| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The environment module will be configured once, during code initialization.
Subsequently all other possibly-evented modules will retrieve from
environment and transparently obtain either the eventlet or standard
library modules.
If eventlet, httplib, subprocess or other environment dependant module
is referenced outside of the environment module it should be considered
a bug.
The changes to tests are required to ensure that test is imported first
to setup the environment. Hopefully these can all be replaced with an
__init__.py in a post-nose keystone.
Implements: blueprint extract-eventlet
Change-Id: Icacd6f2ee0906ac5d303777c1f87a184f38283bf
|
|
|
|
|
|
|
|
| |
Fixes bug #1020182
Reorder imports of modules in keystone/tests.
Change-Id: I2ff61dd3d9486281b4a2a889e4dc8b9105c87d49
|
|
|
|
|
|
|
|
|
|
|
| |
Implements blueprint use-common-timeutils
1. Edit openstack-common.conf and import keystone/openstack/common/timeutils.py
2. Replace datetime.utcnow with timeutils.utcnow
3. Replace utils.isotime with timeutils.isotime
4. Remove utils.isotime in common/utils.py and datetime related unittest
Change-Id: I4f5a63a368fde8787a0dc0a817c940de685b9ca2
|
|
|
|
|
|
|
|
|
| |
Updates to keystone password hashing and checking functions so
that a max password length is enforced.
Fixes LP Bug #959288.
Change-Id: Id3048f3c916e92c59ac5b063d09c3d612d51c97c
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is to improve auth_str_equal() a bit. The whole point of
this function is to do a string comparison in constant time to help
protect against timing attacks. The original implementation had a bit
of a silly property in that it would exit early if the strings were not
of the same length. This would theoretically still allow someone to
discover the proper length of a password.
This patch moves the length verification to the end. It also makes it
so the main loop time to run is a function of the provided password
length instead of the length of the shorter of the two strings.
Change-Id: I6dbe076818b7e3e8a313544ebd5c5734b5a025e5
|
|
|
|
|
|
|
|
|
| |
Fix bug 942644.
Use constant time string comparisons when doing authentication to help
guard against timing attacks.
Change-Id: I5fa5c8f07e57201e129903f71b3dea19071cac5e
|
|
|
|
|
|
| |
Fixes bug 932819
Change-Id: I58e0c2ad704e2e8ff1924a01791694a5e02a154b
|
|
|
|
|
|
|
| |
* Config option token.expiration defines amount of time tokens should be valid
* Fixes bug 928545
Change-Id: I3dff7a1ebf03bb44fc6e5247f976baea0581de08
|
|
If the password has a unicode character in it, bcrypt breaks. So encode it using utf-8. utf-8 should mean that existing hashes still work.
Change-Id: I4f9f3b636c8728234ada87de62d22bed2ff8eb60
|