Comment 28 for bug 1490804
Revision history for this message
| Adam Young (ayoung) wrote Re: PKI Token Revocation Bypass | #28 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
This patch is probably the apparoach we need to take; it changes the logic of generating a token_id from hashing the whole body of the token to hashing the data, same way that the signing algorithm does.
The patch will not yet pass unit tests.
Django OpenStack Auth needs to be modified to call this function in keystoneclient instead of doing their own hashing.