OpenStack Identity (keystone)

  1. Bug #1188189
  2. Comment #3

Comment 3 for bug 1188189

Revision history for this message
Thierry Carrez (ttx) wrote : Re: Potentially insecure use of httplib.HTTPSConnection

So, for Keystone:
* keystone/common/bufferedhttp.py is apparently used nowhere ?
* keystone/middleware/{s3,ec2}_token.py seem to use HTTPSConnection for a server-to-server request (in most cases connecting to the same host)

I suspect most of the others will be in the same case (servers making HTTPS connections to other local servers) so the MiM risk is limited. To give another data point, most Swift internal server-to-server communications are not even encrypted.