openstack/python-cinderclient
Code Issues Proposed changes

Change cache uniqifier from using md5 to sha-1

Browse Source 
FIPS 140-2 does not allow MD5 use for most purposes and systems
in "FIPS mode" (fips=1 kernel flag) will cause software using
MD5 from popular libraries to fail.

Also change the default cache dir to use ~/.cache/

Change-Id: I6f653f10249992196abb04e05c54df5fb244b182
This commit is contained in:
Joshua Cornutt
2018-11-05 18:53:02 -05:00
committed by Eric Harney
parent 7cb50b4c4a
commit 4cf62cf31f
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cinderclient/base.py
View File

@@ -261,13 +261,13 @@ class Manager(common_base.HookableMixin):
often enough to keep the cache reasonably up-to-date. often enough to keep the cache reasonably up-to-date.
""" """
base_dir = utils.env('CINDERCLIENT_UUID_CACHE_DIR', base_dir = utils.env('CINDERCLIENT_UUID_CACHE_DIR',
default="~/.cinderclient") default="~/.cache/cinderclient")
# NOTE(sirp): Keep separate UUID caches for each username + endpoint # NOTE(sirp): Keep separate UUID caches for each username + endpoint
# pair # pair
username = utils.env('OS_USERNAME', 'CINDER_USERNAME') username = utils.env('OS_USERNAME', 'CINDER_USERNAME')
url = utils.env('OS_URL', 'CINDER_URL') url = utils.env('OS_URL', 'CINDER_URL')
uniqifier = hashlib.md5(username.encode('utf-8') + uniqifier = hashlib.sha1(username.encode('utf-8') +
url.encode('utf-8')).hexdigest() url.encode('utf-8')).hexdigest()
cache_dir = os.path.expanduser(os.path.join(base_dir, uniqifier)) cache_dir = os.path.expanduser(os.path.join(base_dir, uniqifier))