[Openstack-security] [openstack/keystone] SecurityImpact review request change I774170ff1649bd3b55c6849ed07824bcddecea75
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Thu Jun 12 17:04:16 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/99715
Log:
commit a421b44224a3a7a5ffcdd8537079e481087cbfca
Author: Morgan Fainberg <morgan.fainberg at gmail.com>
Date: Thu Jun 12 09:54:00 2014 -0700
SHA1 is not valid for CMS hashing
SHA1 is not a valid target for CMS hashing since it is being used
to obscure the tokens in the debug output of the keystoneclient
session object. This is to prevent a case where the debug output
could contain a valid token.
This change is to match with the Keystoneclient change:
https://review.openstack.org/#/c/99432/
Sample config has also been updated.
SecurityImpact
Change-Id: I774170ff1649bd3b55c6849ed07824bcddecea75
More information about the Openstack-security
mailing list