[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie524125dc5f6f1076bfd47db3a414b178e4dac80
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Apr 9 00:55:48 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/80398
Log:
commit 5a030ef5b8515b2ea1e64a5d56c8c53dfd3ec64a
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Tue Apr 8 19:51:49 2014 -0500
Support token hash algorithm
PKI Tokens were always hashed with MD5. This change allows
tokens to be hashed with SHA256 or any other algorithm
supported by hashlib. This is for security hardening.
If the token metadata contains 'hash_algorithm' then that
will be used as the hash algorithm. For backwards
compatibility if the token metadata doesn't contain a
hash algorithm then MD5 is used.
SecurityImpact
DocImpact
Closes-Bug: #1174499
Change-Id: Ie524125dc5f6f1076bfd47db3a414b178e4dac80
More information about the Openstack-security
mailing list