[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie524125dc5f6f1076bfd47db3a414b178e4dac80
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Apr 8 23:40:42 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/80398
Log:
commit 7287a25d38933fb57f9d3647f6ffb6ee1ee492a8
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Thu Mar 13 15:38:34 2014 -0500
Support token hash algorithm
PKI Tokens were always hashed with MD5. This change allows
tokens to be hashed with SHA256 or any other algorithm
supported by hashlib. This is for security hardening.
If the token metadata contains 'hash_algorithm' then that
will be used as the hash algorithm. For backwards
compatibility if the token metadata doesn't contain a
hash algorithm then MD5 is used.
SecurityImpact
DocImpact
Closes-Bug: #1174499
Change-Id: Ie524125dc5f6f1076bfd47db3a414b178e4dac80
More information about the Openstack-security
mailing list