[Openstack-security] [openstack/cinder] SecurityImpact review request change I4537bae181fb61a610612e6579d516b3cb7123c5
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Sat Feb 22 20:13:02 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/75647
Log:
commit 29d95ec885d905215a87b889b119ae82719e95cf
Author: Daniel Gollub <d.gollub at telekom.de>
Date: Sat Feb 22 20:41:44 2014 +0100
Replace HTTPSConnection in solidfire driver
Replace HTTPSConnection in solidfire driver with Requests.
This introduces additional configuration options to specific a custom
CA file, in case the used certificate is not covered by the system CAs.
As well as an option to disable SSL verification of HTTPS connections.
SSL Verification is from now on enabled by default.
This changes the default behaviour and is the primary intention of this
change: verify SSL certificates.
This might break existing configuration/setups where the SSL certificate
used by the SAN would not pass the verification.
SecurityImpact
DocImpact
Partial-Bug: 1188189
Change-Id: I4537bae181fb61a610612e6579d516b3cb7123c5
More information about the Openstack-security
mailing list