Comment 9 for bug 1619675

The log file in message #3 above shows that the response to the GET he made does not contain the Content-MD5 header, but the response did return the image data (once you see the GET, the 40,000+ lines after that are the image itself--I'm working on a KSA fix so it won't log that). That was logged inside keystoneauth and before the data was touched by OpenStack SDK..

If it's documented to return the Content-MD5 header but we don't always get this header, we can do two things: fail the download with some exception because we can't trust that the content we got back is what was expected (this is bad), or just don't check for the Content-MD5 header at all (this is also bad).