[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Thu Aug 28 20:56:58 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/117372
Log:
commit 4996c6de6730e7227cbd5a2de4a9707a56294965
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Aug 27 17:53:41 2014 -0500
token signing support alternative message digest
The functions for creating signed tokens in common.cms always used
sha256 for the message digest. This might be inadequate in the future
so the digest algorithm shouldn't be hard-coded. A parameter is added
to allow choosing a different digest algorithm.
SecurityImpact
Change-Id: Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
Related-Bug: #1362343
More information about the Openstack-security
mailing list