[Openstack-security] [openstack/nova] SecurityImpact review request change I8e46d41164e9478b820cad569ba82f25de244620
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Mon Dec 8 19:21:18 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/124296
Log:
commit cff14b3763df7515405552b56e96f11765c56c74
Author: melanie witt <melwitt at yahoo-inc.com>
Date: Fri Sep 26 05:15:16 2014 +0000
replace httplib.HTTPSConnection in EC2KeystoneAuth
httplib.HTTPSConnection is known to not verify SSL certificates
in Python 2.x. This change replaces use of httplib.HTTPSConnection
with the requests module. It imports config settings related to SSL
verification: ssl.key_file, ssl.cert_file, and ssl.ca_file. It also
adds one config setting: keystone_ec2_insecure. By default, SSL
verification is on, but can be disabled by setting:
keystone_ec2_insecure=true
This patch is based on the keystone middleware ec2 token patch:
https://review.openstack.org/#/c/76476
SecurityImpact
DocImpact
Closes-Bug: #1373992
Change-Id: I8e46d41164e9478b820cad569ba82f25de244620
More information about the Openstack-security
mailing list