[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Sep 23 07:49:09 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/117372
Log:
commit e0f352dc7931d6d4e565de16814d126992f2182c
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Aug 27 17:53:41 2014 -0500
token signing support alternative message digest
The functions for creating signed tokens in common.cms always used
sha256 for the message digest. This might be inadequate in the future
so the digest algorithm shouldn't be hard-coded. A parameter is added
to allow choosing a different digest algorithm.
SecurityImpact
Change-Id: Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
Related-Bug: #1362343
More information about the Openstack-security
mailing list