[Openstack-security] [openstack/python-keystoneclient] SecurityImpact review request change Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Thu Aug 28 21:02:03 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/117372
Log:
commit 1966cc2674d508effa6bc1fe1d3b93ea74f4f172
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Aug 27 17:53:41 2014 -0500
token signing support alternative message digest
The functions for creating signed tokens in common.cms always used
sha256 for the message digest. This might be inadequate in the future
so the digest algorithm shouldn't be hard-coded. A parameter is added
to allow choosing a different digest algorithm.
SecurityImpact
Change-Id: Ie19d093d0494443ce4cd880ae1f92dffd5c361ef
Related-Bug: #1362343
More information about the Openstack-security
mailing list