Mask hashed password in VIM response for VIM CRUD APIs
Bug #1594495 reported by
Sripriya
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tacker |
Fix Released
|
Medium
|
Anshu Kumar | ||
Bug Description
VIM REST APIs response contain hashed password in responses similar to [1]. This is not secure and hence needs to masked before sending the response.
Once the server response is fixed, the existing mask_dict_password call in client is unnecessary and should be removed. [2] [3]
[1] "gAAAAABXY0JVWz
[2] https:/
[3] https:/
| description: | updated |
| Changed in tacker: | |
| assignee: | nobody → Anshu Kumar (anshu-choubey) |
| Changed in tacker: | |
| importance: | Undecided → Medium |
| Changed in tacker: | |
| status: | New → Confirmed |
Revision history for this message
| Anshu Kumar (anshu-choubey) wrote | #1 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to tacker (master) | #2 |
| Changed in tacker: | |
| status: | Confirmed → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to tacker (master) | #3 |
| Changed in tacker: | |
| status: | In Progress → Fix Released |
Revision history for this message
| Davanum Srinivas (DIMS) (dims-v) wrote Fix included in openstack/python-tackerclient 0.5.0 | #4 |
Revision history for this message
| Doug Hellmann (doug-hellmann) wrote Fix included in openstack/tacker 0.4.0 | #5 |
To post a comment you must log in.
Following patch by Kawaguchi Kentaro aims at removing the masking logic from python-
https:/