------------------------------------------------------------------
Tue Jan 22 13:30:16 UTC 2013 - dmueller@suse.com

- use pki_setup to setup initial public/private key pair

--------------------------------------------------------------------
Mon Jan 21 09:51:50 UTC 2013 - dmueller@suse.com

- Update to version 2013.1+git.1358761910.8748cfa:
  + Allow running of sql against the live DB.
  + Test that you can undo & re-apply all migrations
  + downgrade user and tenant
  + Auto-detect max SQL migration
  + Safer data migrations
  + Sync base identity Driver defs with SQL driver
  + Fix i18n of string templates.
  + Enhance wsgi to listen on ipv6 address
  + add database string field length check
  + Autoload schema before creating FK's (bug 1098174)
  + Enable exception format checking in the tests.
  + reorder tables for delete

-------------------------------------------------------------------
Wed Jan 16 15:05:54 UTC 2013 - dmueller@suse.com

- copy example ssl cert to the place where keystone expects it
- remove apache2 ssl/wsgi wrapper, keystone can do SSL on its
  own

--------------------------------------------------------------------
Mon Jan 14 15:15:38 UTC 2013 - saschpe@suse.de

- Update to version 2013.1+git.1358172938.ceec5c0:
  + Validated URLs in v2 endpoint creation API
  + Fixes import order nits
  + Cleanup keystoneclient testing requirements
  + Correct spelling errors / typos in test names
  + Keystone server support for user groups
  + Add missing .po files to tarball
  + adds keyring to test-requires
  + Revert "shorten pep8 output"
  + Upgrade WebOb to 1.2.3
  + il8n some strings
  + Imported Translations from Transifex
  + Removed unused variables
  + Removed unused imports
  + Add pyflakes to tox.ini
  + Fix spelling typo
  + shorten pep8 output
  + Driver registry
  + Adding a means to connect back to a pydevd debugger.
  + add in pip requires for requests
  + Split endpoint records in SQL by interface
  + Fix typo s/interalurl/internalurl/
  + module refactoring
  + Test for content-type appropriate 404 (bug 1089987)
  + Imported Translations from Transifex
  + fixing bug 1046862
  + Expand default time delta (bug 1089988)
  + Add tests for contrib.s3.core.
  + Test drivers return HTTP 501 Not Implemented
  + Support non-default role_id_attribute
  + Remove swift auth.
  + Move token controller into keystone.token
  + Import pysqlite2 if sqlite3 is not available.
  + Remove mentions of essex in docs (bug 1085247)
  + Ensure serviceCatalog is list when empty, not dict
  + Adding downgrade steps for migration scripts.
  + Port to argparse based cfg
  + Only 'import *' from 'core' modules
  + use keystone test and change config during setUp
  + Bug 1075090 -- Fixing log messages in python source code to support internationalization.
  + Added documentation for the external auth support
  + check the redirected path on the request, not the response
  + Validate password type (bug 1081861)
  + split identities module into logical parts remove unneeded imports from core
  + Ensure token expiration is maintained (bug 1079216)
  + normalize identity
  + Fixes typo in keystone setup doc
  + Imported Translations from Transifex
  + Stop using cfg's internal implementation details
  + syncing run_tests to match tox
  + Expose auth failure details in debug mode
  + Utilize policy.json by default (bug 1043758)
  + Wrap v3 API with RBAC (bug 1023943)
  + v3 Identity
  + v3 Catalog
  + v3 Policies
  + Import auth_token middleware from keystoneclient
  + Imported Translations from Transifex
  + Refix transient test failures
  + Make the controller addresses configurable.
  + Expose authn/z failure info to API in debug mode
  + Refactor TokenController.authenticate() method.
  + Fix error un fixtures.
  + Ensures User is member of tenant in ec2 validation
  + Properly list tokens with a null tenant
  + Reduce total number of fixtures
  + Provide config file fields for enable users in LDAP backend (bug1067516)
  + populate table check.
  + Run test_keystoneclient_sql in-memory
  + Make tox.ini run pep8 checks on bin.
  + tweaking docs to fix link to wiki Keystone page
  + Various pep8 fixes for keystone.
  + Use the right subprocess based on os monkeypatch
  + Fix transient test failures (bug 1077065, bug 1045962)
  + Rewrite initial migration
  + Fix default port for identity.internalURL
  + Improve feedback on test failure
  + fixes bug 1074172
  + SQL upgrade test.
  + Include 'extra' attributes twice (bug 1076120)
  + Return non-indexed attrs, not 'extra' (bug 1075376)
  + bug 1069945: generate certs for the tests in one place
  + monkeypatch cms Popen
  + HACKING compliance: consistent use of 'except'
  + auth_token hash pki key PKI tokens on hash in memcached when accessed by auth_token middelware
  + key all backends off of hash of pki token.
  + don't import filter_user name, use it from the identity module
  + don't modify the passed in dict to from_dict
  + move hashing user password functions to common/utils
  + ignore .tox directory for pep8 in runtests
  + Imported Translations from Transifex
  + Implements REMOTE_USER authentication support.
  + pin sqlalchemy to 0.7
  + Move 'opentack.context' and 'openstack.params' definitions to keystone.common.wsgi
  + Removes duplicate flag for token_format.
  + Raise exception if openssl stderr indicates one.
  + Ignore keystone.openstack for PEP8
  + Fixed typo in log message
  + Fixes 500 err on authentication for invalid body
  + Enable Deletion of Services with Endpoints
  + Exception.message deprecated in py26 (bug 1070890)
  + Utilize logging instead of print()
  + stop LdapIdentity.create_user from returning the user's password
  + Compare token expiry without seconds
  + Moved SQL backend tests into memory
  + Add trove classifiers for PyPI
  + Adding handling for get user/tenant by name
  + Fixed bug 1068851. Refreshed new crypto for the SSL tests.
  + move filter_user function to keystone.identity.core
  + Fixes response for missing credentials in auth
  + making PKI default token type
  + Fixes Bug 1063852
  + bug 1068674
  + Update common.
  + Extract hardcoded configuration in ldap backend (bug 1052111)
  + Fix Not Found error, when router not match.
  + add --config-dir=DIR  for keystone-all option
  + Add  --config-dir=DIR in OPTIONS
  + Delete role does not delete role assignments in tenants (bug 1057436)
  + replacing PKI token detection from content length to content prefix. (bug 1060389)
  + Document PKI configuration and management
  + Raise if we see incorrect keyword args "condition" or "methods"
  + Filter users in LDAP backend (bug 1052925)
  + Use setup.py develop to insert code into venv.
  + Raise 400 if credentials not provided (bug 1044032)
  + Fix catalog when services have no URL
  + Unparseable endpoint URL's should raise friendly error
  + Configurable actions on LDAP backend in users Active Directory (bug 1052929)
  + Unable to delete tenant if contains roles in LDAP backend (bug 1057407)
  + Replaced underscores with dashes
  + fixes bug 1058429
  + Command line switch for standard threads.
  + Remove run_test.py in favor of stock nose.
  + utf-8 encode user keys in memcache (bug 1056373)
  + Convert database schemas to use utf8 character set.
  + Return a meaningful Error when token_id is missing
  + Backslash continuation cleanup
  + notify calling process we are ready to serve
  + add Swift endpoint in sample data
  + Updated Fix for duplicated entries on LDAP backend for get_tenant_users
  + Fix wsgi config file access for HTTPD
  + Bump version to 2013.1
  + add Quantum endpoint in sample data
  + Add XML namespace support for OSADM service api.
  + Identity API v3 Config, Routers, Controllers
- Updated requirements
- Dropped patches (merged upstream):
  +  keystone-certs-test.patch
  +  keystone-sql-backend-from_dict.patch
  +  keystone-webob-empty-resp-environ.patch
- Dropped FIX-BUILD.patch, we should fix that finally
- Disabled hybrid LDAP backend

-------------------------------------------------------------------
Fri Jan 11 15:39:23 UTC 2013 - iartarisi@suse.com

- revert %setup to also unpack hybrid backend tarball

-------------------------------------------------------------------
Fri Jan 11 15:12:13 UTC 2013 - iartarisi@suse.com

- update and re-enable backend hybrid code:
  * use sample config for testing
  * raise errors in user retrieval code instead of returning None

-------------------------------------------------------------------
Fri Jan 11 11:23:40 UTC 2013 - saschpe@suse.de

- Require WebTest instead of webtest in the test sub-package

-------------------------------------------------------------------
Thu Jan 10 12:52:41 UTC 2013 - saschpe@suse.de

- Add logrotate configuration

-------------------------------------------------------------------
Wed Jan  9 15:36:36 UTC 2013 - bwiedemann@suse.com

- package sample_data.sh for use in quickstart script

--------------------------------------------------------------------
Wed Dec 19 12:40:14 UTC 2012 - saschpe@suse.de

- Move to obs-service-git_tarballs
- Update to version 2012.2.3+git.1355917214.0c8c2a3:
  + Merge commit 'refs/changes/01/17901/1' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom
  + Bump next version to 2012.2.3
  + Ensure serviceCatalog is list when empty, not dict

-------------------------------------------------------------------
Mon Dec 10 23:57:58 UTC 2012 - saschpe@suse.de

- Update to version 2012.2.1+git.1354224563.7869c3e:
  + lp#1064914 Removing user from a tenant isn't invalidating user access to
    tenant
  + lp#1073569 Jenkins jobs fail because of incompatibility between 
    sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1
  + lp#1078497 keystone throws error when removing user from tenant.
  + lp#1060389 Non PKI Tokens longer than 32 characters can never be valid
  + lp#1068851 Openssl tests rely on expired certificate
  + lp#1079216 token expires time incorrect for auth by one token
  + lp#968519  Object reference validation should occur in drivers
  + lp#1068674 Redo part of bp/sql-identiy-pam undone by bug 968519

-------------------------------------------------------------------
Wed Dec  5 09:36:14 UTC 2012 - saschpe@suse.de

- Use @PARENT_TAG@ in _service file to automate versioning

-------------------------------------------------------------------
Mon Dec  3 11:34:01 UTC 2012 - iartarisi@suse.com

- fix unittest failure with ssl certificates

-------------------------------------------------------------------
Fri Nov 30 13:59:57 UTC 2012 - iartarisi@suse.com

- fix unittest failure on our version of webob

-------------------------------------------------------------------
Thu Nov 22 12:35:37 UTC 2012 - iartarisi@suse.com

- fix typo in passlib dependency package name

-------------------------------------------------------------------
Thu Nov 22 10:41:39 UTC 2012 - saschpe@suse.de

- Split of doc package into seperate spec file
- Comment out hybrid_backend parts for now to fix build
- Re-arranged %build section to match other packages
- Removed a whole bunch of unneded build requirements
- Updated requirements for python module and test sub-packages

-------------------------------------------------------------------
Wed Nov 21 12:59:17 UTC 2012 - iartarisi@suse.com

- disable keystone-hybrid-backend source service

-------------------------------------------------------------------
Tue Nov 20 14:50:26 UTC 2012 - iartarisi@suse.com

- Add source service for keystone-hybrid-backend
- Update to latest git (f65604d):
  + Ensures User is member of tenant in ec2 validation

-------------------------------------------------------------------
Thu Nov 15 13:55:59 UTC 2012 - saschpe@suse.de

- Use openstack-macros

-------------------------------------------------------------------
Thu Nov  8 13:50:26 UTC 2012 - saschpe@suse.de

- Fix malformed changes file entries

-------------------------------------------------------------------
Thu Nov  8 13:03:54 UTC 2012 - saschpe@suse.de

- Update to version 2012.2 (Folsom):
  + See https://github.com/openstack/keystone/commits/folsom-3
- Drop the following upstreamed patches:
  + keystone-ldap-no-authentication.patch
  + keystone-log-warn-auth-errors.patch
- Rebased the following patches:
  + keystone-sql-backend-from_dict.patch
  + keystone-hybrid-conf-scope.patch
- BuildRequire python-pam for man-page build
- Install new man-pages keystone-all.1 and keystone-manage.1
- Introduce temporary FIX-BUILD.patch

-------------------------------------------------------------------
Thu Nov  8 11:44:18 UTC 2012 - saschpe@suse.de

- Drop from_vcs build flag

-------------------------------------------------------------------
Wed Oct 31 15:15:16 UTC 2012 - saschpe@suse.de

- Drop temporary fixes for file permissions and attributes in %post
  section. They were necessary only to migrate from pre-1.0 packages.

-------------------------------------------------------------------
Tue Oct 16 11:08:47 CEST 2012 - iartarisi@suse.cz

- patch sql backend's from_dict method to not modify the content of the
  passed in dict (lp:1066851)

-------------------------------------------------------------------
Wed Oct 10 14:56:49 CEST 2012 - iartarisi@suse.cz

 - add hybrid backend test configuration file

-------------------------------------------------------------------
Wed Oct 10 14:10:43 CEST 2012 - iartarisi@suse.cz

 - make user search ldap SCOPE configurable in the hybrid backend

-------------------------------------------------------------------
Mon Oct  8 14:38:58 CEST 2012 - iartarisi@suse.cz

 - fix LDAP bind with dinamically found user DN

-------------------------------------------------------------------
Fri Oct  5 12:46:20 CEST 2012 - iartarisi@suse.cz

 - hybrid backend fixes:
   + use the DN for the user we just signed in to check for password
   + fix invalid user error (bnc#783200)

-------------------------------------------------------------------
Tue Oct  2 13:57:41 CEST 2012 - iartarisi@suse.cz

 - fix checking for SQL user passwords in the hybrid backend bnc#783036

-------------------------------------------------------------------
Mon Oct  1 09:26:15 UTC 2012 - jenkins@suse.de

- Update to latest git (0e1f05e):
  + utf-8 encode user keys in memcache (bug 1056373)

-------------------------------------------------------------------
Wed Sep 26 09:57:47 UTC 2012 - jdsn@suse.de

- make init script start after database (bnc#781798)

-------------------------------------------------------------------
Sun Sep 16 18:24:07 UTC 2012 - jenkins@suse.de

- Update to latest git (176ee9b):
  + Require authz to update user's tenant (bug 1040626)
  + List tokens for memcached backend
  + Delete user tokens after role grant/revoke
  + Limit token revocation to tenant (bug 1050025)

-------------------------------------------------------------------
Wed Sep 12 11:07:31 UTC 2012 - vuntz@suse.com

- Do not use a sed to modify /usr/bin/gensslcert in %post: this
  file belongs to another package, and we actually don't do any
  change with the sed... Fix bnc#779747.

-------------------------------------------------------------------
Mon Sep 10 08:26:18 UTC 2012 - vuntz@suse.com

- Add keystone-fix-revoke.patch: fix revoking of roles to also
  invalidate already existing tokens. Fix bnc#779477,
  CVE-2012-4413.

-------------------------------------------------------------------
Tue Aug 28 21:40:12 UTC 2012 - cthiel@suse.com

- Require authz to update user's tenant (lp#1040626, bnc#777664)

-------------------------------------------------------------------
Fri Aug 24 13:44:39 UTC 2012 - bwiedemann@suse.com

- mark hybrid_config.py as config

-------------------------------------------------------------------
Thu Aug 23 09:08:38 UTC 2012 - jenkins@suse.de

- Update to latest git (a16a0ab):
  + Allow overloading of username and tenant name in the config files.
  + Returning roles from authenticate in ldap backend

-------------------------------------------------------------------
Tue Aug 14 17:40:08 CEST 2012 - iartarisi@suse.cz

- Add hybrid identity backend

-------------------------------------------------------------------
Tue Aug 14 14:22:19 CEST 2012 - iartarisi@suse.cz

- Add patch to log all Unauthorized exceptions (authentication
  failures).  Discussed in bnc#753329.

-------------------------------------------------------------------
Fri Aug 10 22:08:44 UTC 2012 - jenkins@suse.de

- Update to latest git (359c426):
  + Open 2012.1.3 development

-------------------------------------------------------------------
Wed Aug  8 14:12:01 UTC 2012 - jenkins@suse.de

- Update to latest git (afc37ae):
  + Open 2012.1.2 development

-------------------------------------------------------------------
Tue Aug  7 11:53:19 UTC 2012 - bwiedemann@suse.com

- drop executable bit from config file

-------------------------------------------------------------------
Tue Jul 31 22:12:53 UTC 2012 - jenkins@suse.de

- Update to latest git (f65604d):
  + fix variable names to coincide with the ones in common.ldap
  + Import ec2 credentials from old keystone db
  + Raise unauthorized if tenant disabled (bug 988920)

-------------------------------------------------------------------
Tue Jul 31 15:56:43 CEST 2012 - iartarisi@suse.cz

- Remove fix-ldap-varnames patch after being accepted upstream

-------------------------------------------------------------------
Wed Jul 25 11:23:57 UTC 2012 - saschpe@suse.de

- Secure file permissions for Apache SSL certificate files

-------------------------------------------------------------------
Thu Jul 19 20:20:59 UTC 2012 - cthiel@suse.com

- drop keystone-cleanup-user-tenant-deletion.patch, which has been merged
  upstream: https://review.openstack.org/#/c/7482/

-------------------------------------------------------------------
Tue Jul 17 13:02:33 UTC 2012 - saschpe@suse.de

- Fix WSGI app names, use the 'composite' apps to get the correct
  routes mapping

-------------------------------------------------------------------
Tue Jul 17 12:18:32 UTC 2012 - saschpe@suse.de

- Forward keystone WSGI log events to mod_wsgi

-------------------------------------------------------------------
Tue Jul 17 11:05:49 CEST 2012 - iartarisi@suse.cz

- Fix some variable names in the LDAP backend which were causing
  NameErrors
- Don't require authentication for LDAP

-------------------------------------------------------------------
Mon Jul 16 14:22:53 CEST 2012 - iartarisi@suse.cz

- Fix bnc#755426 cleanup dependent data upon user/tenant deletion

-------------------------------------------------------------------
Mon Jul  9 14:50:53 UTC 2012 - saschpe@suse.de

- Provide Apache2 SSL-proxy example configuration based on mod_wsgi
- Provide self-signed SSL certificates to be used for non-production setups
  (like openstack-quickstart)
- Fix /var/lib/keystone permissions to 0755

-------------------------------------------------------------------
Mon Jul  2 12:33:42 UTC 2012 - saschpe@suse.de

- Drop runtime requirement on openstack-glance
- Change requirement for openstack-swift to python-swift, keystone
  only seems to use it in the S3-compatibility code
- Change requirement for openstack-nova to python-nova, keystone
  only seems to use it in the EC2-compatibility code

-------------------------------------------------------------------
Wed Jun 27 10:29:24 UTC 2012 - saschpe@suse.de

- Change versioning scheme to $release+git.$AUTHORDATE.$COMMITREV
- Simplify from_vcs macros

-------------------------------------------------------------------
Wed Jun 27 10:35:56 CEST 2012 - vuntz@suse.com

- Really drop unused disable-tests.patch: not needed anymore.

-------------------------------------------------------------------
Tue Jun 26 12:23:35 UTC 2012 - saschpe@suse.de

- Consistent package summaries
- Use upstream description and correct URL
- Macro cleanup:
  + Package is noarch except for SLE-11
  + No need to redefine %_initddir, SLE-11 works correctly

-------------------------------------------------------------------
Mon Jun 25 12:49:58 UTC 2012 - saschpe@suse.de

- Also install documentation and manpage when build
- No need for "fixing" the %_initddir macro

-------------------------------------------------------------------
Tue Jun 12 10:48:49 UTC 2012 - saschpe@suse.de

- Use 'openstack-keystone' system user instead of 'keystone'

-------------------------------------------------------------------
Wed Jun  6 13:22:43 UTC 2012 - saschpe@suse.de

- Add %restart_on_update to %post section for openstack-keystone
  (daemons should be restarted after package update)
- Fix some rpmlint warnings
- Added rpmlintrc for non-issues

-------------------------------------------------------------------
Thu May 24 10:36:40 MDT 2012 - jfehlig@suse.com

- Add 'Requires: python >= 2.6.8' to openstack-keystone and
  python-keystone subpackage

-------------------------------------------------------------------
Thu Mar 29 09:11:01 UTC 2012 - bwiedemann@suse.com

- use latest upstream default_catalog.templates to fix nova-volume problems

-------------------------------------------------------------------
Tue Feb 14 18:22:37 UTC 2012 - bwiedemann@suse.com

- run as keystone user

-------------------------------------------------------------------
Wed Feb  8 12:59:05 UTC 2012 - rhafer@suse.de

- Updated to the lastest git checkout

-------------------------------------------------------------------
Thu Jan 26 12:51:28 UTC 2012 - rhafer@suse.de

- Fixed try-restart implementation in init-script

-------------------------------------------------------------------
Thu Jan 26 10:25:09 UTC 2012 - rhafer@suse.de

- Fixed init script dependencies

-------------------------------------------------------------------
Thu Jan 26 10:12:27 UTC 2012 - rhafer@suse.de

- removed no longer needed workaround for lp#921054
- patch for lp#921634 is upstreamed
- refreshed config file patch

-------------------------------------------------------------------
Tue Jan 24 16:37:58 UTC 2012 - rhafer@suse.de

- Added workaround for doc/, examples/ and tools/ dirs showing up
  in site-packages/
  (https://bugs.launchpad.net/keystone/+bug/921054)
- Include examples into the -doc subpackage

-------------------------------------------------------------------
Tue Jan 24 14:14:02 UTC 2012 - rhafer@suse.de

- cleaned up more dependencies

-------------------------------------------------------------------
Mon Jan 23 15:46:33 UTC 2012 - rhafer@suse.de

- run testsuite during build

-------------------------------------------------------------------
Fri Jan 20 14:51:35 UTC 2012 - rhafer@suse.de

- Updated to today's git snapshot
- Removed some unneeded conditionals
- Updated dependencies

-------------------------------------------------------------------
Mon Jan 16 16:03:20 UTC 2012 - prusnak@opensuse.org

- fix initscript scriptlets

-------------------------------------------------------------------
Tue Jan 10 13:38:58 UTC 2012 - bwiedemann@suse.com

- use spdx.org License name Apache-2.0

-------------------------------------------------------------------
Tue Dec 13 15:31:49 UTC 2011 - mlin@suse.com

- Enabled build from git
- Removed unnecessary dependencies
- Separate python-keystone 
- Fix rpmlint warning
- Enabled build for Fedora

-------------------------------------------------------------------
Mon Dec  5 11:27:09 UTC 2011 - prusnak@opensuse.org

- added preun and postun sections to handle initscripts

-------------------------------------------------------------------
Mon Dec  5 11:16:58 UTC 2011 - prusnak@opensuse.org

- spec cleanup

openSUSE Build Service is sponsored by