6c76392b62
MD5 hash, is no longer considered sufficient in security contexts,
as it is susceptible to collisions.[0][1][2]
Since Glance offers multiple hashing algorithms and all other uses
of the function are internal to the tripleoclient, the call can be replaced.
Function is now able to work with multiple hash algorithms,
provided their names are known to python hashlib and specified as compliant
in the tripleoclient constants.
Tests were adjusted to work with new hash algorithm,
and expanded to one compliant, and one non-compliant, alternative.
Docstrings now describe where is the information about image coming from.
In order to simplify potential future work on the related functionality.
[0] - https://csrc.nist.gov/projects/hash-functions
[1] - https://csrc.nist.gov/publications/detail/fips/180/4/final
[2] - https://www.win.tue.nl/~bdeweger/CollidingCertificates/
Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
Change-Id: Iee5184755365d94f3b85073ed689079966c8bfcc
(cherry picked from commit
|
||
---|---|---|
config-generator | ||
doc | ||
releasenotes | ||
templates/ephemeral-heat | ||
tripleoclient | ||
zuul.d | ||
.coveragerc | ||
.gitignore | ||
.gitreview | ||
.mailmap | ||
.pre-commit-config.yaml | ||
.pylintrc | ||
.stestr.conf | ||
CONTRIBUTING.rst | ||
LICENSE | ||
README.rst | ||
bindep.txt | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
About tripleoclient
General information
tripleoclient is an OpenStackClient (OSC) plugin implementation that implements commands useful for TripleO and the install and management of both an undercloud and an overcloud.
See the TripleO Documentation for details on using tripleoclient.
See the Release Notes