FWIW Keystone uses a slightly more comprehensive approach than the proposed patch -
https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/middleware/memcache_crypt.py#L88
We should probably at least fall back to hmac.compare_digest if it is available.
FWIW Keystone uses a slightly more comprehensive approach than the proposed patch -
https:/ /github. com/openstack/ python- keystoneclient/ blob/master/ keystoneclient/ middleware/ memcache_ crypt.py# L88
We should probably at least fall back to hmac.compare_digest if it is available.