|
| 1 | +Swift3 (1.12) |
| 2 | + * Stop using client accessible header for cross-middleware communication |
| 3 | + - Older swift3 using common HTTP header to communicate with auth middleware for |
| 4 | + Swift. Now, the auth information is in wsgi env variable to prevent the header |
| 5 | + from being passed by clients. This change closes a significant bug. See |
| 6 | + https://bugs.launchpad.net/swift3/+bug/1561199 in detail. |
| 7 | + - Plus, improve the auth middleware pipeline communication to let the auth middleware |
| 8 | + just call check_signature func with the user's secret. |
| 9 | + |
| 10 | + UpgradeInpact: |
| 11 | + - If you're using tempauth, you need to upgrade your swift to later than 2.14.0. |
| 12 | + - If you're using custom authentication middleware, you have to modify your middleware |
| 13 | + to use auth information from wsgi environ variable. The reference change is |
| 14 | + https://github.com/openstack/swift/commit/f3ef616dc6a2c4987c952b31232fa3bbb5bc6801. |
| 15 | + |
| 16 | + * Various improvement for auth mechanism in s3_token |
| 17 | + - Following a pipeline change, only contact Keystone once per client request. |
| 18 | + - If ONLY using the S3 API, kesytonemiddleware.auth_token is no longer required. |
| 19 | + - IPv6 format for keystone host is supported |
| 20 | + - http_timeout option and delay_auth_decision option are supported. Those options |
| 21 | + allows other auth middlewares to continue serving requests even when either Keystone |
| 22 | + is down or rejects the request. |
| 23 | + |
| 24 | + * ceph/s3api testing is supported as tox environment |
| 25 | + |
| 26 | + * Add minimum segment size option for multipart upload is supported in swift3 config |
| 27 | + |
| 28 | + * Fix some error response codes and messages to fit actual S3 response |
| 29 | + |
| 30 | + * Other minor bug fixes and various improvements |
| 31 | + |
1 | 32 | Swift3 (1.11) |
2 | 33 |
|
3 | 34 | * Amazon S3 Signature V4 support |
|
0 commit comments