[Openstack-security] [openstack/nova] SecurityImpact review request change I8e46d41164e9478b820cad569ba82f25de244620
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Fri Sep 26 06:14:19 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/124296
Log:
commit ecfbc4806deaecb005a6d7f4e848a01dc2c5021d
Author: melanie witt <melwitt at yahoo-inc.com>
Date: Fri Sep 26 05:15:16 2014 +0000
replace httplib.HTTPSConnection in EC2KeystoneAuth
httplib.HTTPSConnection is known to not verify SSL certificates
in Python 2.x. This change replaces use of httplib.HTTPSConnection
with the requests module. It also adds some config settings related
to SSL verification: keystone_ec2_keyfile, keystone_ec2_certfile,
keystone_ec2_cafile, keystone_ec2_insecure. By default, SSL
verification is on, but can be disabled by setting:
keystone_ec2_insecure=true
This patch is based on the keystone middleware ec2 token patch:
https://review.openstack.org/#/c/76476
SecurityImpact
DocImpact
Closes-Bug: #1373992
Change-Id: I8e46d41164e9478b820cad569ba82f25de244620
More information about the Openstack-security
mailing list