From 9ebbcac6f88eb28d3ec9eef45776ca27a33baf59 Mon Sep 17 00:00:00 2001 From: Steve Martinelli Date: Fri, 11 Dec 2015 02:22:08 -0500 Subject: [PATCH] Deprecate `hash_algorithm` config option The PKI and PKIz drivers are now deprecated, but one of the config options that only works for PKI has not been deprecated. implements bp: deprecated-as-of-mitaka Change-Id: I55d5fb2a2678dccd8638b0460921ba6f8e76da6a --- keystone/common/config.py | 4 ++++ .../notes/deprecated-as-of-mitaka-8534e43fa40c1d09.yaml | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/keystone/common/config.py b/keystone/common/config.py index 9ca3493090..3663d58bfb 100644 --- a/keystone/common/config.py +++ b/keystone/common/config.py @@ -295,6 +295,10 @@ FILE_OPTIONS = { 'allow_rescoped_scoped_token to false prevents a user ' 'from exchanging a scoped token for any other token.'), cfg.StrOpt('hash_algorithm', default='md5', + deprecated_for_removal=True, + deprecated_reason='PKI token support has been deprecated ' + 'in the M release and will be removed ' + 'in the O release.', help='The hash algorithm to use for PKI tokens. This can ' 'be set to any algorithm that hashlib supports. ' 'WARNING: Before changing this value, the auth_token ' diff --git a/releasenotes/notes/deprecated-as-of-mitaka-8534e43fa40c1d09.yaml b/releasenotes/notes/deprecated-as-of-mitaka-8534e43fa40c1d09.yaml index fe9d9fe77b..9de697a826 100644 --- a/releasenotes/notes/deprecated-as-of-mitaka-8534e43fa40c1d09.yaml +++ b/releasenotes/notes/deprecated-as-of-mitaka-8534e43fa40c1d09.yaml @@ -3,4 +3,6 @@ deprecations: - > [`blueprint deprecated-as-of-mitaka `_] As of the Mitaka release, the PKI and PKIz token formats have been - deprecated. They will be removed in the 'O' release. + deprecated. They will be removed in the 'O' release. Due to this change, + the ``hash_algorithm`` option in the ``[token]`` section of the + configuration file has also been deprecated.