[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Sep 24 16:01:22 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/117372
Log:
commit 554152e2fee926b1f99bb3eb9873adb684da3fc6
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Aug 27 17:53:41 2014 -0500
token signing support alternative message digest
The functions for creating signed tokens in common.cms always used
sha256 for the message digest. This might be inadequate in the future
so the digest algorithm shouldn't be hard-coded. A parameter is added
to allow choosing a different digest algorithm.
SecurityImpact
Change-Id: Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
Related-Bug: #1362343
More information about the Openstack-security
mailing list