openstack/deb-keystone
Code Issues Proposed changes
3dd0c24edf
deb-keystone/keystone/contrib
History
Matthieu Huin fd02a9c3d0 More random values for oAuth1 verifier 
The oAuth1 verifier was generated as a random number ranging from
1000 to 9999. This small range of numbers is vulnerable to
brute-force attacks as described in CWE-330. The verifier is now
a 8-character long alphanumerical string, a good compromise between
security against guessing and ease of use.

SecurityImpact
Change-Id: Ibe4a2e57a02c261d85ba6c0d61696f134c54443e
Closes-Bug: #1236675
2014-04-30 17:10:53 +02:00
..
access Safer noqa handling 2014-03-27 18:52:07 -05:00
admin_crud Safer noqa handling 2014-03-27 18:52:07 -05:00
ec2 Safer noqa handling 2014-03-27 18:52:07 -05:00
endpoint_filter Remove legacy_endpoint_id and enabled from service catalog 2014-04-04 10:39:13 -05:00
example Uses explicit imports for _ 2014-03-18 01:23:21 -07:00
federation Redundant unique constraint 2014-04-29 16:13:56 +03:00
oauth1 More random values for oAuth1 verifier 2014-04-30 17:10:53 +02:00
revoke Merge "Safer noqa handling" 2014-03-29 00:42:23 +00:00
s3 Safer noqa handling 2014-03-27 18:52:07 -05:00
simple_cert Safer noqa handling 2014-03-27 18:52:07 -05:00
stats Safer noqa handling 2014-03-27 18:52:07 -05:00
user_crud Safer noqa handling 2014-03-27 18:52:07 -05:00
__init__.py establish basic structure 2012-01-18 20:06:27 -08:00