Open Stack

Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/148587

Log:
commit 9b0f3cd25c1b9fc9a71b4bccf14b21d9d894be23
Author: jfwood <john.wood at rackspace.com>
Date:   Tue Jan 20 08:52:17 2015 -0600

    Support concurrent updates on the orders API resource
    
    Currently if a PUT request is made to an existing orders resource, the
    updated order metadata is sent as an argument to an enqueued RPC task
    to worker nodes. If subsequent PUT requests are made to the same order,
    multiple RPC tasks will be enqueued and potentially processed by
    multiple worker nodes. Hence the sequence of processing these RPC tasks
    is not guaranteed to be the same as the PUT requests were received.
    This blueprint seeks to avoid this race condition. A motivation for
    this feature is to support reliably updating SSL certificate orders 'in
    flight', say to correct a contact email address. Another benefit is
    limiting the amount of updates that can be made to a given order,
    reducing the possibility of a denial of service attack via the orders
    resource.
    
    Change-Id: Ic5db6ed73310b951d73e7f2fe0cbc17711966038
    Implements: blueprint api-orders-support-concurrent-updates
    APIImpact: Adds 400 response if too many PUT requests to same order
    SecurityImpact: Should help mitigate DoS attack on order via PUTs
    DocImpact: Update orders resource doc to mention 400 response