[openstack-dev] [requirements] pycrypto is dead, long live pycryptodome... or cryptography...

Brian Rosmaita rosmaita.fossdev at gmail.com
Wed Mar 29 14:56:41 UTC 2017


On 3/8/17 2:03 PM, Matthew Thode wrote:
> So, pycrypto upstream is dead and has been for a while, we should look
> at moving off of it for both bugfix and security reasons.
> 
> Currently it's used by the following.
> 
> barbican, cinder, trove, glance, heat, keystoneauth, keystonemiddleware,
> kolla, openstack-ansible, and a couple of other smaller places.

[snip]

> I'd be interested in hearing about migration plans, especially from the
> affected projects.

Glance report:
- pycrypto isn't used in glance_store or python-glanceclient
- Glance already uses cryptography for image-signature verification, so
our path will be to migrate from pycrypto -> cryptography
- I've got a patch up for this: https://review.openstack.org/#/c/449401/

cheers,
brian




More information about the OpenStack-dev mailing list