Reviewed: https://review.openstack.org/90251 Committed: https://git.openstack.org/cgit/openstack/python-keystoneclient/commit/?id=bef7f497f0fdcb7d9f529c8b0a811d79b4465f3a Submitter: Jenkins Branch: master commit bef7f497f0fdcb7d9f529c8b0a811d79b4465f3a Author: Brant Knudson <bknudson at us.ibm.com> Date: Thu Apr 24 18:29:07 2014 -0500 Enhance tests for auth_token middleware There was code in _verify_uuid_token that was not covered by unit tests. This change increases the coverage. Change-Id: I63e171a0a8e63ae599c967adc9ff09670063b807 Related-Bug: #1174499 -- You received this bug notification because you are a member of OpenStack Security Group, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1174499 Title: Keystone token hashing is MD5 Status in OpenStack Dashboard (Horizon): New Status in OpenStack Identity (Keystone): Fix Committed Status in OpenStack API documentation site: Confirmed Status in Python client library for Keystone: In Progress Bug description: https://github.com/openstack/python- keystoneclient/blob/master/keystoneclient/common/cms.py def cms_hash_token(token_id): """ return: for ans1_token, returns the hash of the passed in token otherwise, returns what it was passed in. """ if token_id is None: return None if is_ans1_token(token_id): hasher = hashlib.md5() hasher.update(token_id) return hasher.hexdigest() else: return token_id MD5 is a deprecated mechanism, it should be replaces with at least SHA1, if not SHA256. Keystone should be able to support multiple Hash types, and the auth_token middleware should query Keystone to find out which type is in use. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1174499/+subscriptions